[openssl] master update
shane.lontis at oracle.com
shane.lontis at oracle.com
Wed Sep 25 00:58:58 UTC 2019
The branch master has been updated
via bafde18324a5cd75c939624bad0c0498c6010315 (commit)
from 7c2a981ff7ca721a85687dcd972d54361434806f (commit)
- Log -----------------------------------------------------------------
commit bafde18324a5cd75c939624bad0c0498c6010315
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Wed Sep 25 10:46:39 2019 +1000
Add rc4 cipher to default provider
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9992)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/evp_enc.c | 4 +-
providers/common/include/internal/provider_algs.h | 5 ++
providers/default/ciphers/build.info | 5 ++
providers/default/ciphers/cipher_rc4.c | 87 ++++++++++++++++++++++
.../ciphers/{cipher_aria_gcm.h => cipher_rc4.h} | 13 ++--
providers/default/ciphers/cipher_rc4_hw.c | 38 ++++++++++
providers/default/defltprov.c | 4 +
test/recipes/30-test_evp.t | 3 +
test/recipes/30-test_evp_data/evpciph.txt | 32 --------
test/recipes/30-test_evp_data/evpciph_rc4.txt | 62 +++++++++++++++
10 files changed, 213 insertions(+), 40 deletions(-)
create mode 100644 providers/default/ciphers/cipher_rc4.c
copy providers/default/ciphers/{cipher_aria_gcm.h => cipher_rc4.h} (60%)
create mode 100644 providers/default/ciphers/cipher_rc4_hw.c
create mode 100644 test/recipes/30-test_evp_data/evpciph_rc4.txt
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 4e61d75bbd..2685436d36 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -267,7 +267,9 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
case NID_sm4_ctr:
case NID_sm4_cfb128:
case NID_sm4_ofb128:
- break;
+ case NID_rc4:
+ case NID_rc4_40:
+ break;
default:
goto legacy;
}
diff --git a/providers/common/include/internal/provider_algs.h b/providers/common/include/internal/provider_algs.h
index bca972d97a..4bbbbf61c5 100644
--- a/providers/common/include/internal/provider_algs.h
+++ b/providers/common/include/internal/provider_algs.h
@@ -186,6 +186,11 @@ extern const OSSL_DISPATCH des_cfb8_functions[];
# endif /* FIPS_MODE */
#endif /* OPENSSL_NO_DES */
+#ifndef OPENSSL_NO_RC4
+extern const OSSL_DISPATCH rc440_functions[];
+extern const OSSL_DISPATCH rc4128_functions[];
+#endif /* OPENSSL_NO_RC4 */
+
/* MACs */
extern const OSSL_DISPATCH blake2bmac_functions[];
extern const OSSL_DISPATCH blake2smac_functions[];
diff --git a/providers/default/ciphers/build.info b/providers/default/ciphers/build.info
index f942ccc030..76a5135aac 100644
--- a/providers/default/ciphers/build.info
+++ b/providers/default/ciphers/build.info
@@ -50,4 +50,9 @@ IF[{- !$disabled{ocb} -}]
cipher_aes_ocb.c cipher_aes_ocb_hw.c
ENDIF
+IF[{- !$disabled{rc4} -}]
+ SOURCE[../../../libcrypto]=\
+ cipher_rc4.c cipher_rc4_hw.c
+ENDIF
+
INCLUDE[../../../libcrypto]=. ../../../crypto
diff --git a/providers/default/ciphers/cipher_rc4.c b/providers/default/ciphers/cipher_rc4.c
new file mode 100644
index 0000000000..9418c141f6
--- /dev/null
+++ b/providers/default/ciphers/cipher_rc4.c
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Dispatch functions for RC4 ciphers */
+
+#include "cipher_rc4.h"
+#include "internal/provider_algs.h"
+
+/* TODO (3.0) Figure out what flags are required */
+#define RC4_FLAGS EVP_CIPH_FLAG_DEFAULT_ASN1
+
+static OSSL_OP_cipher_freectx_fn rc4_freectx;
+static OSSL_OP_cipher_dupctx_fn rc4_dupctx;
+
+static void rc4_freectx(void *vctx)
+{
+ PROV_RC4_CTX *ctx = (PROV_RC4_CTX *)vctx;
+
+ OPENSSL_clear_free(ctx, sizeof(*ctx));
+}
+
+static void *rc4_dupctx(void *ctx)
+{
+ PROV_RC4_CTX *in = (PROV_RC4_CTX *)ctx;
+ PROV_RC4_CTX *ret = OPENSSL_malloc(sizeof(*ret));
+
+ if (ret == NULL) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ *ret = *in;
+
+ return ret;
+}
+
+#define IMPLEMENT_cipher(alg, UCALG, flags, kbits, blkbits, ivbits, typ) \
+static OSSL_OP_cipher_get_params_fn alg##_##kbits##_get_params; \
