mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add rc2 ciphers to default provider

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9991)
This commit is contained in:
Shane Lontis 2019-10-08 16:42:28 +10:00
parent 089cb623be
commit f816aa47ac
16 changed files with 498 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/err/openssl.txt
View File

@ -2716,6 +2716,7 @@ PROV_R_TAG_NOT_NEEDED:120:tag not needed
PROV_R_UNABLE_TO_LOAD_SHA1:143:unable to load sha1
PROV_R_UNABLE_TO_LOAD_SHA256:147:unable to load sha256
PROV_R_UNSUPPORTED_CEK_ALG:145:unsupported cek alg
PROV_R_UNSUPPORTED_KEY_SIZE:153:unsupported key size
PROV_R_UNSUPPORTED_MAC_TYPE:137:unsupported mac type
PROV_R_UNSUPPORTED_NUMBER_OF_ROUNDS:152:unsupported number of rounds
PROV_R_VALUE_ERROR:138:value error

12
crypto/evp/evp_enc.c
View File

@ -273,6 +273,11 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
case NID_rc5_ecb:
case NID_rc5_cfb64:
case NID_rc5_ofb64:
case NID_rc2_cbc:
case NID_rc2_40_cbc:
case NID_rc2_64_cbc:
case NID_rc2_cfb64:
case NID_rc2_ofb64:
break;
default:
goto legacy;
@ -1129,6 +1134,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
if (ret <= 0)
return 0;
return sz;
#ifndef OPENSSL_NO_RC2
case EVP_CTRL_GET_RC2_KEY_BITS:
set_params = 0; /* Fall thru */
case EVP_CTRL_SET_RC2_KEY_BITS:
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, &sz);
break;
#endif /* OPENSSL_NO_RC2 */
}
if (set_params)

5
doc/man7/provider-cipher.pod
View File

@ -333,6 +333,11 @@ that has the flag B<EVP_CIPH_FLAG_CUSTOM_ASN1> set.
Sets or gets the number of rounds to be used for a cipher.
This is used by the RC5 cipher.
=item "keybits" (B<OSSL_CIPHER_PARAM_RC2_KEYBITS>) <unsigned integer>
Gets or sets the effective keybits used for a RC2 cipher.
The length of the "keybits" parameter should not exceed that of a B<size_t>.
=back
=head1 RETURN VALUES

1
include/openssl/core_names.h
View File

@ -67,6 +67,7 @@ extern "C" {
#define OSSL_CIPHER_PARAM_AEAD_IVLEN OSSL_CIPHER_PARAM_IVLEN
#define OSSL_CIPHER_PARAM_AEAD_TAGLEN "taglen" /* size_t */
#define OSSL_CIPHER_PARAM_RANDOM_KEY "randkey" /* octet_string */
#define OSSL_CIPHER_PARAM_RC2_KEYBITS "keybits" /* size_t */
/* For passing the AlgorithmIdentifier parameter in DER form */
#define OSSL_CIPHER_PARAM_ALG_ID "alg_id_param" /* octet_string */

43
providers/common/include/internal/ciphers/ciphercommon.h
View File

@ -91,25 +91,8 @@ void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
size_t ivbits, unsigned int mode, uint64_t flags,
const PROV_CIPHER_HW *hw, void *provctx);
#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \
blkbits, ivbits, typ) \
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \
static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \
{ \
return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
kbits, blkbits, ivbits); \
} \
static OSSL_OP_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \
static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \
{ \
PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
if (ctx != NULL) { \
cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \
EVP_CIPH_##UCMODE##_MODE, flags, \
PROV_CIPHER_HW_##alg##_##lcmode(kbits), NULL); \
} \
return ctx; \
} \
#define IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits,\
blkbits, ivbits, typ) \
const OSSL_DISPATCH alg##kbits##lcmode##_functions[] = { \
{ OSSL_FUNC_CIPHER_NEWCTX, \
(void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \
@ -135,6 +118,28 @@ const OSSL_DISPATCH alg##kbits##lcmode##_functions[] = { \
{ 0, NULL } \
};
#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \
blkbits, ivbits, typ) \
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \
static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \
{ \
return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
kbits, blkbits, ivbits); \
} \
static OSSL_OP_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \
static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \
{ \
PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
if (ctx != NULL) { \
cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \
EVP_CIPH_##UCMODE##_MODE, flags, \
PROV_CIPHER_HW_##alg##_##lcmode(kbits), NULL); \
} \
return ctx; \
} \
IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \
blkbits, ivbits, typ)
PROV_CIPHER_HW_FN cipher_hw_generic_cbc;
PROV_CIPHER_HW_FN cipher_hw_generic_ecb;
PROV_CIPHER_HW_FN cipher_hw_generic_ofb128;

