mirror of
https://github.com/openssl/openssl.git
synced 2025-01-24 13:55:42 +08:00
aes: avoid accessing key length field directly
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17543)
This commit is contained in:
parent
d5f9166bac
commit
80ce874a09
@ -146,20 +146,21 @@ static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
{
|
{
|
||||||
int ret, mode;
|
int ret, mode;
|
||||||
EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
|
EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
mode = EVP_CIPHER_CTX_get_mode(ctx);
|
mode = EVP_CIPHER_CTX_get_mode(ctx);
|
||||||
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
|
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
|
||||||
&& !enc) {
|
&& !enc) {
|
||||||
ret = aesni_set_decrypt_key(key,
|
ret = aesni_set_decrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) aesni_decrypt;
|
dat->block = (block128_f) aesni_decrypt;
|
||||||
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
||||||
(cbc128_f) aesni_cbc_encrypt : NULL;
|
(cbc128_f) aesni_cbc_encrypt : NULL;
|
||||||
} else {
|
} else {
|
||||||
ret = aesni_set_encrypt_key(key,
|
ret = aesni_set_encrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) aesni_encrypt;
|
dat->block = (block128_f) aesni_encrypt;
|
||||||
if (mode == EVP_CIPH_CBC_MODE)
|
if (mode == EVP_CIPH_CBC_MODE)
|
||||||
dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt;
|
dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt;
|
||||||
@ -223,12 +224,19 @@ static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
|
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX, ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (key) {
|
if (key) {
|
||||||
aesni_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
&gctx->ks.ks);
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
aesni_set_encrypt_key(key, keylen, &gctx->ks.ks);
|
||||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aesni_encrypt);
|
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aesni_encrypt);
|
||||||
gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
|
gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
|
||||||
/*
|
/*
|
||||||
@ -262,14 +270,19 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
{
|
{
|
||||||
EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
|
EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
|
||||||
|
|
||||||
if (!iv && !key)
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (key) {
|
if (key) {
|
||||||
/* The key is two half length keys in reality */
|
/* The key is two half length keys in reality */
|
||||||
const int bytes = EVP_CIPHER_CTX_get_key_length(ctx) / 2;
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
const int bytes = keylen / 2;
|
||||||
const int bits = bytes * 8;
|
const int bits = bytes * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
* Verify that the two keys are different.
|
* Verify that the two keys are different.
|
||||||
*
|
*
|
||||||
@ -315,11 +328,18 @@ static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx);
|
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
|
||||||
aesni_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
if (key != NULL) {
|
||||||
&cctx->ks.ks);
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
aesni_set_encrypt_key(key, keylen, &cctx->ks.ks);
|
||||||
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
||||||
&cctx->ks, (block128_f) aesni_encrypt);
|
&cctx->ks, (block128_f) aesni_encrypt);
|
||||||
cctx->str = enc ? (ccm128_f) aesni_ccm64_encrypt_blocks :
|
cctx->str = enc ? (ccm128_f) aesni_ccm64_encrypt_blocks :
|
||||||
@ -342,19 +362,25 @@ static int aesni_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx);
|
EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
|
||||||
|
if (key != NULL) {
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
do {
|
do {
|
||||||
/*
|
/*
|
||||||
* We set both the encrypt and decrypt key here because decrypt
|
* We set both the encrypt and decrypt key here because decrypt
|
||||||
* needs both. We could possibly optimise to remove setting the
|
* needs both. We could possibly optimise to remove setting the
|
||||||
* decrypt for an encryption operation.
|
* decrypt for an encryption operation.
