[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Wed Jan 28 10:43:55 UTC 2015
The branch master has been updated
via dc0e9a35fa89c262833d6b498108acc58a70bdcb (commit)
via 488ede07bd9d2a2d3f63851eb28204c9ee998cf9 (commit)
via e640fa02005422c8783b7a452329e8a5059be0b5 (commit)
via d57d135c33938dfdac441c98b2c40183a8cb66b0 (commit)
from 646e8c1d6b30a2ed080ce5b968b49d234b42644f (commit)
- Log -----------------------------------------------------------------
commit dc0e9a35fa89c262833d6b498108acc58a70bdcb
Author: Matt Caswell <matt at openssl.org>
Date: Mon Dec 8 14:19:26 2014 +0000
Fix no-ocb for Windows
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 488ede07bd9d2a2d3f63851eb28204c9ee998cf9
Author: Matt Caswell <matt at openssl.org>
Date: Tue Jan 27 14:10:16 2015 +0000
Rationalise testing of AEAD modes
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit e640fa02005422c8783b7a452329e8a5059be0b5
Author: Matt Caswell <matt at openssl.org>
Date: Tue Jan 27 14:05:07 2015 +0000
Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit d57d135c33938dfdac441c98b2c40183a8cb66b0
Author: Matt Caswell <matt at openssl.org>
Date: Tue Jan 27 14:00:50 2015 +0000
Replace EVP_CTRL_OCB_SET_TAGLEN with EVP_CTRL_SET_TAG for consistency with
CCM
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/e_aes.c | 32 ++++++++++++------------
crypto/evp/evp.h | 20 +++++++--------
crypto/evp/evp_test.c | 53 +++++++++++-----------------------------
demos/evp/aesccm.c | 12 +++++----
demos/evp/aesgcm.c | 15 +++++++-----
doc/crypto/EVP_EncryptInit.pod | 27 +++++++++-----------
util/libeay.num | 26 ++++++++++----------
util/mk1mf.pl | 1 +
util/mkdef.pl | 8 ++++--
9 files changed, 87 insertions(+), 107 deletions(-)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 8b31388..15b233c 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1271,7 +1271,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
gctx->tls_aad_len = -1;
return 1;
- case EVP_CTRL_GCM_SET_IVLEN:
+ case EVP_CTRL_AEAD_SET_IVLEN:
if (arg <= 0)
return 0;
/* Allocate memory for IV if needed */
@@ -1285,14 +1285,14 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
gctx->ivlen = arg;
return 1;
- case EVP_CTRL_GCM_SET_TAG:
+ case EVP_CTRL_AEAD_SET_TAG:
if (arg <= 0 || arg > 16 || c->encrypt)
return 0;
memcpy(c->buf, ptr, arg);
gctx->taglen = arg;
return 1;
- case EVP_CTRL_GCM_GET_TAG:
+ case EVP_CTRL_AEAD_GET_TAG:
if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
return 0;
memcpy(ptr, c->buf, arg);
@@ -1870,7 +1870,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
cctx->len_set = 0;
return 1;
- case EVP_CTRL_CCM_SET_IVLEN:
+ case EVP_CTRL_AEAD_SET_IVLEN:
arg = 15 - arg;
case EVP_CTRL_CCM_SET_L:
if (arg < 2 || arg > 8)
@@ -1878,7 +1878,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
cctx->L = arg;
return 1;
- case EVP_CTRL_CCM_SET_TAG:
+ case EVP_CTRL_AEAD_SET_TAG:
if ((arg & 1) || arg < 4 || arg > 16)
return 0;
if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
@@ -1890,7 +1890,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
cctx->M = arg;
return 1;
- case EVP_CTRL_CCM_GET_TAG:
+ case EVP_CTRL_AEAD_GET_TAG:
if (!c->encrypt || !cctx->tag_set)
return 0;
if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
@@ -2217,7 +2217,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
octx->aad_buf_len = 0;
return 1;
- case EVP_CTRL_SET_IVLEN:
+ case EVP_CTRL_AEAD_SET_IVLEN:
/* IV len must be 1 to 15 */
if (arg <= 0 || arg > 15)
return 0;
@@ -2225,21 +2225,21 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
octx->ivlen = arg;
return 1;
- case EVP_CTRL_OCB_SET_TAGLEN:
- /* Tag len must be 0 to 16 */
- if (arg < 0 || arg > 16)
- return 0;
-
- octx->taglen = arg;
- return 1;
+ case EVP_CTRL_AEAD_SET_TAG:
+ if (!ptr) {
+ /* Tag len must be 0 to 16 */
+ if (arg < 0 || arg > 16)
+ return 0;
- case EVP_CTRL_SET_TAG:
+ octx->taglen = arg;
+ return 1;
+ }
if (arg != octx->taglen || c->encrypt)
return 0;
memcpy(octx->tag, ptr, arg);
return 1;
- case EVP_CTRL_GET_TAG:
+ case EVP_CTRL_AEAD_GET_TAG:
if (arg != octx->taglen || !c->encrypt)
return 0;
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 74f6217..ff6665d 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -397,14 +397,17 @@ struct evp_cipher_st {
# define EVP_CTRL_RAND_KEY 0x6
# define EVP_CTRL_PBE_PRF_NID 0x7
# define EVP_CTRL_COPY 0x8
-# define EVP_CTRL_GCM_SET_IVLEN 0x9
-# define EVP_CTRL_GCM_GET_TAG 0x10
-# define EVP_CTRL_GCM_SET_TAG 0x11
+# define EVP_CTRL_AEAD_SET_IVLEN 0x9
