[openssl] master update

shane.lontis at oracle.com shane.lontis at oracle.com
Mon Sep 23 04:36:15 UTC 2019


The branch master has been updated
       via  e3f3ee448f6c9d6765efc8739a09def8a04f0dc0 (commit)
      from  a941054ad7f5af9445896a37754ae451fad7ed98 (commit)


- Log -----------------------------------------------------------------
commit e3f3ee448f6c9d6765efc8739a09def8a04f0dc0
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Mon Sep 23 14:35:16 2019 +1000

    Add des ciphers to default provider
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9954)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/evp_enc.c                              |   6 +
 crypto/include/internal/ciphermode_platform.h     |   4 +
 providers/common/include/internal/provider_algs.h |  14 +-
 providers/default/ciphers/build.info              |   3 +-
 providers/default/ciphers/cipher_des.c            | 163 ++++++++++++++++++++
 providers/default/ciphers/cipher_des.h            |  33 +++++
 providers/default/ciphers/cipher_des_hw.c         | 173 ++++++++++++++++++++++
 providers/default/defltprov.c                     |   6 +
 test/recipes/30-test_evp.t                        |   3 +
 test/recipes/30-test_evp_data/evpciph.txt         |  44 ------
 test/recipes/30-test_evp_data/evpciph_des.txt     |  64 ++++++++
 11 files changed, 465 insertions(+), 48 deletions(-)
 create mode 100644 providers/default/ciphers/cipher_des.c
 create mode 100644 providers/default/ciphers/cipher_des.h
 create mode 100644 providers/default/ciphers/cipher_des_hw.c
 create mode 100644 test/recipes/30-test_evp_data/evpciph_des.txt

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index ce1136116c..8290494cb0 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -239,6 +239,12 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
         case NID_des_ede_ofb64:
         case NID_des_ede_cfb64:
         case NID_desx_cbc:
+        case NID_des_cbc:
+        case NID_des_ecb:
+        case NID_des_cfb1:
+        case NID_des_cfb8:
+        case NID_des_cfb64:
+        case NID_des_ofb64:
         case NID_id_smime_alg_CMS3DESwrap:
         case NID_bf_cbc:
         case NID_bf_ecb:
diff --git a/crypto/include/internal/ciphermode_platform.h b/crypto/include/internal/ciphermode_platform.h
index a99ce0d495..b16062fa93 100644
--- a/crypto/include/internal/ciphermode_platform.h
+++ b/crypto/include/internal/ciphermode_platform.h
@@ -296,6 +296,10 @@ void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
                              const DES_key_schedule ks[3], unsigned char iv[8]);
 void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
                              const DES_key_schedule ks[3], unsigned char iv[8]);
+void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
+                        const DES_key_schedule *ks, unsigned char iv[8]);
+void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
+                        const DES_key_schedule *ks, unsigned char iv[8]);
 #  endif /*  OPENSSL_NO_DES */
 
 # elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
diff --git a/providers/common/include/internal/provider_algs.h b/providers/common/include/internal/provider_algs.h
index 3b0a9e4a8e..bca972d97a 100644
--- a/providers/common/include/internal/provider_algs.h
+++ b/providers/common/include/internal/provider_algs.h
@@ -160,10 +160,10 @@ extern const OSSL_DISPATCH sm4128ofb128_functions[];
 extern const OSSL_DISPATCH sm4128cfb128_functions[];
 #endif /* OPENSSL_NO_SM4 */
 
+#ifndef OPENSSL_NO_DES
 extern const OSSL_DISPATCH tdes_ede3_ecb_functions[];
 extern const OSSL_DISPATCH tdes_ede3_cbc_functions[];
-
-#ifndef FIPS_MODE
+# ifndef FIPS_MODE
 extern const OSSL_DISPATCH tdes_ede3_ofb_functions[];
 extern const OSSL_DISPATCH tdes_ede3_cfb_functions[];
 extern const OSSL_DISPATCH tdes_ede3_cfb8_functions[];
@@ -176,7 +176,15 @@ extern const OSSL_DISPATCH tdes_ede2_cfb_functions[];
 