|
||||||
*/
|
*/
|
||||||
aesni_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
aesni_set_encrypt_key(key, keylen, &octx->ksenc.ks);
|
||||||
&octx->ksenc.ks);
|
aesni_set_decrypt_key(key, keylen, &octx->ksdec.ks);
|
||||||
aesni_set_decrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&octx->ksdec.ks);
|
|
||||||
if (!CRYPTO_ocb128_init(&octx->ocb,
|
if (!CRYPTO_ocb128_init(&octx->ocb,
|
||||||
&octx->ksenc.ks, &octx->ksdec.ks,
|
&octx->ksenc.ks, &octx->ksdec.ks,
|
||||||
(block128_f) aesni_encrypt,
|
(block128_f) aesni_encrypt,
|
||||||
@ -452,6 +478,10 @@ static int aes_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
|
|
||||||
mode = EVP_CIPHER_CTX_get_mode(ctx);
|
mode = EVP_CIPHER_CTX_get_mode(ctx);
|
||||||
bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
if (bits <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
|
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
|
||||||
&& !enc) {
|
&& !enc) {
|
||||||
ret = 0;
|
ret = 0;
|
||||||
@ -547,10 +577,16 @@ static int aes_t4_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
|
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
if (key) {
|
||||||
int bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
const int bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (bits <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
aes_t4_set_encrypt_key(key, bits, &gctx->ks.ks);
|
aes_t4_set_encrypt_key(key, bits, &gctx->ks.ks);
|
||||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
||||||
(block128_f) aes_t4_encrypt);
|
(block128_f) aes_t4_encrypt);
|
||||||
@ -603,9 +639,14 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
|
|
||||||
if (key) {
|
if (key) {
|
||||||
/* The key is two half length keys in reality */
|
/* The key is two half length keys in reality */
|
||||||
const int bytes = EVP_CIPHER_CTX_get_key_length(ctx) / 2;
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
const int bytes = keylen / 2;
|
||||||
const int bits = bytes * 8;
|
const int bits = bytes * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
* Verify that the two keys are different.
|
* Verify that the two keys are different.
|
||||||
*
|
*
|
||||||
@ -670,10 +711,17 @@ static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx);
|
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
|
||||||
int bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
if (key != NULL) {
|
||||||
|
const int bits = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (bits <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
aes_t4_set_encrypt_key(key, bits, &cctx->ks.ks);
|
aes_t4_set_encrypt_key(key, bits, &cctx->ks.ks);
|
||||||
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
||||||
&cctx->ks, (block128_f) aes_t4_encrypt);
|
&cctx->ks, (block128_f) aes_t4_encrypt);
|
||||||
@ -696,19 +744,25 @@ static int aes_t4_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx);
|
EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
|
||||||
|
if (key != NULL) {
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
do {
|
do {
|
||||||
/*
|
/*
|
||||||
* We set both the encrypt and decrypt key here because decrypt
|
* We set both the encrypt and decrypt key here because decrypt
|
||||||
* needs both. We could possibly optimise to remove setting the
|
* needs both. We could possibly optimise to remove setting the
|
||||||
* decrypt for an encryption operation.
|
* decrypt for an encryption operation.
|
||||||
*/
|
*/
|
||||||
aes_t4_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
aes_t4_set_encrypt_key(key, keylen, &octx->ksenc.ks);
|
||||||
&octx->ksenc.ks);
|
aes_t4_set_decrypt_key(key, keylen, &octx->ksdec.ks);
|
||||||
aes_t4_set_decrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&octx->ksdec.ks);
|
|
||||||
if (!CRYPTO_ocb128_init(&octx->ocb,