+static int alg##_##kbits##_get_params(OSSL_PARAM params[]) \
+{ \
+ return cipher_generic_get_params(params, 0, flags, \
+ kbits, blkbits, ivbits); \
+} \
+static OSSL_OP_cipher_newctx_fn alg##_##kbits##_newctx; \
+static void * alg##_##kbits##_newctx(void *provctx) \
+{ \
+ PROV_##UCALG##_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
+ if (ctx != NULL) { \
+ cipher_generic_initkey(ctx, kbits, blkbits, ivbits, 0, flags, \
+ PROV_CIPHER_HW_##alg(kbits), NULL); \
+ } \
+ return ctx; \
+} \
+const OSSL_DISPATCH alg##kbits##_functions[] = { \
+ { OSSL_FUNC_CIPHER_NEWCTX, \
+ (void (*)(void)) alg##_##kbits##_newctx }, \
+ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \
+ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \
+ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \
+ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \
+ { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\
+ { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \
+ { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \
+ { OSSL_FUNC_CIPHER_GET_PARAMS, \
+ (void (*)(void)) alg##_##kbits##_get_params }, \
+ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
+ (void (*)(void))cipher_generic_get_ctx_params }, \
+ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
+ (void (*)(void))cipher_generic_set_ctx_params }, \
+ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
+ (void (*)(void))cipher_generic_gettable_params }, \
+ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
+ (void (*)(void))cipher_generic_gettable_ctx_params }, \
+ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
+ (void (*)(void))cipher_generic_settable_ctx_params }, \
+ { 0, NULL } \
+};
+
+/* rc440_functions */
+IMPLEMENT_cipher(rc4, RC4, EVP_CIPH_VARIABLE_LENGTH, 40, 64, 0, stream)
+/* rc4128_functions */
+IMPLEMENT_cipher(rc4, RC4, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 0, stream)
diff --git a/providers/default/ciphers/cipher_aria_gcm.h b/providers/default/ciphers/cipher_rc4.h
similarity index 60%
copy from providers/default/ciphers/cipher_aria_gcm.h
copy to providers/default/ciphers/cipher_rc4.h
index 3499ceaaf7..df61f7c265 100644
--- a/providers/default/ciphers/cipher_aria_gcm.h
+++ b/providers/default/ciphers/cipher_rc4.h
@@ -7,16 +7,15 @@
* https://www.openssl.org/source/license.html
*/
-#include "internal/aria.h"
+#include <openssl/rc4.h>
#include "internal/ciphers/ciphercommon.h"
-#include "internal/ciphers/cipher_gcm.h"
-typedef struct prov_aria_gcm_ctx_st {
- PROV_GCM_CTX base; /* must be first entry in struct */
+typedef struct prov_rc4_ctx_st {
+ PROV_CIPHER_CTX base; /* Must be first */
union {
OSSL_UNION_ALIGN;
- ARIA_KEY ks;
+ RC4_KEY ks;
} ks;
-} PROV_ARIA_GCM_CTX;
+} PROV_RC4_CTX;
-const PROV_GCM_HW *PROV_ARIA_HW_gcm(size_t keybits);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_rc4(size_t keybits);
diff --git a/providers/default/ciphers/cipher_rc4_hw.c b/providers/default/ciphers/cipher_rc4_hw.c
new file mode 100644
index 0000000000..503a618914
--- /dev/null
+++ b/providers/default/ciphers/cipher_rc4_hw.c
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_rc4.h"
+
+static int cipher_hw_rc4_initkey(PROV_CIPHER_CTX *ctx,
+ const unsigned char *key, size_t keylen)
+{
+ PROV_RC4_CTX *rctx = (PROV_RC4_CTX *)ctx;
+
+ RC4_set_key(&rctx->ks.ks, keylen, key);
+ return 1;
+}
+
+static int cipher_hw_rc4_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ PROV_RC4_CTX *rctx = (PROV_RC4_CTX *)ctx;
+
+ RC4(&rctx->ks.ks, len, in, out);
+ return 1;
+}
+
+static const PROV_CIPHER_HW rc4_hw = {
+ cipher_hw_rc4_initkey,
+ cipher_hw_rc4_cipher
+};
+const PROV_CIPHER_HW *PROV_CIPHER_HW_rc4(size_t keybits)
+{
+ return &rc4_hw;
+}
+
diff --git a/providers/default/defltprov.c b/providers/default/defltprov.c
index 4ead7f0f59..c3ee99c0a6 100644
--- a/providers/default/defltprov.c
+++ b/providers/default/defltprov.c
@@ -237,6 +237,10 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