+# define EVP_CTRL_AEAD_GET_TAG 0x10
+# define EVP_CTRL_AEAD_SET_TAG 0x11
+# define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
+# define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
+# define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
# define EVP_CTRL_GCM_SET_IV_FIXED 0x12
# define EVP_CTRL_GCM_IV_GEN 0x13
-# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
-# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
-# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
+# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
+# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
+# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
# define EVP_CTRL_CCM_SET_L 0x14
# define EVP_CTRL_CCM_SET_MSGLEN 0x15
/*
@@ -430,11 +433,6 @@ typedef struct {
unsigned int interleave;
} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
-# define EVP_CTRL_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
-# define EVP_CTRL_GET_TAG EVP_CTRL_GCM_GET_TAG
-# define EVP_CTRL_SET_TAG EVP_CTRL_GCM_SET_TAG
-# define EVP_CTRL_OCB_SET_TAGLEN 0x1c
-
/* GCM TLS constants */
/* Length of fixed part of IV derived from PRF */
# define EVP_GCM_TLS_FIXED_IV_LEN 4
diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c
index dde9e16..597b9fe 100644
--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -173,20 +173,20 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
if (encdec != 0) {
- if ((mode == EVP_CIPH_GCM_MODE) || (mode == EVP_CIPH_OCB_MODE)) {
+ if ((mode == EVP_CIPH_GCM_MODE) || (mode == EVP_CIPH_OCB_MODE)
+ || (mode == EVP_CIPH_CCM_MODE)) {
if (!EVP_EncryptInit_ex(ctx, c, NULL, NULL, NULL)) {
fprintf(stderr, "EncryptInit failed\n");
ERR_print_errors_fp(stderr);
test1_exit(10);
}
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) {
fprintf(stderr, "IV length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(11);
}
- if ((mode == EVP_CIPH_OCB_MODE) &&
- !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_OCB_SET_TAGLEN, tn, NULL))
- {
+ if ((mode != EVP_CIPH_GCM_MODE) &&
+ !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tn, NULL)) {
fprintf(stderr, "Tag length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(15);
@@ -196,33 +196,8 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp(stderr);
test1_exit(12);
}
- if (an && !EVP_EncryptUpdate(ctx, NULL, &outl, aad, an)) {
- fprintf(stderr, "AAD set failed\n");
- ERR_print_errors_fp(stderr);
- test1_exit(13);
- }
- } else if (mode == EVP_CIPH_CCM_MODE) {
- if (!EVP_EncryptInit_ex(ctx, c, NULL, NULL, NULL)) {
- fprintf(stderr, "EncryptInit failed\n");
- ERR_print_errors_fp(stderr);
- test1_exit(10);
- }
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) {
- fprintf(stderr, "IV length set failed\n");
- ERR_print_errors_fp(stderr);
- test1_exit(11);
- }
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL)) {
- fprintf(stderr, "Tag length set failed\n");
- ERR_print_errors_fp(stderr);
- test1_exit(11);
- }
- if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) {
- fprintf(stderr, "Key/IV set failed\n");
- ERR_print_errors_fp(stderr);
- test1_exit(12);
- }
- if (!EVP_EncryptUpdate(ctx, NULL, &outl, NULL, pn)) {
+ if ((mode == EVP_CIPH_CCM_MODE) &&
+ !EVP_EncryptUpdate(ctx, NULL, &outl, NULL, pn)) {
fprintf(stderr, "Plaintext length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(12);
@@ -274,7 +249,7 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
|| (mode == EVP_CIPH_CCM_MODE)) {
unsigned char rtag[16];
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_TAG, tn, rtag)) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tn, rtag)) {
fprintf(stderr, "Get tag failed\n");
ERR_print_errors_fp(stderr);
test1_exit(14);
@@ -295,14 +270,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp(stderr);
test1_exit(10);
}
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, in, NULL)) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) {
fprintf(stderr, "IV length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(11);
}
if ((mode == EVP_CIPH_OCB_MODE) &&
- !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_OCB_SET_TAGLEN, tn, NULL))
- {
+ !EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tn, NULL)) {
fprintf(stderr, "Tag length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(15);
@@ -312,7 +286,8 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp(stderr);
test1_exit(12);
}
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, tn, (void *)tag)) {
+ if (!EVP_CIPHER_CTX_ctrl