|
if (!CRYPTO_ocb128_init(&octx->ocb,
|
||||||
&octx->ksenc.ks, &octx->ksdec.ks,
|
&octx->ksenc.ks, &octx->ksdec.ks,
|
||||||
(block128_f) aes_t4_encrypt,
|
(block128_f) aes_t4_encrypt,
|
||||||
@ -973,6 +1027,10 @@ static int s390x_aes_ecb_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx);
|
S390X_AES_ECB_CTX *cctx = EVP_C_DATA(S390X_AES_ECB_CTX, ctx);
|
||||||
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
cctx->fc = S390X_AES_FC(keylen);
|
cctx->fc = S390X_AES_FC(keylen);
|
||||||
if (!enc)
|
if (!enc)
|
||||||
cctx->fc |= S390X_DECRYPT;
|
cctx->fc |= S390X_DECRYPT;
|
||||||
@ -999,6 +1057,14 @@ static int s390x_aes_ofb_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
const int ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
|
const int ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (ivlen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
memcpy(cctx->kmo.param.cv, iv, ivlen);
|
memcpy(cctx->kmo.param.cv, iv, ivlen);
|
||||||
memcpy(cctx->kmo.param.k, key, keylen);
|
memcpy(cctx->kmo.param.k, key, keylen);
|
||||||
cctx->fc = S390X_AES_FC(keylen);
|
cctx->fc = S390X_AES_FC(keylen);
|
||||||
@ -1058,6 +1124,14 @@ static int s390x_aes_cfb_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
const int ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
|
const int ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (ivlen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
cctx->fc = S390X_AES_FC(keylen);
|
cctx->fc = S390X_AES_FC(keylen);
|
||||||
cctx->fc |= 16 << 24; /* 16 bytes cipher feedback */
|
cctx->fc |= 16 << 24; /* 16 bytes cipher feedback */
|
||||||
if (!enc)
|
if (!enc)
|
||||||
@ -1081,6 +1155,14 @@ static int s390x_aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
int rem;
|
int rem;
|
||||||
unsigned char tmp;
|
unsigned char tmp;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (ivlen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
memcpy(cctx->kmf.param.cv, iv, ivlen);
|
memcpy(cctx->kmf.param.cv, iv, ivlen);
|
||||||
while (n && len) {
|
while (n && len) {
|
||||||
tmp = *in;
|
tmp = *in;
|
||||||
@ -1128,6 +1210,14 @@ static int s390x_aes_cfb8_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
const int ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
|
const int ivlen = EVP_CIPHER_CTX_get_iv_length(ctx);
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (ivlen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
cctx->fc = S390X_AES_FC(keylen);
|
cctx->fc = S390X_AES_FC(keylen);
|
||||||
cctx->fc |= 1 << 24; /* 1 byte cipher feedback */
|
cctx->fc |= 1 << 24; /* 1 byte cipher feedback */
|
||||||
if (!enc)
|
if (!enc)
|
||||||
@ -1533,6 +1623,11 @@ static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
|
|
||||||
if (key != NULL) {
|
if (key != NULL) {
|
||||||
keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
memcpy(&gctx->kma.param.k, key, keylen);
|
memcpy(&gctx->kma.param.k, key, keylen);
|
||||||
|
|
||||||
gctx->fc = S390X_AES_FC(keylen);
|
gctx->fc = S390X_AES_FC(keylen);
|
||||||
@ -1939,6 +2034,11 @@ static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
|
|
||||||
if (key != NULL) {
|
if (key != NULL) {
|
||||||
keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
cctx->aes.ccm.fc = S390X_AES_FC(keylen);
|
cctx->aes.ccm.fc = S390X_AES_FC(keylen);
|
||||||
memcpy(cctx->aes.ccm.kmac_param.k, key, keylen);
|
memcpy(cctx->aes.ccm.kmac_param.k, key, keylen);
|
||||||
|
|
||||||
@ -2315,15 +2415,19 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
{
|
{
|
||||||
int ret, mode;
|
int ret, mode;
|
||||||
EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
|
EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
mode = EVP_CIPHER_CTX_get_mode(ctx);
|
mode = EVP_CIPHER_CTX_get_mode(ctx);
|
||||||