 extern const OSSL_DISPATCH tdes_desx_cbc_functions[];
 extern const OSSL_DISPATCH tdes_wrap_cbc_functions[];
-#endif /* FIPS_MODE */
+
+extern const OSSL_DISPATCH des_ecb_functions[];
+extern const OSSL_DISPATCH des_cbc_functions[];
+extern const OSSL_DISPATCH des_ofb64_functions[];
+extern const OSSL_DISPATCH des_cfb64_functions[];
+extern const OSSL_DISPATCH des_cfb1_functions[];
+extern const OSSL_DISPATCH des_cfb8_functions[];
+# endif /* FIPS_MODE */
+#endif /* OPENSSL_NO_DES */
 
 /* MACs */
 extern const OSSL_DISPATCH blake2bmac_functions[];
diff --git a/providers/default/ciphers/build.info b/providers/default/ciphers/build.info
index 02e0f7fa51..f942ccc030 100644
--- a/providers/default/ciphers/build.info
+++ b/providers/default/ciphers/build.info
@@ -4,7 +4,8 @@ IF[{- !$disabled{des} -}]
   SOURCE[../../../libcrypto]=\
       cipher_tdes_default.c cipher_tdes_default_hw.c \
       cipher_tdes_wrap.c cipher_tdes_wrap_hw.c \
-      cipher_desx.c cipher_desx_hw.c
+      cipher_desx.c cipher_desx_hw.c \
+      cipher_des.c cipher_des_hw.c
 ENDIF
 