{ "SM4-OFB", "default=yes", sm4128ofb128_functions },
{ "SM4-CFB", "default=yes", sm4128cfb128_functions },
#endif /* OPENSSL_NO_SM4 */
+#ifndef OPENSSL_NO_RC4
+ { "RC4", "default=yes", rc4128_functions },
+ { "RC4-40", "default=yes", rc440_functions },
+#endif /* OPENSSL_NO_RC4 */
{ NULL, NULL, NULL }
};
diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index 4e1bfb6b0b..52f9c2882a 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -47,6 +47,9 @@ push @defltfiles, @sm4files unless disabled("sm4");
my @desfiles = qw( evpciph_des.txt );
push @defltfiles, @desfiles unless disabled("des");
+my @rc4files = qw( evpciph_rc4.txt );
+push @defltfiles, @rc4files unless disabled("rc4");
+
plan tests => (scalar(@configs) * scalar(@files)) + scalar(@defltfiles) + 1;
my $infile = bldtop_file('providers', platform->dso('fips'));
diff --git a/test/recipes/30-test_evp_data/evpciph.txt b/test/recipes/30-test_evp_data/evpciph.txt
index 44a6810ee7..9a90e1bd06 100644
--- a/test/recipes/30-test_evp_data/evpciph.txt
+++ b/test/recipes/30-test_evp_data/evpciph.txt
@@ -1503,38 +1503,6 @@ Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8
Plaintext = 466f7250617369
Ciphertext = afbeb0f07dfbf5419200f2ccb50bb24f
-Title = RC4 tests
-
-Cipher = RC4
-Key = 0123456789abcdef0123456789abcdef
-Plaintext = 0123456789abcdef
-Ciphertext = 75b7878099e0c596
-
-Cipher = RC4
-Key = 0123456789abcdef0123456789abcdef
-Plaintext = 0000000000000000
-Ciphertext = 7494c2e7104b0879
-
-Cipher = RC4
-Key = 00000000000000000000000000000000
-Plaintext = 0000000000000000
-Ciphertext = de188941a3375d3a
-
-Cipher = RC4
-Key = ef012345ef012345ef012345ef012345
-Plaintext = 0000000000000000000000000000000000000000
-Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
-
-Cipher = RC4
-Key = 0123456789abcdef0123456789abcdef
-Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678
-Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
-
-Cipher = RC4
-Key = ef012345ef012345ef012345ef012345
-Plaintext = 00000000000000000000
-Ciphertext = d6a141a7ec3c38dfbd61
-
Title = Camellia tests from RFC3713
# For all ECB encrypts and decrypts, the transformed sequence is
diff --git a/test/recipes/30-test_evp_data/evpciph_rc4.txt b/test/recipes/30-test_evp_data/evpciph_rc4.txt
new file mode 100644
index 0000000000..4cb068be9b
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpciph_rc4.txt
@@ -0,0 +1,62 @@
+#
+# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+Title = RC4 tests
+
+Cipher = RC4
+Key = 0123456789abcdef0123456789abcdef
+Plaintext = 0123456789abcdef
+Ciphertext = 75b7878099e0c596
+
+Cipher = RC4
+Key = 0123456789abcdef0123456789abcdef
+Plaintext = 0000000000000000
+Ciphertext = 7494c2e7104b0879
+
+Cipher = RC4
+Key = 00000000000000000000000000000000
+Plaintext = 0000000000000000
+Ciphertext = de188941a3375d3a
+
+Cipher = RC4
+Key = ef012345ef012345ef012345ef012345
+Plaintext = 0000000000000000000000000000000000000000
+Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+
+Cipher = RC4
+Key = 0123456789abcdef0123456789abcdef
+Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678
+Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+
+Cipher = RC4
+Key = ef012345ef012345ef012345ef012345
+Plaintext = 00000000000000000000
+Ciphertext = d6a141a7ec3c38dfbd61
+
+Title = RC4 tests (From RFC6229)
+
+Cipher = RC4-40
+Key = 0102030405
+Plaintext = 00000000000000000000000000000000
+Ciphertext = b2396305f03dc027ccc3524a0a1118a8
+
+Cipher = RC4-40
+Key = 833222772a
+Plaintext = 00000000000000000000000000000000
+Ciphertext = 80ad97bdc973df8a2e879e92a497efda
+
+Cipher = RC4
+Key = 0102030405060708090a0b0c0d0e0f10
+Plaintext = 00000000000000000000000000000000
+Ciphertext = 9ac7cc9a609d1ef7b2932899cde41b97
+
+Cipher = RC4
+Key = ebb46227c6cc8b37641910833222772a
+Plaintext = 00000000000000000000000000000000
+Ciphertext = 720c94b63edf44e131d950ca211a5a30
+
More information about the openssl-commits
mailing list