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
|
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
|
||||||
&& !enc) {
|
&& !enc) {
|
||||||
#ifdef HWAES_CAPABLE
|
#ifdef HWAES_CAPABLE
|
||||||
if (HWAES_CAPABLE) {
|
if (HWAES_CAPABLE) {
|
||||||
ret = HWAES_set_decrypt_key(key,
|
ret = HWAES_set_decrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) HWAES_decrypt;
|
dat->block = (block128_f) HWAES_decrypt;
|
||||||
dat->stream.cbc = NULL;
|
dat->stream.cbc = NULL;
|
||||||
# ifdef HWAES_cbc_encrypt
|
# ifdef HWAES_cbc_encrypt
|
||||||
@ -2334,27 +2438,21 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
#endif
|
#endif
|
||||||
#ifdef BSAES_CAPABLE
|
#ifdef BSAES_CAPABLE
|
||||||
if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
|
if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
|
||||||
ret = AES_set_decrypt_key(key,
|
ret = AES_set_decrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) AES_decrypt;
|
dat->block = (block128_f) AES_decrypt;
|
||||||
dat->stream.cbc = (cbc128_f) ossl_bsaes_cbc_encrypt;
|
dat->stream.cbc = (cbc128_f) ossl_bsaes_cbc_encrypt;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
#ifdef VPAES_CAPABLE
|
#ifdef VPAES_CAPABLE
|
||||||
if (VPAES_CAPABLE) {
|
if (VPAES_CAPABLE) {
|
||||||
ret = vpaes_set_decrypt_key(key,
|
ret = vpaes_set_decrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) vpaes_decrypt;
|
dat->block = (block128_f) vpaes_decrypt;
|
||||||
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
||||||
(cbc128_f) vpaes_cbc_encrypt : NULL;
|
(cbc128_f) vpaes_cbc_encrypt : NULL;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
ret = AES_set_decrypt_key(key,
|
ret = AES_set_decrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) AES_decrypt;
|
dat->block = (block128_f) AES_decrypt;
|
||||||
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
||||||
(cbc128_f) AES_cbc_encrypt : NULL;
|
(cbc128_f) AES_cbc_encrypt : NULL;
|
||||||
@ -2362,9 +2460,7 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
} else
|
} else
|
||||||
#ifdef HWAES_CAPABLE
|
#ifdef HWAES_CAPABLE
|
||||||
if (HWAES_CAPABLE) {
|
if (HWAES_CAPABLE) {
|
||||||
ret = HWAES_set_encrypt_key(key,
|
ret = HWAES_set_encrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) HWAES_encrypt;
|
dat->block = (block128_f) HWAES_encrypt;
|
||||||
dat->stream.cbc = NULL;
|
dat->stream.cbc = NULL;
|
||||||
# ifdef HWAES_cbc_encrypt
|
# ifdef HWAES_cbc_encrypt
|
||||||
@ -2382,25 +2478,21 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
#endif
|
#endif
|
||||||
#ifdef BSAES_CAPABLE
|
#ifdef BSAES_CAPABLE
|
||||||
if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
|
if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
|
||||||
ret = AES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
ret = AES_set_encrypt_key(key, keylen, &dat->ks.ks);
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) AES_encrypt;
|
dat->block = (block128_f) AES_encrypt;
|
||||||
dat->stream.ctr = (ctr128_f) ossl_bsaes_ctr32_encrypt_blocks;
|
dat->stream.ctr = (ctr128_f) ossl_bsaes_ctr32_encrypt_blocks;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
#ifdef VPAES_CAPABLE
|
#ifdef VPAES_CAPABLE
|
||||||
if (VPAES_CAPABLE) {
|
if (VPAES_CAPABLE) {
|
||||||
ret = vpaes_set_encrypt_key(key,
|
ret = vpaes_set_encrypt_key(key, keylen, &dat->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) vpaes_encrypt;
|
dat->block = (block128_f) vpaes_encrypt;
|
||||||
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
||||||
(cbc128_f) vpaes_cbc_encrypt : NULL;
|
(cbc128_f) vpaes_cbc_encrypt : NULL;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
ret = AES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
ret = AES_set_encrypt_key(key, keylen, &dat->ks.ks);
|
||||||
&dat->ks.ks);
|
|
||||||
dat->block = (block128_f) AES_encrypt;