9
providers/common/include/internal/provider_algs.h
View File

@ -165,7 +165,14 @@ extern const OSSL_DISPATCH rc5128cbc_functions[];
extern const OSSL_DISPATCH rc5128ofb64_functions[];
extern const OSSL_DISPATCH rc5128cfb64_functions[];
#endif /* OPENSSL_NO_RC5 */
#ifndef OPENSSL_NO_RC2
extern const OSSL_DISPATCH rc2128ecb_functions[];
extern const OSSL_DISPATCH rc2128cbc_functions[];
extern const OSSL_DISPATCH rc240cbc_functions[];
extern const OSSL_DISPATCH rc264cbc_functions[];
extern const OSSL_DISPATCH rc2128cfb128_functions[];
extern const OSSL_DISPATCH rc2128ofb128_functions[];
#endif /* OPENSSL_NO_RC2 */
#ifndef OPENSSL_NO_DES
extern const OSSL_DISPATCH tdes_ede3_ecb_functions[];
extern const OSSL_DISPATCH tdes_ede3_cbc_functions[];

1
providers/common/include/internal/providercommonerr.h
View File

@ -95,6 +95,7 @@ int ERR_load_PROV_strings(void);
# define PROV_R_UNABLE_TO_LOAD_SHA1 143
# define PROV_R_UNABLE_TO_LOAD_SHA256 147
# define PROV_R_UNSUPPORTED_CEK_ALG 145
# define PROV_R_UNSUPPORTED_KEY_SIZE 153
# define PROV_R_UNSUPPORTED_MAC_TYPE 137
# define PROV_R_UNSUPPORTED_NUMBER_OF_ROUNDS 152
# define PROV_R_VALUE_ERROR 138

2
providers/common/provider_err.c
View File

@ -78,6 +78,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = {
"unable to load sha256"},
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_CEK_ALG),
"unsupported cek alg"},
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_KEY_SIZE),
"unsupported key size"},
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_MAC_TYPE),
"unsupported mac type"},
{ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_NUMBER_OF_ROUNDS),

5
providers/default/ciphers/build.info
View File

@ -60,4 +60,9 @@ IF[{- !$disabled{rc5} -}]
cipher_rc5.c cipher_rc5_hw.c
ENDIF
IF[{- !$disabled{rc2} -}]
SOURCE[../../../libcrypto]=\
cipher_rc2.c cipher_rc2_hw.c
ENDIF
INCLUDE[../../../libcrypto]=. ../../../crypto

