Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for

OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).

CHANGES

@@ -12,6 +12,13 @@
          *) applies to 0.9.6a/0.9.6b and 0.9.7
          +) applies to 0.9.7 only
 
+  +) Cleanup of EVP macros.
+     [Ben Laurie]
+
+  +) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the
+     correct _ecb suffix.
+     [Ben Laurie]
+
   +) Add initial OCSP responder support to ocsp application. The
      revocation information is handled using the text based index
      use by the ca application. The responder can either handle

Configure

@@ -133,6 +133,7 @@ my %table=(
 "purify",	"purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
 "debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
 "debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::asm/bn86-elf.o asm/co86-elf.o",
+"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
 "debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
 "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",

crypto/evp/Makefile.ssl

@@ -32,7 +32,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
 	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
 	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
 	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
-	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c
+	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c openbsd_hw.c
 
 LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o \
 	e_des.o e_bf.o e_idea.o e_des3.o \
@@ -43,7 +43,7 @@ LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o \
 	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
 	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
 	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
-	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o
+	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o openbsd_hw.o
 
 SRC= $(LIBSRC)
 

crypto/evp/c_allc.c

@@ -82,7 +82,11 @@ void OpenSSL_add_all_ciphers(void)
 	EVP_add_cipher_alias(SN_des_cbc,"DES");
 	EVP_add_cipher_alias(SN_des_cbc,"des");
 	EVP_add_cipher(EVP_des_ede_cbc());
+# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+	EVP_add_cipher(EVP_dev_crypto_des_ede3_cbc());
+# else
 	EVP_add_cipher(EVP_des_ede3_cbc());
+# endif
 	EVP_add_cipher_alias(SN_des_ede3_cbc,"DES3");
 	EVP_add_cipher_alias(SN_des_ede3_cbc,"des3");
 

crypto/evp/e_des3.c

@@ -119,15 +119,12 @@ static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	return 1;
 }
 
-#define NID_des_ede_ecb NID_des_ede
-
 BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8,
 			0, des_ede_init_key, NULL, 
 			EVP_CIPHER_set_asn1_iv,
 			EVP_CIPHER_get_asn1_iv,
 			NULL)
 
-#define NID_des_ede3_ecb NID_des_ede3
 #define des_ede3_cfb_cipher des_ede_cfb_cipher
 #define des_ede3_ofb_cipher des_ede_ofb_cipher
 #define des_ede3_cbc_cipher des_ede_cbc_cipher

crypto/evp/evp.h

@@ -453,6 +453,9 @@ struct evp_cipher_ctx_st
 #endif
 #ifndef OPENSSL_NO_AES
 		RIJNDAEL_KEY rijndael;
+#endif
+#ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+		struct session_op *dev_crypto;
 #endif
 		} c;
 	int final_used;
@@ -674,6 +677,9 @@ const EVP_CIPHER *EVP_des_cbc(void);
 const EVP_CIPHER *EVP_des_ede_cbc(void);
 const EVP_CIPHER *EVP_des_ede3_cbc(void);
 const EVP_CIPHER *EVP_desx_cbc(void);
+# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
+# endif
 #endif
 #ifndef OPENSSL_NO_RC4
 const EVP_CIPHER *EVP_rc4(void);

crypto/evp/evp_locl.h

@@ -101,6 +101,61 @@ static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns
 	BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \
 	BLOCK_CIPHER_func_ofb(cname, cprefix, kname)
 
+#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
+			  key_len, iv_len, flags, init_key, cleanup, \
+			  set_asn1, get_asn1, ctrl) \
+static const EVP_CIPHER cname##_##mode = { \
+	nid##_##nmode, block_size, key_len, iv_len, \
+	flags | EVP_CIPH_##MODE##_MODE, \
+	init_key, \
+	cname##_##mode##_cipher, \
+	cleanup, \
+	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
+		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
+	set_asn1, get_asn1,\
+	ctrl, \
+	NULL \
+}; \
+const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
+
+#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
+			     iv_len, flags, init_key, cleanup, set_asn1, \
+			     get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
+		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, \
+			     iv_len, flags, init_key, cleanup, set_asn1, \
+			     get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, cfb64, cfb, CFB, kstruct, nid, block_size, key_len, \
+		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, \
+			     iv_len, flags, init_key, cleanup, set_asn1, \
+			     get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, ofb64, ofb, OFB, kstruct, nid, block_size, key_len, \
+		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
+			     iv_len, flags, init_key, cleanup, set_asn1, \
+			     get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
+		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_defs(cname, kstruct, \
+			  nid, block_size, key_len, iv_len, flags, \
+			  init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+		     init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_cfb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+		     init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_ofb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+		     init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+		     init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+
+/*
 #define BLOCK_CIPHER_defs(cname, kstruct, \
 				nid, block_size, key_len, iv_len, flags,\
 				 init_key, cleanup, set_asn1, get_asn1, ctrl)\
@@ -156,7 +211,7 @@ static const EVP_CIPHER cname##_ecb = {\
 	NULL \
 };\
 const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-
+*/
 
