Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
bdaa5415
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
8 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
bdaa5415
编写于
2月 07, 2011
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Initial *very* experimental EVP support for AES-GCM. Note: probably very
broken and subject to change.
上级
fd3dbc1d
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
225 addition
and
1 deletion
+225
-1
CHANGES
CHANGES
+9
-0
crypto/evp/e_aes.c
crypto/evp/e_aes.c
+209
-1
crypto/evp/evp.h
crypto/evp/evp.h
+7
-0
未找到文件。
CHANGES
浏览文件 @
bdaa5415
...
...
@@ -4,6 +4,15 @@
Changes between 1.0.1 and 1.1.0 [xx XXX xxxx]
*) Initial, experimental EVP support for AES-GCM. AAD can be input by
setting output buffer to NULL. The *Final function must be
called although it will not retrieve any additional data. The tag
can be set or retrieved with a ctrl. The IV length is by default 12
bytes (96 bits) but can be set to an alternative value. If the IV
length exceeds the maximum IV length (currently 16 bytes) it cannot be
set before the key.
[Steve Henson]
*) New flag in ciphers: EVP_CIPH_FLAG_CUSTOM_CIPHER. This means the
underlying do_cipher function handles all cipher semantics itself
including padding and finalisation. This is useful if (for example)
...
...
crypto/evp/e_aes.c
浏览文件 @
bdaa5415
...
...
@@ -57,8 +57,8 @@
#include <string.h>
#include <assert.h>
#include <openssl/aes.h>
#include <openssl/modes.h>
#include "evp_locl.h"
#include <openssl/modes.h>
static
int
aes_init_key
(
EVP_CIPHER_CTX
*
ctx
,
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
int
enc
);
...
...
@@ -187,4 +187,212 @@ static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
return
1
;
}
typedef
struct
{
/* AES key schedule to use */
AES_KEY
ks
;
/* Set if key initialised */
int
key_set
;
/* Set if an iv is set */
int
iv_set
;
/* Pointer to GCM128_CTX: FIXME actual structure later */
GCM128_CONTEXT
*
gcm
;
/* IV length */
int
ivlen
;
/* Tag to verify */
unsigned
char
tag
[
16
];
int
taglen
;
}
EVP_AES_GCM_CTX
;
static
int
aes_gcm_cleanup
(
EVP_CIPHER_CTX
*
c
)
{
EVP_AES_GCM_CTX
*
gctx
=
c
->
cipher_data
;
if
(
gctx
->
gcm
)
CRYPTO_gcm128_release
(
gctx
->
gcm
);
return
1
;
}
static
int
aes_gcm_ctrl
(
EVP_CIPHER_CTX
*
c
,
int
type
,
int
arg
,
void
*
ptr
)
{
EVP_AES_GCM_CTX
*
gctx
=
c
->
cipher_data
;
switch
(
type
)
{
case
EVP_CTRL_INIT
:
gctx
->
gcm
=
NULL
;
gctx
->
key_set
=
0
;
gctx
->
iv_set
=
0
;
gctx
->
ivlen
=
c
->
cipher
->
iv_len
;
gctx
->
taglen
=
-
1
;
return
1
;
case
EVP_CTRL_GCM_SET_IVLEN
:
if
(
arg
<=
0
)
return
0
;
gctx
->
ivlen
=
arg
;
return
1
;
case
EVP_CTRL_GCM_SET_TAG
:
if
(
arg
<=
0
||
arg
>
16
||
c
->
encrypt
)
return
0
;
memcpy
(
gctx
->
tag
,
ptr
,
arg
);
gctx
->
taglen
=
arg
;
return
1
;
case
EVP_CTRL_GCM_GET_TAG
:
if
(
arg
<=
0
||
arg
>
16
||
!
c
->
encrypt
||
gctx
->
taglen
<
0
)
return
0
;
memcpy
(
ptr
,
gctx
->
tag
,
arg
);
return
1
;
default:
return
-
1
;
}
}
static
int
aes_gcm_init_key
(
EVP_CIPHER_CTX
*
ctx
,
const
unsigned
char
*
key
,
const
unsigned
char
*
iv
,
int
enc
)
{
EVP_AES_GCM_CTX
*
gctx
=
ctx
->
cipher_data
;
if
(
!
iv
&&
!
key
)
return
1
;
if
(
key
)
{
AES_set_encrypt_key
(
key
,
ctx
->
key_len
*
8
,
&
gctx
->
ks
);
if
(
!
gctx
->
gcm
)
{
gctx
->
gcm
=
CRYPTO_gcm128_new
(
&
gctx
->
ks
,
(
block128_f
)
AES_encrypt
);
if
(
!
gctx
->
gcm
)
return
0
;
}
else
CRYPTO_gcm128_init
(
gctx
->
gcm
,
&
gctx
->
ks
,
(
block128_f
)
AES_encrypt
);
/* If we have an iv can set it directly, otherwise use
* saved IV.