+ (ctx, EVP_CTRL_AEAD_SET_TAG, tn, (void *)tag)) {
fprintf(stderr, "Set tag failed\n");
ERR_print_errors_fp(stderr);
test1_exit(14);
@@ -328,13 +303,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp(stderr);
test1_exit(10);
}
- if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) {
+ if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, in, NULL)) {
fprintf(stderr, "IV length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(11);
}
if (!EVP_CIPHER_CTX_ctrl
- (ctx, EVP_CTRL_CCM_SET_TAG, tn, (void *)tag)) {
+ (ctx, EVP_CTRL_AEAD_SET_TAG, tn, (void *)tag)) {
fprintf(stderr, "Tag length set failed\n");
ERR_print_errors_fp(stderr);
test1_exit(11);
diff --git a/demos/evp/aesccm.c b/demos/evp/aesccm.c
index 1810a51..e0240e5 100644
--- a/demos/evp/aesccm.c
+++ b/demos/evp/aesccm.c
@@ -50,9 +50,10 @@ void aes_ccm_encrypt(void)
/* Set cipher type and mode */
EVP_EncryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL);
/* Set nonce length if default 96 bits is not appropriate */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(ccm_nonce),
+ NULL);
/* Set tag length */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, sizeof(ccm_tag), NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(ccm_tag), NULL);
/* Initialise key and IV */
EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce);
/* Set plaintext length: only needed if AAD is used */
@@ -67,7 +68,7 @@ void aes_ccm_encrypt(void)
/* Finalise: note get no output for CCM */
EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
/* Get tag */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, outbuf);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf);
/* Output tag */
printf("Tag:\n");
BIO_dump_fp(stdout, outbuf, 16);
@@ -86,9 +87,10 @@ void aes_ccm_decrypt(void)
/* Select cipher */
EVP_DecryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL);
/* Set nonce length, omit for 96 bits */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(ccm_nonce),
+ NULL);
/* Set expected tag value */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG,
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
sizeof(ccm_tag), (void *)ccm_tag);
/* Specify key and IV */
EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce);
diff --git a/demos/evp/aesgcm.c b/demos/evp/aesgcm.c
index 12d4192..9159c5c 100644
--- a/demos/evp/aesgcm.c
+++ b/demos/evp/aesgcm.c
@@ -50,7 +50,7 @@ void aes_gcm_encrypt(void)
/* Set cipher type and mode */
EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
/* Set IV length if default 96 bits is not appropriate */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
/* Initialise key and IV */
EVP_EncryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
/* Zero or more calls to specify any AAD */
@@ -63,7 +63,7 @@ void aes_gcm_encrypt(void)
/* Finalise: note get no output for GCM */
EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
/* Get tag */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, outbuf);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, outbuf);
/* Output tag */
printf("Tag:\n");
BIO_dump_fp(stdout, outbuf, 16);
@@ -82,7 +82,7 @@ void aes_gcm_decrypt(void)
/* Select cipher */
EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
/* Set IV length, omit for 96 bits */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
/* Specify key and IV */
EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
#if 0
@@ -90,7 +90,7 @@ void aes_gcm_decrypt(void)
* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext
*/
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag);
#endif
/* Zero or more calls to specify any AAD */
EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));
@@ -99,8 +99,11 @@ void aes_gcm_decrypt(void)
/* Output decrypted block */
printf("Plaintext:\n");
BIO_dump_fp(stdout, outbuf, outlen);
- /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag);
+ /*
+ * Set expected tag value. Works in OpenSSL 1.0.1d and later
+ * In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG
+ */
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag), gcm_tag);
/* Finalise: note get no output for GCM */
rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);
/*
diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index 6940de6..6d897da 100644
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -399,41 +399,38 @@ indicates if the operation was successful. If it does not indicate success
the authentication operation has failed and any output data B<MUST NOT>
be used as it is corrupted.