239
providers/default/ciphers/cipher_rc2.c Normal file
View File

@ -0,0 +1,239 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Dispatch functions for RC2 cipher modes ecb, cbc, ofb, cfb */
#include "cipher_rc2.h"
#include "internal/provider_algs.h"
#include "internal/providercommonerr.h"
#define RC2_40_MAGIC 0xa0
#define RC2_64_MAGIC 0x78
#define RC2_128_MAGIC 0x3a
static OSSL_OP_cipher_freectx_fn rc2_freectx;
static OSSL_OP_cipher_dupctx_fn rc2_dupctx;
static OSSL_OP_cipher_gettable_ctx_params_fn rc2_gettable_ctx_params;
static OSSL_OP_cipher_settable_ctx_params_fn rc2_settable_ctx_params;
static void rc2_freectx(void *vctx)
{
PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx;
OPENSSL_clear_free(ctx, sizeof(*ctx));
}
static void *rc2_dupctx(void *ctx)
{
PROV_RC2_CTX *in = (PROV_RC2_CTX *)ctx;
PROV_RC2_CTX *ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return NULL;
}
*ret = *in;
return ret;
}
static int rc2_keybits_to_magic(int keybits)
{
switch (keybits) {
case 128:
return RC2_128_MAGIC;
case 64:
return RC2_64_MAGIC;
case 40:
return RC2_40_MAGIC;
}
ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE);
return 0;
}
static int rc2_magic_to_keybits(int magic)
{
switch (magic) {
case RC2_128_MAGIC:
return 128;
case RC2_64_MAGIC:
return 64;
case RC2_40_MAGIC:
return 40;
}
ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE);
return 0;
}
static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[])
{
PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx;
OSSL_PARAM *p;
if (!cipher_generic_get_ctx_params(vctx, params))
return 0;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RC2_KEYBITS);
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->key_bits)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ALG_ID);
if (p != NULL) {
long num;
int i;
ASN1_TYPE *type;
unsigned char *d = p->data;
unsigned char **dd = d == NULL ? NULL : &d;
if (p->data_type != OSSL_PARAM_OCTET_STRING) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
if ((type = ASN1_TYPE_new()) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
/* Is this the original IV or the running IV? */
num = rc2_keybits_to_magic(ctx->key_bits);
if (!ASN1_TYPE_set_int_octetstring(type, num,
ctx->base.iv, ctx->base.ivlen)) {
ASN1_TYPE_free(type);
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
/*
* IF the caller has a buffer, we pray to the gods they got the
* size right. There's no way to tell the i2d functions...
*/
i = i2d_ASN1_TYPE(type, dd);
if (i >= 0)
p->return_size = (size_t)i;
ASN1_TYPE_free(type);
if (i < 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
}
return 1;
}
static int rc2_set_ctx_params(void *vctx, OSSL_PARAM params[])
{
PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx;
const OSSL_PARAM *p;
if (!cipher_generic_set_ctx_params(vctx, params))
return 0;
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_RC2_KEYBITS);
if (p != NULL) {
if (!OSSL_PARAM_get_size_t(p, &ctx->key_bits)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ALG_ID);
if (p != NULL) {
ASN1_TYPE *type = NULL;
long num = 0;
const unsigned char *d = p->data;
int ret = 1;
unsigned char iv[16];
if (p->data_type != OSSL_PARAM_OCTET_STRING
|| ctx->base.ivlen > sizeof(iv)
|| (type = d2i_ASN1_TYPE(NULL, &d, p->data_size)) == NULL
|| ((size_t)ASN1_TYPE_get_int_octetstring(type, &num, iv,
ctx->base.ivlen)
!= ctx->base.ivlen)
|| !cipher_generic_initiv(&ctx->base, iv, ctx->base.ivlen)
|| (ctx->key_bits = rc2_magic_to_keybits(num)) == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
ret = 0;
}
ASN1_TYPE_free(type);
if (ret == 0)
return 0;
/*
* This code assumes that the caller will call
* EVP_CipherInit_ex() with a non NULL key in order to setup a key that
* uses the keylen and keybits that were set here.
*/
ctx->base.keylen = ctx->key_bits / 8;
}
return 1;
}
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(rc2)
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL),
CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc2)
CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc2)
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL),
CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc2)
#define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, blkbits, \
ivbits, typ) \
static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \
static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \
{ \
return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
kbits, blkbits, ivbits); \
} \
static OSSL_OP_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \
static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \
{ \
PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
if (ctx != NULL) { \
cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \
EVP_CIPH_##UCMODE##_MODE, flags, \
PROV_CIPHER_HW_##alg##_##lcmode(kbits), NULL); \
ctx->key_bits = kbits; \
} \
return ctx; \
} \
const OSSL_DISPATCH alg##kbits##lcmode##_functions[] = { \
{ OSSL_FUNC_CIPHER_NEWCTX, \
(void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \
{ OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \
{ OSSL_FUNC_CIPHER_GET_PARAMS, \
(void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
(void (*)(void))cipher_generic_gettable_params }, \
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
(void (*)(void))rc2_get_ctx_params }, \
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
(void (*)(void))rc2_gettable_ctx_params }, \
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
(void (*)(void))rc2_set_ctx_params }, \
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
(void (*)(void))rc2_settable_ctx_params }, \
{ 0, NULL } \
};
/* rc2128ecb_functions */
IMPLEMENT_cipher(rc2, RC2, ecb, ECB, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 0, block)
/* rc2128cbc_functions */
IMPLEMENT_cipher(rc2, RC2, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 64, block)
/* rc240cbc_functions */
IMPLEMENT_cipher(rc2, RC2, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 40, 64, 64, block)
/* rc264cbc_functions */
IMPLEMENT_cipher(rc2, RC2, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 64, 64, 64, block)
/* rc2128ofb128_functions */
IMPLEMENT_cipher(rc2, RC2, ofb128, OFB, EVP_CIPH_VARIABLE_LENGTH, 128, 8, 64, stream)
/* rc2128cfb128_functions */
IMPLEMENT_cipher(rc2, RC2, cfb128, CFB, EVP_CIPH_VARIABLE_LENGTH, 128, 8, 64, stream)