|
dat->block = (block128_f) AES_encrypt;
|
||||||
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
|
||||||
(cbc128_f) AES_cbc_encrypt : NULL;
|
(cbc128_f) AES_cbc_encrypt : NULL;
|
||||||
@ -2711,13 +2803,21 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
|
EVP_AES_GCM_CTX *gctx = EVP_C_DATA(EVP_AES_GCM_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
|
||||||
|
if (key != NULL) {
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
do {
|
do {
|
||||||
#ifdef HWAES_CAPABLE
|
#ifdef HWAES_CAPABLE
|
||||||
if (HWAES_CAPABLE) {
|
if (HWAES_CAPABLE) {
|
||||||
HWAES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
|
HWAES_set_encrypt_key(key, keylen, &gctx->ks.ks);
|
||||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
||||||
(block128_f) HWAES_encrypt);
|
(block128_f) HWAES_encrypt);
|
||||||
# ifdef HWAES_ctr32_encrypt_blocks
|
# ifdef HWAES_ctr32_encrypt_blocks
|
||||||
@ -2730,7 +2830,7 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
#endif
|
#endif
|
||||||
#ifdef BSAES_CAPABLE
|
#ifdef BSAES_CAPABLE
|
||||||
if (BSAES_CAPABLE) {
|
if (BSAES_CAPABLE) {
|
||||||
AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
|
AES_set_encrypt_key(key, keylen, &gctx->ks.ks);
|
||||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
||||||
(block128_f) AES_encrypt);
|
(block128_f) AES_encrypt);
|
||||||
gctx->ctr = (ctr128_f) ossl_bsaes_ctr32_encrypt_blocks;
|
gctx->ctr = (ctr128_f) ossl_bsaes_ctr32_encrypt_blocks;
|
||||||
@ -2739,7 +2839,7 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
#endif
|
#endif
|
||||||
#ifdef VPAES_CAPABLE
|
#ifdef VPAES_CAPABLE
|
||||||
if (VPAES_CAPABLE) {
|
if (VPAES_CAPABLE) {
|
||||||
vpaes_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
|
vpaes_set_encrypt_key(key, keylen, &gctx->ks.ks);
|
||||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
||||||
(block128_f) vpaes_encrypt);
|
(block128_f) vpaes_encrypt);
|
||||||
gctx->ctr = NULL;
|
gctx->ctr = NULL;
|
||||||
@ -2748,7 +2848,7 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
#endif
|
#endif
|
||||||
(void)0; /* terminate potentially open 'else' */
|
(void)0; /* terminate potentially open 'else' */
|
||||||
|
|
||||||
AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
|
AES_set_encrypt_key(key, keylen, &gctx->ks.ks);
|
||||||
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
|
||||||
(block128_f) AES_encrypt);
|
(block128_f) AES_encrypt);
|
||||||
#ifdef AES_CTR_ASM
|
#ifdef AES_CTR_ASM
|
||||||
@ -3128,15 +3228,20 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
{
|
{
|
||||||
EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
|
EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
|
||||||
|
|
||||||
if (!iv && !key)
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
if (key) {
|
if (key != NULL) {
|
||||||
do {
|
do {
|
||||||
/* The key is two half length keys in reality */
|
/* The key is two half length keys in reality */
|
||||||
const int bytes = EVP_CIPHER_CTX_get_key_length(ctx) / 2;
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
const int bytes = keylen / 2;
|
||||||
const int bits = bytes * 8;
|
const int bits = bytes * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
* Verify that the two keys are different.
|
* Verify that the two keys are different.
|
||||||
*
|
*
|
||||||
@ -3382,15 +3487,21 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx);
|
EVP_AES_CCM_CTX *cctx = EVP_C_DATA(EVP_AES_CCM_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key)
|
|
||||||
|
if (key != NULL) {
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
do {
|
do {
|
||||||
#ifdef HWAES_CAPABLE
|
#ifdef HWAES_CAPABLE
|
||||||
if (HWAES_CAPABLE) {
|
if (HWAES_CAPABLE) {
|
||||||
HWAES_set_encrypt_key(key,
|