-The following ctrl is supported in OCB mode only:
-
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_OCB_SET_TAGLEN, taglen, NULL);
-
-Sets the tag length: this call can only be made before specifying an IV. If
-not called a default tag length is used. For OCB AES the default is 16 (i.e. 128
-bits). This is also the maximum tag length.
-
The following ctrls are supported in both GCM and OCB modes:
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, ivlen, NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL);
Sets the IV length: this call can only be made before specifying an IV. If
not called a default IV length is used. For GCM AES and OCB AES the default is
12 (i.e. 96 bits). For OCB mode the maximum is 15.
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_TAG, taglen, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag);
Writes B<taglen> bytes of the tag value to the buffer indicated by B<tag>.
This call can only be made when encrypting data and B<after> all data has been
processed (e.g. after an EVP_EncryptFinal() call). For OCB mode the taglen must
either be 16 or the value previously set via EVP_CTRL_OCB_SET_TAGLEN.
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, taglen, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag);
Sets the expected tag to B<taglen> bytes from B<tag>. This call is only legal
when decrypting data and must be made B<before> any data is processed (e.g.
before any EVP_DecryptUpdate() call). For OCB mode the taglen must
-either be 16 or the value previously set via EVP_CTRL_OCB_SET_TAGLEN.
+either be 16 or the value previously set via EVP_CTRL_AEAD_SET_TAG.
+
+In OCB mode calling this with B<tag> set to NULL sets the tag length. The tag
+length can only be set before specifying an IV. If not called a default tag
+length is used. For OCB AES the default is 16 (i.e. 128 bits). This is also the
+maximum tag length for OCB.
See L<EXAMPLES> below for an example of the use of GCM mode.
=head1 CCM Mode
-The behaviour of CCM mode ciphers is similar to CCM mode but with a few
+The behaviour of CCM mode ciphers is similar to GCM mode but with a few
additional requirements and different ctrl values.
Like GCM and OCB modes any additional authenticated data (AAD) is passed by calling
@@ -445,7 +442,7 @@ set to B<NULL> and the length passed in the B<inl> parameter.
The following ctrls are supported in CCM mode:
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, taglen, tag);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag);
This call is made to set the expected B<CCM> tag value when decrypting or
the length of the tag (with the B<tag> parameter set to NULL) when encrypting.
@@ -456,7 +453,7 @@ used (12 for AES).
Sets the CCM B<L> value. If not set a default is used (8 for AES).