28
providers/default/ciphers/cipher_rc2.h Normal file
View File

@ -0,0 +1,28 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/rc2.h>
#include "internal/ciphers/ciphercommon.h"
typedef struct prov_rc2_ctx_st {
PROV_CIPHER_CTX base; /* Must be first */
union {
OSSL_UNION_ALIGN;
RC2_KEY ks;
} ks;
size_t key_bits;
} PROV_RC2_CTX;
#define PROV_CIPHER_HW_rc2_ofb128 PROV_CIPHER_HW_rc2_ofb64
#define PROV_CIPHER_HW_rc2_cfb128 PROV_CIPHER_HW_rc2_cfb64
const PROV_CIPHER_HW *PROV_CIPHER_HW_rc2_cbc(size_t keybits);
const PROV_CIPHER_HW *PROV_CIPHER_HW_rc2_ecb(size_t keybits);
const PROV_CIPHER_HW *PROV_CIPHER_HW_rc2_ofb64(size_t keybits);
const PROV_CIPHER_HW *PROV_CIPHER_HW_rc2_cfb64(size_t keybits);

37
providers/default/ciphers/cipher_rc2_hw.c Normal file
View File

@ -0,0 +1,37 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "cipher_rc2.h"
static int cipher_hw_rc2_initkey(PROV_CIPHER_CTX *ctx,
const unsigned char *key, size_t keylen)
{
PROV_RC2_CTX *rctx = (PROV_RC2_CTX *)ctx;
RC2_KEY *ks = &(rctx->ks.ks);
RC2_set_key(ks, (int)ctx->keylen, key, (int)rctx->key_bits);
return 1;
}
# define PROV_CIPHER_HW_rc2_mode(mode, UCMODE) \
IMPLEMENT_CIPHER_HW_##UCMODE(mode, rc2, PROV_RC2_CTX, RC2_KEY, \
RC2_##mode) \
static const PROV_CIPHER_HW rc2_##mode = { \
cipher_hw_rc2_initkey, \
cipher_hw_rc2_##mode##_cipher \
}; \
const PROV_CIPHER_HW *PROV_CIPHER_HW_rc2_##mode(size_t keybits) \
{ \
return &rc2_##mode; \
}
PROV_CIPHER_HW_rc2_mode(cbc, CBC)
PROV_CIPHER_HW_rc2_mode(ecb, ECB)
PROV_CIPHER_HW_rc2_mode(ofb64, OFB)
PROV_CIPHER_HW_rc2_mode(cfb64, CFB)

8
providers/default/defltprov.c
View File

@ -287,6 +287,14 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
{ "RC5-OFB", "default=yes", rc5128ofb64_functions },
{ "RC5-CFB", "default=yes", rc5128cfb64_functions },
#endif /* OPENSSL_NO_RC5 */
#ifndef OPENSSL_NO_RC2
{ "RC2-ECB", "default=yes", rc2128ecb_functions },
{ "RC2-CBC", "default=yes", rc2128cbc_functions },
{ "RC2-40-CBC", "default=yes", rc240cbc_functions },
{ "RC2-64-CBC", "default=yes", rc264cbc_functions },
{ "RC2-CFB", "default=yes", rc2128cfb128_functions },
{ "RC2-OFB", "default=yes", rc2128ofb128_functions },
#endif /* OPENSSL_NO_RC2 */
{ NULL, NULL, NULL }
};