*/
if
(
iv
==
NULL
&&
gctx
->
iv_set
)
iv
=
ctx
->
iv
;
if
(
iv
)
{
CRYPTO_gcm128_setiv
(
gctx
->
gcm
,
iv
,
gctx
->
ivlen
);
gctx
->
iv_set
=
1
;
}
gctx
->
key_set
=
1
;
}
else
{
/* If key set use IV, otherwise copy */
if
(
gctx
->
key_set
)
CRYPTO_gcm128_setiv
(
gctx
->
gcm
,
iv
,
gctx
->
ivlen
);
else
{
/* If IV is too large for EVP_CIPHER_CTX buffer
* return an error. This can be avoided by either
* setting the key first or key and iv simultaneously.
*/
if
(
gctx
->
ivlen
>
EVP_MAX_IV_LENGTH
)
return
0
;
memcpy
(
ctx
->
iv
,
iv
,
gctx
->
ivlen
);
}
gctx
->
iv_set
=
1
;
}
return
1
;
}
static
int
aes_gcm
(
EVP_CIPHER_CTX
*
ctx
,
unsigned
char
*
out
,
const
unsigned
char
*
in
,
size_t
len
)
{
EVP_AES_GCM_CTX
*
gctx
=
ctx
->
cipher_data
;
/* If not set up, return error */
if
(
!
gctx
->
iv_set
&&
!
gctx
->
key_set
)
return
-
1
;
if
(
!
ctx
->
encrypt
&&
gctx
->
taglen
<
0
)
return
-
1
;
if
(
in
)
{
if
(
out
==
NULL
)
CRYPTO_gcm128_aad
(
gctx
->
gcm
,
in
,
len
);
else
if
(
ctx
->
encrypt
)
CRYPTO_gcm128_encrypt
(
gctx
->
gcm
,
in
,
out
,
len
);
else
CRYPTO_gcm128_decrypt
(
gctx
->
gcm
,
in
,
out
,
len
);
return
len
;
}
else
{
if
(
!
ctx
->
encrypt
)
{
if
(
CRYPTO_gcm128_finish
(
gctx
->
gcm
,
gctx
->
tag
,
gctx
->
taglen
)
!=
0
)
return
-
1
;
gctx
->
iv_set
=
0
;
return
0
;
}
CRYPTO_gcm128_tag
(
gctx
->
gcm
,
gctx
->
tag
,
16
);
gctx
->
taglen
=
16
;
/* Don't reuse the IV */
gctx
->
iv_set
=
0
;
return
0
;
}
}
static
const
EVP_CIPHER
aes_128_gcm_cipher
=
{
NID_aes_128_gcm
,
1
,
16
,
12
,
EVP_CIPH_GCM_MODE
|
EVP_CIPH_FLAG_FIPS
|
EVP_CIPH_FLAG_DEFAULT_ASN1
|
EVP_CIPH_CUSTOM_IV
|
EVP_CIPH_FLAG_CUSTOM_CIPHER
|
EVP_CIPH_ALWAYS_CALL_INIT
|
EVP_CIPH_CTRL_INIT
,
aes_gcm_init_key
,
aes_gcm
,
aes_gcm_cleanup
,
sizeof
(
EVP_AES_GCM_CTX
),
NULL
,
NULL
,
aes_gcm_ctrl
,
NULL
};
const
EVP_CIPHER
*
EVP_aes_128_gcm
(
void
)
{
return
&
aes_128_gcm_cipher
;
}
static
const
EVP_CIPHER
aes_192_gcm_cipher
=
{
NID_aes_128_gcm
,
1
,
24
,
12
,
EVP_CIPH_GCM_MODE
|
EVP_CIPH_FLAG_FIPS
|
EVP_CIPH_FLAG_DEFAULT_ASN1
|
EVP_CIPH_CUSTOM_IV
|
EVP_CIPH_FLAG_CUSTOM_CIPHER
|
EVP_CIPH_ALWAYS_CALL_INIT
|
EVP_CIPH_CTRL_INIT
,
aes_gcm_init_key
,
aes_gcm
,
aes_gcm_cleanup
,
sizeof
(
EVP_AES_GCM_CTX
),
NULL
,
NULL
,
aes_gcm_ctrl
,
NULL
};
const
EVP_CIPHER