 
 #define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \

crypto/evp/openbsd_hw.c

+/*
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <fcntl.h>
+#include <stdio.h>
+#include <errno.h>
+#include <sys/ioctl.h>
+#include <crypto/cryptodev.h>
+#include <unistd.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include "evp_locl.h"
+#include <assert.h>
+
+// longest key supported in hardware
+#define MAX_HW_KEY	24
+
+static int fd;
+static int dev_failed;
+
+static void err(const char *str)
+    {
+    fprintf(stderr,"%s: errno %d\n",str,errno);
+    }
+
+static int dev_crypto_init(EVP_CIPHER_CTX *ctx)
+    {
+    if(dev_failed)
+	return 0;
+    if(!fd)
+	{
+	int cryptodev_fd;
+
+        if ((cryptodev_fd=open("/dev/crypto",O_RDWR,0)) < 0)
+	    {
+	    err("/dev/crypto");
+	    dev_failed=1;
+	    return 0;
+	    }
+        if (ioctl(cryptodev_fd,CRIOGET,&fd) == -1)
+	    {
+	    err("CRIOGET failed");
+	    close(cryptodev_fd);
+	    dev_failed=1;
+	    return 0;
+	    }
+	close(cryptodev_fd);
+	}
+    if(!ctx->c.dev_crypto)
+	{
+	ctx->c.dev_crypto=OPENSSL_malloc(sizeof *ctx->c.dev_crypto);
+	memset(ctx->c.dev_crypto,'\0',sizeof *ctx->c.dev_crypto);
+	ctx->c.dev_crypto->key=OPENSSL_malloc(MAX_HW_KEY);
+	}
+    
+    return 1;
+    }
+
+static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
+    {
+    if(ioctl(fd,CIOCFSESSION,ctx->c.dev_crypto->ses) == -1)
+	err("CIOCFSESSION failed");
+
+    OPENSSL_free(ctx->c.dev_crypto->key);
+    OPENSSL_free(ctx->c.dev_crypto);
+    ctx->c.dev_crypto=NULL;
+
+    return 1;
+    }
+
+// FIXME: there should be some non-fatal way to report we fell back to s/w?
+static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
+					const unsigned char *key,
+					const unsigned char *iv, int enc)
+    {
+    if(!dev_crypto_init(ctx))
+	{
+	// fall back to using software...
+	ctx->cipher=EVP_des_ede3_cbc();
+	return ctx->cipher->init(ctx,key,iv,enc);
+	}
+    memcpy(ctx->c.dev_crypto->key,key,24);
+    
+    ctx->c.dev_crypto->cipher=CRYPTO_3DES_CBC;
+    ctx->c.dev_crypto->mac=0;
+    ctx->c.dev_crypto->keylen=24;
+
+    if (ioctl(fd,CIOCGSESSION,ctx->c.dev_crypto) == -1)
+	{
+	err("CIOCGSESSION failed");
+	// fall back to using software...
+	dev_crypto_cleanup(ctx);
+	ctx->cipher=EVP_des_ede3_cbc();
+	return ctx->cipher->init(ctx,key,iv,enc);
+	}
+    return 1;
+    }
+
+static int dev_crypto_des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, 
+					  unsigned char *out,
+					  const unsigned char *in,
+					  unsigned int inl)
+    {
+    struct crypt_op cryp;
+    unsigned char lb[8];
+
+    assert(ctx->c.dev_crypto);
+    assert(!dev_failed);
+
+    memset(&cryp,'\0',sizeof cryp);
+    cryp.ses=ctx->c.dev_crypto->ses;
+    cryp.op=ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
+    cryp.flags=0;
+    //    cryp.len=((inl+7)/8)*8;
+    cryp.len=inl;
+    assert((inl&7) == 0);
+    cryp.src=(caddr_t)in;
+    cryp.dst=(caddr_t)out;
+    cryp.mac=0;
+    cryp.iv=(caddr_t)ctx->iv;
+
+    if(!ctx->encrypt)
+	memcpy(lb,&in[cryp.len-8],8);
+
+    if (ioctl(fd, CIOCCRYPT, &cryp) == -1)
+	{
+	err("CIOCCRYPT failed");
+	abort();
+	return 0;
+	}
+
+    if(ctx->encrypt)
+	memcpy(ctx->iv,&out[cryp.len-8],8);
+    else
+	memcpy(ctx->iv,lb,8);
+
+    return 1;
+    }
+
+BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, des_ede,NID_des_ede3, 8, 24, 8,
+		     0, dev_crypto_des_ede3_init_key,
+		     dev_crypto_cleanup, 
+		     EVP_CIPHER_set_asn1_iv,
+		     EVP_CIPHER_get_asn1_iv,
+		     NULL)