17
test/evp_test.c
View File

@ -485,6 +485,7 @@ typedef struct cipher_data_st {
int aead;
unsigned char *key;
size_t key_len;
size_t key_bits; /* Used by RC2 */
unsigned char *iv;
unsigned int rounds;
size_t iv_len;
@ -573,6 +574,13 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
return parse_bin(value, &cdat->plaintext, &cdat->plaintext_len);
if (strcmp(keyword, "Ciphertext") == 0)
return parse_bin(value, &cdat->ciphertext, &cdat->ciphertext_len);
if (strcmp(keyword, "KeyBits") == 0) {
i = atoi(value);
if (i < 0)
return -1;
cdat->key_bits = (size_t)i;
return 1;
}
if (cdat->aead) {
if (strcmp(keyword, "AAD") == 0) {
for (i = 0; i < AAD_NUM; i++) {
@ -704,10 +712,19 @@ static int cipher_test_enc(EVP_TEST *t, int enc,
t->err = "INVALID_KEY_LENGTH";
goto err;
}
if (expected->key_bits > 0) {
int bits = (int)expected->key_bits;
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, bits, NULL)) {
t->err = "INVALID KEY BITS";
goto err;
}
}
if (!EVP_CipherInit_ex(ctx, NULL, NULL, expected->key, expected->iv, -1)) {
t->err = "KEY_SET_ERROR";
goto err;
}
/* Check that we get the same IV back */
if (expected->iv != NULL
&& (EVP_CIPHER_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0

3
test/recipes/30-test_evp.t
View File

@ -56,6 +56,9 @@ push @defltfiles, @rc4files unless disabled("rc4");
my @rc5files = qw( evpciph_rc5.txt );
push @defltfiles, @rc5files unless disabled("rc5");
my @rc2files = qw( evpciph_rc2.txt );
push @defltfiles, @rc2files unless disabled("rc2");
plan tests =>
($no_fips ? 0 : 1) # FIPS install test
+ (scalar(@configs) * scalar(@files))

107
test/recipes/30-test_evp_data/evpciph_rc2.txt Normal file
View File

@ -0,0 +1,107 @@
#
# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# A valid set of RC2 test vectors could not be found for all RC2 modes - the
# following values were generated using the deprecated cipher code, in order to
# confirm that the new provider code is equivalent.
Title = RC2 Test vectors
Cipher = RC2-ECB
Key = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = a4085a9f3e710563ae3b1e8c4339122b
Cipher = RC2-ECB
Key = 0000000000000000
KeyBits = 63
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = b406b9037baf2d86982af542e6d70b13
Cipher = RC2-CBC
Key = 0000000000000000
IV = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = a4085a9f3e710563d1091a1552ba8962
Cipher = RC2-CBC
Key = 0000000000000000
KeyBits = 63
IV = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = b406b9037baf2d866614ef5e55e95b8d
Cipher = RC2-40-CBC
Key = 0000000000
IV = 0000000000000000
Plaintext = 0102030405060708
Ciphertext = 61ae28bcf59d1f6f
Cipher = RC2-40-CBC
Key = 0000000000
KeyBits = 63
IV = 0000000000000000
Plaintext = 0102030405060708
Ciphertext = c1d8e65290b2f06d
Cipher = RC2-40-CBC
Key = 000000000001
IV = 0000000000000000
Plaintext = 0102030405060708
Ciphertext = b3ddf36b5c81b0db
Cipher = RC2-64-CBC
Key = 0000000000000000
IV = 0000000000000000
Plaintext = 0102030405060708
Ciphertext = 191d1abf767bfbe7
Cipher = RC2-64-CBC
Key = 0000000000000000
KeyBits = 63
IV = 0000000000000000
Plaintext = 0102030405060708
Ciphertext = 191d1abf767bfbe7
Cipher = RC2-CFB
Key = 0000000000000000
IV = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = 81b5cc4d43119e987a2b526ea152f3fe
Cipher = RC2-CFB
Key = 0000000000000000
KeyBits = 63
IV = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = ebb671fa972288f87cb1810b91f2ae39
Cipher = RC2-OFB
Key = 0000000000000000
IV = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = 81b5cc4d43119e9849bdb7ef7fb35eb7
Cipher = RC2-OFB
Key = 0000000000000000
IV = 0000000000000000
KeyBits = 63
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = ebb671fa972288f8f8587d8069d61d58
Cipher = RC2-OFB
Key = 0000000000000000
IV = 000000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Result = INVALID_IV_LENGTH
#Variable key length is allowed for RC2
Cipher = RC2-OFB
Key = 0000000000000000000000000000000000
IV = 0000000000000000
Plaintext = 000102030405060708090A0B0C0D0E0F
Ciphertext = 1df8d70bb9c66ffc37869d8ed80d796b