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, ivlen, NULL);
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL);
Sets the CCM nonce (IV) length: this call can only be made before specifying
an nonce value. The nonce length is given by B<15 - L> so it is 7 by default
diff --git a/util/libeay.num b/util/libeay.num
index 6859081..03f0d39 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4515,21 +4515,21 @@ i2s_ASN1_IA5STRING 4874 EXIST::FUNCTION:
s2i_ASN1_IA5STRING 4875 EXIST::FUNCTION:
FIPS_dsa_sign_ctx 4876 NOEXIST::FUNCTION:
CRYPTO_ocb128_release 4878 NOEXIST::FUNCTION:
-CRYPTO_ocb128_new 4879 EXIST::FUNCTION:
-CRYPTO_ocb128_finish 4880 EXIST::FUNCTION:
-EVP_aes_256_ocb 4881 EXIST::FUNCTION:AES
-CRYPTO_ocb128_setiv 4882 EXIST::FUNCTION:
-CRYPTO_ocb128_aad 4883 EXIST::FUNCTION:
-CRYPTO_ocb128_decrypt 4884 EXIST::FUNCTION:
-CRYPTO_ocb128_tag 4885 EXIST::FUNCTION:
-EVP_aes_192_ocb 4886 EXIST::FUNCTION:AES
-EVP_aes_128_ocb 4887 EXIST::FUNCTION:AES
-CRYPTO_ocb128_init 4888 EXIST::FUNCTION:
-CRYPTO_ocb128_encrypt 4889 EXIST::FUNCTION:
-CRYPTO_ocb128_copy_ctx 4890 EXIST::FUNCTION:
+CRYPTO_ocb128_new 4879 EXIST::FUNCTION:OCB
+CRYPTO_ocb128_finish 4880 EXIST::FUNCTION:OCB
+EVP_aes_256_ocb 4881 EXIST::FUNCTION:AES,OCB
+CRYPTO_ocb128_setiv 4882 EXIST::FUNCTION:OCB
+CRYPTO_ocb128_aad 4883 EXIST::FUNCTION:OCB
+CRYPTO_ocb128_decrypt 4884 EXIST::FUNCTION:OCB
+CRYPTO_ocb128_tag 4885 EXIST::FUNCTION:OCB
+EVP_aes_192_ocb 4886 EXIST::FUNCTION:AES,OCB
+EVP_aes_128_ocb 4887 EXIST::FUNCTION:AES,OCB
+CRYPTO_ocb128_init 4888 EXIST::FUNCTION:OCB
+CRYPTO_ocb128_encrypt 4889 EXIST::FUNCTION:OCB
+CRYPTO_ocb128_copy_ctx 4890 EXIST::FUNCTION:OCB
BN_is_word 4891 EXIST::FUNCTION:
BN_GENCB_set 4892 EXIST::FUNCTION:
-CRYPTO_ocb128_cleanup 4893 EXIST::FUNCTION:
+CRYPTO_ocb128_cleanup 4893 EXIST::FUNCTION:OCB
BN_GENCB_set_old 4894 EXIST::FUNCTION:
BN_is_zero 4895 EXIST::FUNCTION:
BN_with_flags 4896 EXIST::FUNCTION:
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index 5424ed5..01329b7 100755
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -1457,6 +1457,7 @@ sub read_options
"no-ssl-trace" => 0,
"no-unit-test" => 0,
"no-deprecated" => 0,
+ "no-ocb" => 0,
"fips" => \$fips,
"fipscanisterbuild" => [\$fips, \$fipscanisterbuild],
"fipscanisteronly" => [\$fips, \$fipscanisterbuild, \$fipscanisteronly],
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 1dbd555..b67d14b 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -120,7 +120,9 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# SSL TRACE
"SSL_TRACE",
# Unit testing
- "UNIT_TEST");
+ "UNIT_TEST",
+ # OCB mode
+ "OCB");
my $options="";
open(IN,"<Makefile") || die "unable to open Makefile!\n";
@@ -141,7 +143,7 @@ my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
my $no_jpake; my $no_srp; my $no_ec2m; my $no_nistp_gcc;
my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;
-my $no_unit_test; my $no_ssl3_method;
+my $no_unit_test; my $no_ssl3_method; my $no_ocb;
my $fips;
@@ -243,6 +245,7 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-srtp$/) { $no_srtp=1; }
elsif (/^no-unit-test$/){ $no_unit_test=1; }
elsif (/^no-deprecated$/) { $no_deprecated=1; }
+ elsif (/^no-ocb/){ $no_ocb=1; }
}
@@ -1221,6 +1224,7 @@ sub is_valid
if ($keyword eq "SRTP" && $no_srtp) { return 0; }
if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
+ if ($keyword eq "OCB" && $no_ocb) { return 0; }
# Nothing recognise as true
return 1;
More information about the openssl-commits
mailing list