*
EVP_aes_192_gcm
(
void
)
{
return
&
aes_192_gcm_cipher
;
}
static
const
EVP_CIPHER
aes_256_gcm_cipher
=
{
NID_aes_128_gcm
,
1
,
32
,
12
,
EVP_CIPH_GCM_MODE
|
EVP_CIPH_FLAG_FIPS
|
EVP_CIPH_FLAG_DEFAULT_ASN1
|
EVP_CIPH_CUSTOM_IV
|
EVP_CIPH_FLAG_CUSTOM_CIPHER
|
EVP_CIPH_ALWAYS_CALL_INIT
|
EVP_CIPH_CTRL_INIT
,
aes_gcm_init_key
,
aes_gcm
,
aes_gcm_cleanup
,
sizeof
(
EVP_AES_GCM_CTX
),
NULL
,
NULL
,
aes_gcm_ctrl
,
NULL
};
const
EVP_CIPHER
*
EVP_aes_256_gcm
(
void
)
{
return
&
aes_256_gcm_cipher
;
}
#endif
crypto/evp/evp.h
浏览文件 @
bdaa5415
...
...
@@ -329,6 +329,7 @@ struct evp_cipher_st
#define EVP_CIPH_CFB_MODE 0x3
#define EVP_CIPH_OFB_MODE 0x4
#define EVP_CIPH_CTR_MODE 0x5
#define EVP_CIPH_GCM_MODE 0x6
#define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
#define EVP_CIPH_VARIABLE_LENGTH 0x8
...
...
@@ -370,6 +371,9 @@ struct evp_cipher_st
#define EVP_CTRL_RAND_KEY 0x6
#define EVP_CTRL_PBE_PRF_NID 0x7
#define EVP_CTRL_COPY 0x8
#define EVP_CTRL_GCM_SET_IVLEN 0x9
#define EVP_CTRL_GCM_GET_TAG 0x10
#define EVP_CTRL_GCM_SET_TAG 0x11
typedef
struct
evp_cipher_info_st
{
...
...
@@ -770,6 +774,7 @@ const EVP_CIPHER *EVP_aes_128_cfb128(void);
# define EVP_aes_128_cfb EVP_aes_128_cfb128
const
EVP_CIPHER
*
EVP_aes_128_ofb
(
void
);
const
EVP_CIPHER
*
EVP_aes_128_ctr
(
void
);
const
EVP_CIPHER
*
EVP_aes_128_gcm
(
void
);
const
EVP_CIPHER
*
EVP_aes_192_ecb
(
void
);
const
EVP_CIPHER
*
EVP_aes_192_cbc
(
void
);
const
EVP_CIPHER
*
EVP_aes_192_cfb1
(
void
);
...
...
@@ -778,6 +783,7 @@ const EVP_CIPHER *EVP_aes_192_cfb128(void);
# define EVP_aes_192_cfb EVP_aes_192_cfb128
const
EVP_CIPHER
*
EVP_aes_192_ofb
(
void
);
const
EVP_CIPHER
*
EVP_aes_192_ctr
(
void
);
const
EVP_CIPHER
*
EVP_aes_192_gcm
(
void
);
const
EVP_CIPHER
*
EVP_aes_256_ecb
(
void
);
const
EVP_CIPHER
*
EVP_aes_256_cbc
(
void
);
const
EVP_CIPHER
*
EVP_aes_256_cfb1
(
void
);
...
...
@@ -786,6 +792,7 @@ const EVP_CIPHER *EVP_aes_256_cfb128(void);
# define EVP_aes_256_cfb EVP_aes_256_cfb128
const
EVP_CIPHER
*
EVP_aes_256_ofb
(
void
);
const
EVP_CIPHER
*
EVP_aes_256_ctr
(
void
);
const
EVP_CIPHER
*
EVP_aes_256_gcm
(
void
);
#endif
#ifndef OPENSSL_NO_CAMELLIA
const
EVP_CIPHER
*
EVP_camellia_128_ecb
(
void
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录