 IF[{- !$disabled{aria} -}]
diff --git a/providers/default/ciphers/cipher_des.c b/providers/default/ciphers/cipher_des.c
new file mode 100644
index 0000000000..a1976fb737
--- /dev/null
+++ b/providers/default/ciphers/cipher_des.c
@@ -0,0 +1,163 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_locl.h"
+#include "cipher_des.h"
+#include "internal/rand_int.h"
+#include "internal/provider_algs.h"
+#include "internal/providercommonerr.h"
+
+/* TODO(3.0) Figure out what flags need to be here */
+#define DES_FLAGS (EVP_CIPH_RAND_KEY)
+
+static OSSL_OP_cipher_freectx_fn des_freectx;
+static OSSL_OP_cipher_encrypt_init_fn des_einit;
+static OSSL_OP_cipher_decrypt_init_fn des_dinit;
+static OSSL_OP_cipher_get_ctx_params_fn des_get_ctx_params;
+static OSSL_OP_cipher_gettable_ctx_params_fn des_gettable_ctx_params;
+
+static void *des_newctx(void *provctx, size_t kbits, size_t blkbits,
+                        size_t ivbits, unsigned int mode, uint64_t flags,
+                        const PROV_CIPHER_HW *hw)
+{
+    PROV_DES_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+    if (ctx != NULL)
+        cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, hw,
+                               provctx);
+    return ctx;
+}
+
+static void des_freectx(void *vctx)
+{
+    PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
+
+    OPENSSL_clear_free(ctx,  sizeof(*ctx));
+}
+
+static int des_init(void *vctx, const unsigned char *key, size_t keylen,
+                    const unsigned char *iv, size_t ivlen, int enc)
+{
+    PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
+
+    ctx->enc = enc;
+
+    if (iv != NULL) {
+        if (ivlen != ctx->ivlen) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN);
+            return 0;
+        }
+        memcpy(ctx->iv, iv, ivlen);
+    }
+
+    if (key != NULL) {
+        if (keylen != ctx->keylen) {
+            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN);
+            return 0;
+        }
+        return ctx->hw->init(ctx, key, keylen);
+    }
+    return 1;
+}
+
+static int des_einit(void *vctx, const unsigned char *key, size_t keylen,
+                     const unsigned char *iv, size_t ivlen)
+{
+    return des_init(vctx, key, keylen, iv, ivlen, 1);
+}
+
+static int des_dinit(void *vctx, const unsigned char *key, size_t keylen,
+                     const unsigned char *iv, size_t ivlen)
+{
+    return des_init(vctx, key, keylen, iv, ivlen, 0);
+}
+
+static int des_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
+{
+
+    DES_cblock *deskey = ptr;
+    size_t kl = ctx->keylen;
+
+    if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
+        return 0;
+    DES_set_odd_parity(deskey);
+    return 1;
+}
+
+CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(des)
+    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
+CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(des)
+
+static int des_get_ctx_params(void *vctx, OSSL_PARAM params[])
+{
+    PROV_CIPHER_CTX  *ctx = (PROV_CIPHER_CTX *)vctx;
+    OSSL_PARAM *p;
+
+    if (!cipher_generic_get_ctx_params(vctx, params))
+        return 0;
+
+    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
+    if (p != NULL && !des_generatekey(ctx, p->data)) {
+        ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);
+        return 0;
+    }
+    return 1;
+}
+
+#define IMPLEMENT_des_cipher(type, lcmode, UCMODE, flags,                      \
+                             kbits, blkbits, ivbits, block)                    \
+static OSSL_OP_cipher_newctx_fn type##_##lcmode##_newctx;                      \
+static void *des_##lcmode##_newctx(void *provctx)                              \
+{                                                                              \
+    return des_newctx(provctx, kbits, blkbits, ivbits,                         \
+                      EVP_CIPH_##UCMODE##_MODE, flags,                         \
+                      PROV_CIPHER_HW_des_##lcmode());                          \
+}                                                                              \
+static OSSL_OP_cipher_get_params_fn des_##lcmode##_get_params;                 \
+static int des_##lcmode##_get_params(OSSL_PARAM params[])                      \
+{                                                                              \
+    return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags,  \
+                                     kbits, blkbits, ivbits);                  \
+}                                                                              \
+const OSSL_DISPATCH des_##lcmode##_functions[] = {                             \
+    { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))des_einit },              \
+    { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))des_dinit },              \
+    { OSSL_FUNC_CIPHER_UPDATE,                                                 \
+      (void (*)(void))cipher_generic_##block##_update },                       \
