Third phase of EVP cipher overhaul. (360370d9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+11 −1

Original line number	Diff line number	Diff line
		@@ -4,6 +4,17 @@

		Changes between 0.9.5a and 0.9.6 [xx XXX 2000]

		) Remove lots of duplicated code from the EVP library. For example every*
		cipher init() function handles the 'iv' in the same way according to the
		cipher mode. They also all do nothing if the 'key' parameter is NULL and
		for CFB and OFB modes they zero ctx->num.

		By shifting this to the top level EVP_CipherInit() it can be removed from
		all individual ciphers. If the cipher wants to handle IVs or keys
		differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT
		flags.
		[Steve Henson]

		*) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when
		the handshake is continued after ssl_verify_cert_chain();
		otherwise, if SSL_VERIFY_NONE is set, remaining error codes
		@@ -23,7 +34,6 @@
		Change lots of functions like EVP_EncryptUpdate() to now return a
		value: although software versions of the algorithms cannot fail
		any installed hardware versions can.

		[Steve Henson]

		*) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if

+6 −19

Original line number	Diff line number	Diff line
		@@ -113,18 +113,11 @@ static int des_cbc_ede_init_key(EVP_CIPHER_CTX ctx, unsigned char key,
		{
		des_cblock deskey = (des_cblock )key;

		if (iv != NULL)
		memcpy(&(ctx->oiv[0]),iv,8);
		memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);

		if (deskey != NULL)
		{
		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
		memcpy( (char *)ctx->c.des_ede.ks3,
		(char *)ctx->c.des_ede.ks1,
		sizeof(ctx->c.des_ede.ks1));
		}
		return 1;
		}

		@@ -133,16 +126,10 @@ static int des_cbc_ede3_init_key(EVP_CIPHER_CTX ctx, unsigned char key,
		{
		des_cblock deskey = (des_cblock )key;

		if (iv != NULL)
		memcpy(&(ctx->oiv[0]),iv,8);
		memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);

		if (deskey != NULL)
		{
		des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1);
		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);
		des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);
		}

		return 1;
		}

+1 −5

Original line number	Diff line number	Diff line
		@@ -89,10 +89,6 @@ EVP_CIPHER *EVP_bf_cbc(void)
		static int bf_cbc_init_key(EVP_CIPHER_CTX ctx, unsigned char key,
		unsigned char *iv, int enc)
		{
		if (iv != NULL)
		memcpy(&(ctx->oiv[0]),iv,8);
		memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
		if (key != NULL)
		BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);
		return 1;
		}

+1 −5

Original line number	Diff line number	Diff line
		@@ -90,10 +90,6 @@ EVP_CIPHER *EVP_cast5_cbc(void)
		static int cast_cbc_init_key(EVP_CIPHER_CTX ctx, unsigned char key,
		unsigned char *iv, int enc)
		{
		if (iv != NULL)
		memcpy(&(ctx->oiv[0]),iv,8);
		memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
		if (key != NULL)
		CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);
		return 1;
		}

+1 −5

Original line number	Diff line number	Diff line
		@@ -91,10 +91,6 @@ static int des_cbc_init_key(EVP_CIPHER_CTX ctx, unsigned char key,
		{
		des_cblock deskey = (des_cblock )key;

		if (iv != NULL)
		memcpy(&(ctx->oiv[0]),iv,8);
		memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
		if (deskey != NULL)
		des_set_key_unchecked(deskey,ctx->c.des_ks);
		return 1;
		}