HWAES_set_encrypt_key(key, keylen, &cctx->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&cctx->ks.ks);
|
|
||||||
|
|
||||||
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
||||||
&cctx->ks, (block128_f) HWAES_encrypt);
|
&cctx->ks, (block128_f) HWAES_encrypt);
|
||||||
@ -3401,9 +3512,7 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
#endif
|
#endif
|
||||||
#ifdef VPAES_CAPABLE
|
#ifdef VPAES_CAPABLE
|
||||||
if (VPAES_CAPABLE) {
|
if (VPAES_CAPABLE) {
|
||||||
vpaes_set_encrypt_key(key,
|
vpaes_set_encrypt_key(key, keylen, &cctx->ks.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&cctx->ks.ks);
|
|
||||||
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
||||||
&cctx->ks, (block128_f) vpaes_encrypt);
|
&cctx->ks, (block128_f) vpaes_encrypt);
|
||||||
cctx->str = NULL;
|
cctx->str = NULL;
|
||||||
@ -3411,14 +3520,14 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
AES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
AES_set_encrypt_key(key, keylen, &cctx->ks.ks);
|
||||||
&cctx->ks.ks);
|
|
||||||
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
|
||||||
&cctx->ks, (block128_f) AES_encrypt);
|
&cctx->ks, (block128_f) AES_encrypt);
|
||||||
cctx->str = NULL;
|
cctx->str = NULL;
|
||||||
cctx->key_set = 1;
|
cctx->key_set = 1;
|
||||||
} while (0);
|
} while (0);
|
||||||
if (iv) {
|
}
|
||||||
|
if (iv != NULL) {
|
||||||
memcpy(ctx->iv, iv, 15 - cctx->L);
|
memcpy(ctx->iv, iv, 15 - cctx->L);
|
||||||
cctx->iv_set = 1;
|
cctx->iv_set = 1;
|
||||||
}
|
}
|
||||||
@ -3573,12 +3682,16 @@ static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
if (iv == NULL && key == NULL)
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key != NULL) {
|
if (key != NULL) {
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
if (EVP_CIPHER_CTX_is_encrypting(ctx))
|
if (EVP_CIPHER_CTX_is_encrypting(ctx))
|
||||||
AES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
AES_set_encrypt_key(key, keylen, &wctx->ks.ks);
|
||||||
&wctx->ks.ks);
|
|
||||||
else
|
else
|
||||||
AES_set_decrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
AES_set_decrypt_key(key, keylen, &wctx->ks.ks);
|
||||||
&wctx->ks.ks);
|
|
||||||
if (iv == NULL)
|
if (iv == NULL)
|
||||||
wctx->iv = NULL;
|
wctx->iv = NULL;
|
||||||
}
|
}
|
||||||
@ -3806,9 +3919,17 @@ static int aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
const unsigned char *iv, int enc)
|
const unsigned char *iv, int enc)
|
||||||
{
|
{
|
||||||
EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx);
|
EVP_AES_OCB_CTX *octx = EVP_C_DATA(EVP_AES_OCB_CTX,ctx);
|
||||||
if (!iv && !key)
|
|
||||||
|
if (iv == NULL && key == NULL)
|
||||||
return 1;
|
return 1;
|
||||||
if (key) {
|
|
||||||
|
if (key != NULL) {
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
do {
|
do {
|
||||||
/*
|
/*
|
||||||
* We set both the encrypt and decrypt key here because decrypt
|
* We set both the encrypt and decrypt key here because decrypt
|
||||||
@ -3817,10 +3938,8 @@ static int aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
*/
|
*/
|
||||||
# ifdef HWAES_CAPABLE
|
# ifdef HWAES_CAPABLE
|
||||||
if (HWAES_CAPABLE) {
|
if (HWAES_CAPABLE) {
|
||||||
HWAES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
HWAES_set_encrypt_key(key, keylen, &octx->ksenc.ks);
|
||||||
&octx->ksenc.ks);
|
HWAES_set_decrypt_key(key, keylen, &octx->ksdec.ks);
|
||||||
HWAES_set_decrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&octx->ksdec.ks);
|
|
||||||
if (!CRYPTO_ocb128_init(&octx->ocb,
|
if (!CRYPTO_ocb128_init(&octx->ocb,
|
||||||
&octx->ksenc.ks, &octx->ksdec.ks,
|
&octx->ksenc.ks, &octx->ksdec.ks,
|
||||||
(block128_f) HWAES_encrypt,
|
(block128_f) HWAES_encrypt,
|
||||||
@ -3833,12 +3952,8 @@ static int aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
# endif
|
# endif
|
||||||