+    { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##block##_final },\
+    { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher },        \
+    { OSSL_FUNC_CIPHER_NEWCTX,                                                 \
+      (void (*)(void))des_##lcmode##_newctx },                                 \
+    { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))des_freectx },                 \
+    { OSSL_FUNC_CIPHER_GET_PARAMS,                                             \
+      (void (*)(void))des_##lcmode##_get_params },                             \
+    { OSSL_FUNC_CIPHER_GETTABLE_PARAMS,                                        \
+      (void (*)(void))cipher_generic_gettable_params },                        \
+    { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))des_get_ctx_params },   \
+    { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS,                                    \
+      (void (*)(void))des_gettable_ctx_params },                               \
+    { OSSL_FUNC_CIPHER_SET_CTX_PARAMS,                                         \
+     (void (*)(void))cipher_generic_set_ctx_params },                          \
+    { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS,                                    \
+     (void (*)(void))cipher_generic_settable_ctx_params },                     \
+    { 0, NULL }                                                                \
+}
+
+/* des_ecb_functions */
+IMPLEMENT_des_cipher(des, ecb, ECB, DES_FLAGS, 64, 64, 0, block);
+/* des_cbc_functions */
+IMPLEMENT_des_cipher(des, cbc, CBC, DES_FLAGS, 64, 64, 64, block);
+/* des_ofb64_functions */
+IMPLEMENT_des_cipher(des, ofb64, OFB, DES_FLAGS, 64, 8, 64, stream);
+/* des_cfb64_functions */
+IMPLEMENT_des_cipher(des, cfb64, CFB, DES_FLAGS, 64, 8, 64, stream);
+/* des_cfb1_functions */
+IMPLEMENT_des_cipher(des, cfb1, CFB, DES_FLAGS, 64, 8, 64, stream);
+/* des_cfb8_functions */
+IMPLEMENT_des_cipher(des, cfb8, CFB, DES_FLAGS, 64, 8, 64, stream);
diff --git a/providers/default/ciphers/cipher_des.h b/providers/default/ciphers/cipher_des.h
new file mode 100644
index 0000000000..92dcfa11e9
--- /dev/null
+++ b/providers/default/ciphers/cipher_des.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/des.h>
+
+/* TODO(3.0) Figure out what flags need to be here */
+#define TDES_FLAGS (EVP_CIPH_RAND_KEY)
+
+typedef struct prov_des_ctx_st {
+    PROV_CIPHER_CTX base;      /* Must be first */
+    union {
+        OSSL_UNION_ALIGN;
+        DES_key_schedule ks;
+    } dks;
+    union {
+        void (*cbc) (const void *, void *, size_t,
+                     const DES_key_schedule *, unsigned char *);
+    } dstream;
+
+} PROV_DES_CTX;
+
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cbc(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_ecb(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_ofb64(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cfb64(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cfb1(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cfb8(void);
diff --git a/providers/default/ciphers/cipher_des_hw.c b/providers/default/ciphers/cipher_des_hw.c
new file mode 100644
index 0000000000..78107062a5
--- /dev/null
+++ b/providers/default/ciphers/cipher_des_hw.c
@@ -0,0 +1,173 @@
+/*
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/ciphers/ciphercommon.h"
+#include "cipher_des.h"
+
+static int cipher_hw_des_initkey(PROV_CIPHER_CTX *ctx,
+                                 const unsigned char *key, size_t keylen)
+{
+    PROV_DES_CTX *dctx = (PROV_DES_CTX *)ctx;
+    DES_cblock *deskey = (DES_cblock *)key;
+    DES_key_schedule *ks = &dctx->dks.ks;
+
+    dctx->dstream.cbc = NULL;
+#if defined(SPARC_DES_CAPABLE)
+    if (SPARC_DES_CAPABLE) {
+        if (ctx->mode == EVP_CIPH_CBC_MODE) {
+            des_t4_key_expand(&deskey[0], ks);
+            dctx->dstream.cbc = ctx->enc ? des_t4_cbc_encrypt :
+                                           des_t4_cbc_decrypt;
+            return 1;
+        }
+    }
+#endif
+    DES_set_key_unchecked(deskey, ks);
+    return 1;
+}
+
+static int cipher_hw_des_ecb_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+                                    const unsigned char *in, size_t len)
+{
+    size_t i, bl = ctx->blocksize;
+    DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+    if (len < bl)
+        return 1;
+    for (i = 0, len -= bl; i <= len; i += bl)
+        DES_ecb_encrypt((const_DES_cblock *)(in + i),
+                        (const_DES_cblock *)(out + i), key, ctx->enc);
+    return 1;
+}
+
+static int cipher_hw_des_cbc_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+                                    const unsigned char *in, size_t len)
+{
+    DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+    while (len >= MAXCHUNK) {
+        DES_ncbc_encrypt(in, out, MAXCHUNK, key, (DES_cblock *)ctx->iv,
+                         ctx->enc);
+        len -= MAXCHUNK;
+        in += MAXCHUNK;
+        out += MAXCHUNK;
+    }
+    if (len > 0)
