From d976f99294190133c9d465561fa724c056bd2ab8 Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Tue, 23 Feb 2010 16:48:41 +0000 Subject: [PATCH] Add AES counter mode to EVP. --- crypto/evp/c_allc.c | 6 ---- crypto/evp/e_aes.c | 80 ++++++++++++++++++++++++++++++++++++++--- crypto/evp/evp.h | 7 +--- crypto/evp/evp_err.c | 3 +- crypto/evp/evptests.txt | 13 +++++++ 5 files changed, 91 insertions(+), 18 deletions(-) diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index c5f9268378..b262ac0685 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -166,9 +166,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_128_cfb1()); EVP_add_cipher(EVP_aes_128_cfb8()); EVP_add_cipher(EVP_aes_128_ofb()); -#if 0 EVP_add_cipher(EVP_aes_128_ctr()); -#endif EVP_add_cipher_alias(SN_aes_128_cbc,"AES128"); EVP_add_cipher_alias(SN_aes_128_cbc,"aes128"); EVP_add_cipher(EVP_aes_192_ecb()); @@ -177,9 +175,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_192_cfb1()); EVP_add_cipher(EVP_aes_192_cfb8()); EVP_add_cipher(EVP_aes_192_ofb()); -#if 0 EVP_add_cipher(EVP_aes_192_ctr()); -#endif EVP_add_cipher_alias(SN_aes_192_cbc,"AES192"); EVP_add_cipher_alias(SN_aes_192_cbc,"aes192"); EVP_add_cipher(EVP_aes_256_ecb()); @@ -188,9 +184,7 @@ void OpenSSL_add_all_ciphers(void) EVP_add_cipher(EVP_aes_256_cfb1()); EVP_add_cipher(EVP_aes_256_cfb8()); EVP_add_cipher(EVP_aes_256_ofb()); -#if 0 EVP_add_cipher(EVP_aes_256_ctr()); -#endif EVP_add_cipher_alias(SN_aes_256_cbc,"AES256"); EVP_add_cipher_alias(SN_aes_256_cbc,"aes256"); #endif diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index bd6c0a3a62..afc802b03a 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -96,17 +96,77 @@ IMPLEMENT_AES_CFBR(128,8) IMPLEMENT_AES_CFBR(192,8) IMPLEMENT_AES_CFBR(256,8) +static int aes_counter (EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) +{ + AES_ctr128_encrypt (in,out,len, + &((EVP_AES_KEY *)ctx->cipher_data)->ks, + ctx->iv,ctx->buf,&ctx->num); + return 1; +} + +static const EVP_CIPHER aes_128_ctr_cipher= + { + NID_aes_128_ctr,1,16,16, + EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_CUSTOM_IV, + aes_init_key, + aes_counter, + NULL, + sizeof(EVP_AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + +const EVP_CIPHER *EVP_aes_128_ctr (void) +{ return &aes_128_ctr_cipher; } + +static const EVP_CIPHER aes_192_ctr_cipher= + { + NID_aes_192_ctr,1,24,16, + EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_CUSTOM_IV, + aes_init_key, + aes_counter, + NULL, + sizeof(EVP_AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + +const EVP_CIPHER *EVP_aes_192_ctr (void) +{ return &aes_192_ctr_cipher; } + +static const EVP_CIPHER aes_256_ctr_cipher= + { + NID_aes_256_ctr,1,32,16, + EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_CUSTOM_IV, + aes_init_key, + aes_counter, + NULL, + sizeof(EVP_AES_KEY), + NULL, + NULL, + NULL, + NULL + }; + +const EVP_CIPHER *EVP_aes_256_ctr (void) +{ return &aes_256_ctr_cipher; } + static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { int ret; - if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE - || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE - || enc) - ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data); - else + if (((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_ECB_MODE + || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CBC_MODE) + && !enc) ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data); + else + ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data); if(ret < 0) { @@ -114,6 +174,16 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, return 0; } + if (ctx->cipher->flags&EVP_CIPH_CUSTOM_IV) + { + if (iv!=NULL) + memcpy (ctx->iv,iv,ctx->cipher->iv_len); + else { + EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_IV_SETUP_FAILED); + return 0; + } + } + return 1; } diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 2fa1141e8e..50f224123e 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -741,9 +741,7 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void); const EVP_CIPHER *EVP_aes_128_cfb128(void); # define EVP_aes_128_cfb EVP_aes_128_cfb128 const EVP_CIPHER *EVP_aes_128_ofb(void); -#if 0 const EVP_CIPHER *EVP_aes_128_ctr(void); -#endif const EVP_CIPHER *EVP_aes_192_ecb(void); const EVP_CIPHER *EVP_aes_192_cbc(void); const EVP_CIPHER *EVP_aes_192_cfb1(void); @@ -751,9 +749,7 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void); const EVP_CIPHER *EVP_aes_192_cfb128(void); # define EVP_aes_192_cfb EVP_aes_192_cfb128 const EVP_CIPHER *EVP_aes_192_ofb(void); -#if 0 const EVP_CIPHER *EVP_aes_192_ctr(void); -#endif const EVP_CIPHER *EVP_aes_256_ecb(void); const EVP_CIPHER *EVP_aes_256_cbc(void); const EVP_CIPHER *EVP_aes_256_cfb1(void); @@ -761,10 +757,8 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void); const EVP_CIPHER *EVP_aes_256_cfb128(void); # define EVP_aes_256_cfb EVP_aes_256_cfb128 const EVP_CIPHER *EVP_aes_256_ofb(void); -#if 0 const EVP_CIPHER *EVP_aes_256_ctr(void); #endif -#endif #ifndef OPENSSL_NO_CAMELLIA const EVP_CIPHER *EVP_camellia_128_ecb(void); const EVP_CIPHER *EVP_camellia_128_cbc(void); @@ -1263,6 +1257,7 @@ void ERR_load_EVP_strings(void); #define EVP_F_RC5_CTRL 125 /* Reason codes. */ +#define EVP_R_AES_IV_SETUP_FAILED 162 #define EVP_R_AES_KEY_SETUP_FAILED 143 #define EVP_R_ASN1_LIB 140 #define EVP_R_BAD_BLOCK_LENGTH 136 diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 794b86c703..64a96d68e4 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* crypto/evp/evp_err.c */ /* ==================================================================== - * Copyright (c) 1999-2009 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -140,6 +140,7 @@ static ERR_STRING_DATA EVP_str_functs[]= static ERR_STRING_DATA EVP_str_reasons[]= { +{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED) ,"aes iv setup failed"}, {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED) ,"aes key setup failed"}, {ERR_REASON(EVP_R_ASN1_LIB) ,"asn1 lib"}, {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH) ,"bad block length"}, diff --git a/crypto/evp/evptests.txt b/crypto/evp/evptests.txt index beb12144b6..c273707c14 100644 --- a/crypto/evp/evptests.txt +++ b/crypto/evp/evptests.txt @@ -158,6 +158,19 @@ AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7B AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0 AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0 +# AES Counter test vectors from RFC3686 +aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1 +aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1 +aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1 + +aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1 +aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1 +aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1 + +aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1 +aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1 +aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1 + # DES ECB tests (from destest) DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7