# ifdef VPAES_CAPABLE
|
# ifdef VPAES_CAPABLE
|
||||||
if (VPAES_CAPABLE) {
|
if (VPAES_CAPABLE) {
|
||||||
vpaes_set_encrypt_key(key,
|
vpaes_set_encrypt_key(key, keylen, &octx->ksenc.ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
vpaes_set_decrypt_key(key, keylen, &octx->ksdec.ks);
|
||||||
&octx->ksenc.ks);
|
|
||||||
vpaes_set_decrypt_key(key,
|
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&octx->ksdec.ks);
|
|
||||||
if (!CRYPTO_ocb128_init(&octx->ocb,
|
if (!CRYPTO_ocb128_init(&octx->ocb,
|
||||||
&octx->ksenc.ks, &octx->ksdec.ks,
|
&octx->ksenc.ks, &octx->ksdec.ks,
|
||||||
(block128_f) vpaes_encrypt,
|
(block128_f) vpaes_encrypt,
|
||||||
@ -3848,10 +3963,8 @@ static int aes_ocb_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
# endif
|
# endif
|
||||||
AES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
AES_set_encrypt_key(key, keylen, &octx->ksenc.ks);
|
||||||
&octx->ksenc.ks);
|
AES_set_decrypt_key(key, keylen, &octx->ksdec.ks);
|
||||||
AES_set_decrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&octx->ksdec.ks);
|
|
||||||
if (!CRYPTO_ocb128_init(&octx->ocb,
|
if (!CRYPTO_ocb128_init(&octx->ocb,
|
||||||
&octx->ksenc.ks, &octx->ksdec.ks,
|
&octx->ksenc.ks, &octx->ksdec.ks,
|
||||||
(block128_f) AES_encrypt,
|
(block128_f) AES_encrypt,
|
||||||
|
@ -72,15 +72,16 @@ static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
|
|||||||
{
|
{
|
||||||
EVP_AES_HMAC_SHA1 *key = data(ctx);
|
EVP_AES_HMAC_SHA1 *key = data(ctx);
|
||||||
int ret;
|
int ret;
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx) * 8;
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
if (enc)
|
if (enc)
|
||||||
ret = aesni_set_encrypt_key(inkey,
|
ret = aesni_set_encrypt_key(inkey, keylen, &key->ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&key->ks);
|
|
||||||
else
|
else
|
||||||
ret = aesni_set_decrypt_key(inkey,
|
ret = aesni_set_decrypt_key(inkey, keylen, &key->ks);
|
||||||
EVP_CIPHER_CTX_get_key_length(ctx) * 8,
|
|
||||||
&key->ks);
|
|
||||||
|
|
||||||
SHA1_Init(&key->head); /* handy when benchmarking */
|
SHA1_Init(&key->head); /* handy when benchmarking */
|
||||||
key->tail = key->head;
|
key->tail = key->head;
|
||||||
@ -496,6 +497,12 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
# if defined(STITCHED_DECRYPT_CALL)
|
# if defined(STITCHED_DECRYPT_CALL)
|
||||||
unsigned char tail_iv[AES_BLOCK_SIZE];
|
unsigned char tail_iv[AES_BLOCK_SIZE];
|
||||||
int stitch = 0;
|
int stitch = 0;
|
||||||
|
const int keylen = EVP_CIPHER_CTX_get_key_length(ctx);
|
||||||
|
|
||||||
|
if (keylen <= 0) {
|
||||||
|
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
# endif
|
# endif
|
||||||
|
|
||||||
if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
|
if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
|
||||||
@ -513,7 +520,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
# if defined(STITCHED_DECRYPT_CALL)
|
# if defined(STITCHED_DECRYPT_CALL)
|
||||||
if (len >= 1024 && ctx->key_len == 32) {
|
if (len >= 1024 && keylen == 32) {
|
||||||
/* decrypt last block */
|
/* decrypt last block */
|
||||||
memcpy(tail_iv, in + len - 2 * AES_BLOCK_SIZE,
|
memcpy(tail_iv, in + len - 2 * AES_BLOCK_SIZE,
|
||||||
AES_BLOCK_SIZE);
|
AES_BLOCK_SIZE);
|
||||||
@ -734,7 +741,7 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|||||||
return ret;
|
return ret;
|
||||||
} else {
|
} else {
|
||||||
# if defined(STITCHED_DECRYPT_CALL)
|
# if defined(STITCHED_DECRYPT_CALL)
|
||||||
if (len >= 1024 && ctx->key_len == 32) {
|
if (len >= 1024 && keylen == 32) {
|
||||||
if (sha_off %= SHA_CBLOCK)
|
if (sha_off %= SHA_CBLOCK)
|
||||||
blocks = (len - 3 * SHA_CBLOCK) / SHA_CBLOCK;
|
blocks = (len - 3 * SHA_CBLOCK) / SHA_CBLOCK;
|
||||||
else
|
else
|
||||||
|
Loading…
Reference in New Issue
Block a user