+        DES_ncbc_encrypt(in, out, (long)len, key, (DES_cblock *)ctx->iv,
+                         ctx->enc);
+    return 1;
+}
+
+static int cipher_hw_des_ofb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+                                      const unsigned char *in, size_t len)
+{
+    int num = ctx->num;
+    DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+    while (len >= MAXCHUNK) {
+        DES_ofb64_encrypt(in, out, MAXCHUNK, key, (DES_cblock *)ctx->iv, &num);
+        len -= MAXCHUNK;
+        in += MAXCHUNK;
+        out += MAXCHUNK;
+    }
+    if (len > 0) {
+        DES_ofb64_encrypt(in, out, (long)len, key, (DES_cblock *)ctx->iv, &num);
+    }
+    ctx->num = num;
+    return 1;
+}
+
+static int cipher_hw_des_cfb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+                                      const unsigned char *in, size_t len)
+{
+    size_t chunk = MAXCHUNK;
+    DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+    int num = ctx->num;
+
+    if (len < chunk)
+        chunk = len;
+    while (len > 0 && len >= chunk) {
+        DES_cfb64_encrypt(in, out, (long)chunk, key, (DES_cblock *)ctx->iv,
+                          &num, ctx->enc);
+        len -= chunk;
+        in += chunk;
+        out += chunk;
+        if (len < chunk)
+            chunk = len;
+    }
+    ctx->num = num;
+    return 1;
+}
+
+/*
+ * Although we have a CFB-r implementation for DES, it doesn't pack the right
+ * way, so wrap it here
+ */
+static int cipher_hw_des_cfb1_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+                                     const unsigned char *in, size_t inl)
+{
+    size_t n, chunk = MAXCHUNK / 8;
+    DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+    unsigned char c[1], d[1];
+
+    if (inl < chunk)
+        chunk = inl;
+
+    while (inl && inl >= chunk) {
+        for (n = 0; n < chunk * 8; ++n) {
+            c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+            DES_cfb_encrypt(c, d, 1, 1, key, (DES_cblock *)ctx->iv, ctx->enc);
+            out[n / 8] =
+                (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
+                ((d[0] & 0x80) >> (unsigned int)(n % 8));
+        }
+        inl -= chunk;
+        in += chunk;
+        out += chunk;
+        if (inl < chunk)
+            chunk = inl;
+    }
+
+    return 1;
+}
+
+static int cipher_hw_des_cfb8_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+                                     const unsigned char *in, size_t inl)
+{
+    DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+    while (inl >= MAXCHUNK) {
+        DES_cfb_encrypt(in, out, 8, (long)MAXCHUNK, key,
+                        (DES_cblock *)ctx->iv, ctx->enc);
+        inl -= MAXCHUNK;
+        in += MAXCHUNK;
+        out += MAXCHUNK;
+    }
+    if (inl > 0)
+        DES_cfb_encrypt(in, out, 8, (long)inl, key,
+                        (DES_cblock *)ctx->iv, ctx->enc);
+    return 1;
+}
+
+#define PROV_CIPHER_HW_des_mode(mode)                                          \
+static const PROV_CIPHER_HW des_##mode = {                                     \
+    cipher_hw_des_initkey,                                                     \
+    cipher_hw_des_##mode##_cipher                                              \
+};                                                                             \
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_##mode(void)                          \
+{                                                                              \
+    return &des_##mode;                                                        \
+}
+
+PROV_CIPHER_HW_des_mode(ecb)
+PROV_CIPHER_HW_des_mode(cbc)
+PROV_CIPHER_HW_des_mode(ofb64)
+PROV_CIPHER_HW_des_mode(cfb64)
+PROV_CIPHER_HW_des_mode(cfb1)
+PROV_CIPHER_HW_des_mode(cfb8)
diff --git a/providers/default/defltprov.c b/providers/default/defltprov.c
index 9fe7bd35d3..4ead7f0f59 100644
--- a/providers/default/defltprov.c
+++ b/providers/default/defltprov.c
@@ -199,6 +199,12 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
     { "DES-EDE-CFB", "default=yes", tdes_ede2_cfb_functions },
     { "DESX-CBC", "default=yes", tdes_desx_cbc_functions },
     { "id-smime-alg-CMS3DESwrap", "default=yes", tdes_wrap_cbc_functions },
+    { "DES-ECB", "default=yes", des_ecb_functions },
+    { "DES-CBC", "default=yes", des_cbc_functions },
+    { "DES-OFB", "default=yes", des_ofb64_functions },
+    { "DES-CFB", "default=yes", des_cfb64_functions },
+    { "DES-CFB1", "default=yes", des_cfb1_functions },
+    { "DES-CFB8", "default=yes", des_cfb8_functions },
 #endif /* OPENSSL_NO_DES */
 #ifndef OPENSSL_NO_BF
     { "BF-ECB", "default=yes", blowfish128ecb_functions },
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index 486281772c..4e1bfb6b0b 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -44,6 +44,9 @@ push @defltfiles, @seedfiles unless disabled("seed");
 my @sm4files = qw( evpciph_sm4.txt );
 push @defltfiles, @sm4files unless disabled("sm4");
 