crypto/objects/obj_dat.h

@@ -99,7 +99,7 @@ static unsigned char lvalues[3792]={
 0x2B,0x0E,0x03,0x02,0x06,                    /* [187] OBJ_des_ecb */
 0x2B,0x0E,0x03,0x02,0x09,                    /* [192] OBJ_des_cfb64 */
 0x2B,0x0E,0x03,0x02,0x07,                    /* [197] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11,                    /* [202] OBJ_des_ede */
+0x2B,0x0E,0x03,0x02,0x11,                    /* [202] OBJ_des_ede_ecb */
 0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [207] OBJ_idea_cbc */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02,     /* [218] OBJ_rc2_cbc */
 0x2B,0x0E,0x03,0x02,0x12,                    /* [226] OBJ_sha */
@@ -578,8 +578,8 @@ static ASN1_OBJECT nid_objs[NUM_NID]={
 {"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[187]),0},
 {"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[192]),0},
 {"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[197]),0},
-{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[202]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL},
+{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[202]),0},
+{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL},
 {"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[207]),0},
 {"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
 {"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
@@ -2345,7 +2345,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={
 &(nid_objs[67]),/* OBJ_dsa_2                        1 3 14 3 2 12 */
 &(nid_objs[66]),/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
 &(nid_objs[42]),/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
-&(nid_objs[32]),/* OBJ_des_ede                      1 3 14 3 2 17 */
+&(nid_objs[32]),/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
 &(nid_objs[41]),/* OBJ_sha                          1 3 14 3 2 18 */
 &(nid_objs[64]),/* OBJ_sha1                         1 3 14 3 2 26 */
 &(nid_objs[70]),/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */

crypto/objects/obj_mac.h

@@ -1475,14 +1475,14 @@
 #define NID_shaWithRSAEncryption		42
 #define OBJ_shaWithRSAEncryption		OBJ_algorithm,15L
 
-#define SN_des_ede		"DES-EDE"
-#define LN_des_ede		"des-ede"
-#define NID_des_ede		32
-#define OBJ_des_ede		OBJ_algorithm,17L
-
-#define SN_des_ede3		"DES-EDE3"
-#define LN_des_ede3		"des-ede3"
-#define NID_des_ede3		33
+#define SN_des_ede_ecb		"DES-EDE"
+#define LN_des_ede_ecb		"des-ede"
+#define NID_des_ede_ecb		32
+#define OBJ_des_ede_ecb		OBJ_algorithm,17L
+
+#define SN_des_ede3_ecb		"DES-EDE3"
+#define LN_des_ede3_ecb		"des-ede3"
+#define NID_des_ede3_ecb		33
 
 #define SN_des_ede_cbc		"DES-EDE-CBC"
 #define LN_des_ede_cbc		"des-ede-cbc"

crypto/objects/obj_mac.num

@@ -30,8 +30,8 @@ dhKeyAgreement		28
 des_ecb		29
 des_cfb64		30
 des_cbc		31
-des_ede		32
-des_ede3		33
+des_ede_ecb		32
+des_ede3_ecb		33
 idea_cbc		34
 idea_cfb64		35
 idea_ecb		36

crypto/objects/objects.txt

@@ -486,7 +486,9 @@ algorithm 11		: rsaSignature
 algorithm 12		: DSA-old		: dsaEncryption-old
 algorithm 13		: DSA-SHA		: dsaWithSHA
 algorithm 15		: RSA-SHA		: shaWithRSAEncryption
+!Cname des-ede-ecb
 algorithm 17		: DES-EDE		: des-ede
+!Cname des-ede3-ecb
 			: DES-EDE3		: des-ede3
 			: DES-EDE-CBC		: des-ede-cbc
 !Cname des-ede-cfb64