Commit be06a934 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files 

Second phase of EVP cipher overhaul.

Change functions like EVP_EncryptUpdate() so they now return a
value. These normally have software only implementations
which cannot fail so this was acceptable. However ciphers
can be implemented in hardware and these could return errors.
parent 7f060601

CHANGES

+9 −3
Original line number Diff line number Diff line
@@ -9,9 +9,15 @@ 
     support added for variable key length ciphers via the

     EVP_CIPHER_CTX_set_key_length() function. Other cipher specific

     parameters will be added later via the new catchall 'ctrl' function.

     New functionality allows removal of S/MIME code RC2 hack. Still needs

     support in other library functions, also need to add return codes to

     some EVP functions.

     New functionality allows removal of S/MIME code RC2 hack.



     Still needs support in other library functions, and allow parameter

     setting for algorithms like RC2, RC5.



     Change lots of functions like EVP_EncryptUpdate() to now return a

     value: although software versions of the algorithms cannot fail

     any installed hardware versions can.



     [Steve Henson]



  *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if

crypto/evp/e_cbc_3d.c

+9 −6
Original line number Diff line number Diff line
@@ -62,11 +62,11 @@ 
#include <openssl/evp.h>

#include <openssl/objects.h>



static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	unsigned char *iv,int enc);

static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	unsigned char *iv,int enc);

static void des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	unsigned char *in, unsigned int inl);

static EVP_CIPHER d_cbc_ede_cipher2=

	{
@@ -108,7 +108,7 @@ EVP_CIPHER *EVP_des_ede3_cbc(void) 
	return(&d_cbc_ede_cipher3);

	}

	

static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	     unsigned char *iv, int enc)

	{

	des_cblock *deskey = (des_cblock *)key;
@@ -125,9 +125,10 @@ static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 
			(char *)ctx->c.des_ede.ks1,

			sizeof(ctx->c.des_ede.ks1));

		}

	return 1;

	}



static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	     unsigned char *iv, int enc)

	{

	des_cblock *deskey = (des_cblock *)key;
@@ -142,14 +143,16 @@ static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 
		des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2);

		des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3);

		}

	return 1;

	}



static void des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	     unsigned char *in, unsigned int inl)

	{

	des_ede3_cbc_encrypt(in,out,inl, ctx->c.des_ede.ks1,

		ctx->c.des_ede.ks2,ctx->c.des_ede.ks3,

		(des_cblock *) &(ctx->iv[0]),

		ctx->encrypt);

	return 1;

	}

#endif

crypto/evp/e_cbc_bf.c

+6 −4
Original line number Diff line number Diff line
@@ -62,9 +62,9 @@ 
#include <openssl/evp.h>

#include <openssl/objects.h>



static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	unsigned char *iv,int enc);

static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	unsigned char *in, unsigned int inl);

static EVP_CIPHER bfish_cbc_cipher=

	{
@@ -86,7 +86,7 @@ EVP_CIPHER *EVP_bf_cbc(void) 
	return(&bfish_cbc_cipher);

	}

	

static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	     unsigned char *iv, int enc)

	{

	if (iv != NULL)
@@ -94,15 +94,17 @@ static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 
	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);

	if (key != NULL)

		BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key);

	return 1;

	}



static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	     unsigned char *in, unsigned int inl)

	{

	BF_cbc_encrypt(

		in,out,(long)inl,

		&(ctx->c.bf_ks),&(ctx->iv[0]),

		ctx->encrypt);

	return 1;

	}



#endif

crypto/evp/e_cbc_c.c

+6 −4
Original line number Diff line number Diff line
@@ -63,9 +63,9 @@ 
#include <openssl/evp.h>

#include <openssl/objects.h>



static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	unsigned char *iv,int enc);

static void cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	unsigned char *in, unsigned int inl);

static EVP_CIPHER cast5_cbc_cipher=

	{
@@ -87,7 +87,7 @@ EVP_CIPHER *EVP_cast5_cbc(void) 
	return(&cast5_cbc_cipher);

	}

	

static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	     unsigned char *iv, int enc)

	{

	if (iv != NULL)
@@ -95,15 +95,17 @@ static void cast_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 
	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);

	if (key != NULL)

		CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key);

	return 1;

	}



static void cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int cast_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	     unsigned char *in, unsigned int inl)

	{

	CAST_cbc_encrypt(

		in,out,(long)inl,

		&(ctx->c.cast_ks),&(ctx->iv[0]),

		ctx->encrypt);

	return 1;

	}



#endif

crypto/evp/e_cbc_d.c

+6 −4
Original line number Diff line number Diff line
@@ -62,9 +62,9 @@ 
#include <openssl/evp.h>

#include <openssl/objects.h>



static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	unsigned char *iv,int enc);

static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	unsigned char *in, unsigned int inl);

static EVP_CIPHER d_cbc_cipher=

	{
@@ -86,7 +86,7 @@ EVP_CIPHER *EVP_des_cbc(void) 
	return(&d_cbc_cipher);

	}

	

static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

static int des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,

	     unsigned char *iv, int enc)

	{

	des_cblock *deskey = (des_cblock *)key;
@@ -96,13 +96,15 @@ static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key, 
	memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);

	if (deskey != NULL)

		des_set_key_unchecked(deskey,ctx->c.des_ks);

	return 1;

	}



static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

	     unsigned char *in, unsigned int inl)

	{

	des_ncbc_encrypt(in,out,inl,ctx->c.des_ks,

		(des_cblock *)&(ctx->iv[0]),

		ctx->encrypt);

	return 1;

	}

#endif