+my @desfiles = qw( evpciph_des.txt );
+push @defltfiles, @desfiles unless disabled("des");
+
 plan tests => (scalar(@configs) * scalar(@files)) + scalar(@defltfiles) + 1;
 
 my $infile = bldtop_file('providers', platform->dso('fips'));
diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt
index 0244e6fc01..44a6810ee7 100644
--- a/test/recipes/30-test_evp_data/evpciph.txt
+++ b/test/recipes/30-test_evp_data/evpciph.txt
@@ -50,50 +50,6 @@ IV = fedcba9876543210
 Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
 
-# DES ECB tests (from destest)
-
-Cipher = DES-ECB
-Availablein = default
-Key = 0000000000000000
-Plaintext = 0000000000000000
-Ciphertext = 8CA64DE9C1B123A7
-
-Cipher = DES-ECB
-Availablein = default
-Key = FFFFFFFFFFFFFFFF
-Plaintext = FFFFFFFFFFFFFFFF
-Ciphertext = 7359B2163E4EDC58
-
-Cipher = DES-ECB
-Availablein = default
-Key = 3000000000000000
-Plaintext = 1000000000000001
-Ciphertext = 958E6E627A05557B
-
-Cipher = DES-ECB
-Availablein = default
-Key = 1111111111111111
-Plaintext = 1111111111111111
-Ciphertext = F40379AB9E0EC533
-
-Cipher = DES-ECB
-Availablein = default
-Key = 0123456789ABCDEF
-Plaintext = 1111111111111111
-Ciphertext = 17668DFC7292532D
-
-Cipher = DES-ECB
-Availablein = default
-Key = 1111111111111111
-Plaintext = 0123456789ABCDEF
-Ciphertext = 8A5AE1F81AB8F2DD
-
-Cipher = DES-ECB
-Availablein = default
-Key = FEDCBA9876543210
-Plaintext = 0123456789ABCDEF
-Ciphertext = ED39D950FA74BCC4
-
 Title = AES (from FIPS-197 test vectors)
 
 Cipher = AES-128-ECB
diff --git a/test/recipes/30-test_evp_data/evpciph_des.txt b/test/recipes/30-test_evp_data/evpciph_des.txt
new file mode 100644
index 0000000000..4841fdc318
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_des.txt
@@ -0,0 +1,64 @@
+#
+# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+Title = DES ECB Tests (from destest)
+
+Cipher = DES-ECB
+Key = 0000000000000000
+Plaintext = 0000000000000000
+Ciphertext = 8CA64DE9C1B123A7
+
+Cipher = DES-ECB
+Key = FFFFFFFFFFFFFFFF
+Plaintext = FFFFFFFFFFFFFFFF
+Ciphertext = 7359B2163E4EDC58
+
+Cipher = DES-ECB
+Key = 3000000000000000
+Plaintext = 1000000000000001
+Ciphertext = 958E6E627A05557B
+
+Cipher = DES-ECB
+Key = 1111111111111111
+Plaintext = 1111111111111111
+Ciphertext = F40379AB9E0EC533
+
+Cipher = DES-ECB
+Key = 0123456789ABCDEF
+Plaintext = 1111111111111111
+Ciphertext = 17668DFC7292532D
+
+Cipher = DES-ECB
+Key = 1111111111111111
+Plaintext = 0123456789ABCDEF
+Ciphertext = 8A5AE1F81AB8F2DD
+
+Cipher = DES-ECB
+Key = FEDCBA9876543210
+Plaintext = 0123456789ABCDEF
+Ciphertext = ED39D950FA74BCC4
+
+Title = DES Tests (from FIPS PUB 81)
+
+Cipher = DES-CBC
+Key = 0123456789abcdef
+IV = 1234567890abcdef
+Plaintext = 4e6f772069732074
+Ciphertext = e5c7cdde872bf27c
+
+Cipher = DES-CFB8
+Key = 0123456789abcdef
+IV = 1234567890abcdef
+Plaintext = 4e6f7720697320746865
+Ciphertext = f31fda07011462ee187f
+
+Cipher = DES-CFB
+Key = 0123456789abcdef
+IV = 1234567890abcdef
+Plaintext = 4e6f77206973207468652074696d6520666f7220616c6c20
+Ciphertext = f3096249c7f46e51a69e839b1a92f78403467133898ea622


More information about the openssl-commits mailing list