[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Thu Oct 22 12:35:51 UTC 2020
The branch master has been updated
via 85209c07459b1c6007e0fc550f40c05deec78531 (commit)
from fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 (commit)
- Log -----------------------------------------------------------------
commit 85209c07459b1c6007e0fc550f40c05deec78531
Author: Pauli <paul.dale at oracle.com>
Date: Tue Oct 20 22:15:10 2020 +1000
Remove EVP_aes_(128|192|256)_siv functions
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13195)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/c_allc.c | 5 ---
crypto/evp/e_aes.c | 111 -------------------------------------------------
include/openssl/evp.h | 5 ---
util/libcrypto.num | 3 --
util/missingcrypto.txt | 3 --
5 files changed, 127 deletions(-)
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index df8e5a5bcb..6c50501b62 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -190,11 +190,6 @@ void openssl_add_all_ciphers_int(void)
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-#ifndef OPENSSL_NO_SIV
- EVP_add_cipher(EVP_aes_128_siv());
- EVP_add_cipher(EVP_aes_192_siv());
- EVP_add_cipher(EVP_aes_256_siv());
-#endif
#ifndef OPENSSL_NO_ARIA
EVP_add_cipher(EVP_aria_128_ecb());
EVP_add_cipher(EVP_aria_128_cbc());
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 08abd5fb09..96ee5d1403 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -4002,114 +4002,3 @@ BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB,
BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB,
EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
#endif /* OPENSSL_NO_OCB */
-
-/* AES-SIV mode */
-#ifndef OPENSSL_NO_SIV
-
-typedef SIV128_CONTEXT EVP_AES_SIV_CTX;
-
-#define aesni_siv_init_key aes_siv_init_key
-static int aes_siv_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- const EVP_CIPHER *ctr;
- const EVP_CIPHER *cbc;
- SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx);
- int klen = EVP_CIPHER_CTX_key_length(ctx) / 2;
-
- if (key == NULL)
- return 1;
-
- switch (klen) {
- case 16:
- cbc = EVP_aes_128_cbc();
- ctr = EVP_aes_128_ctr();
- break;
- case 24:
- cbc = EVP_aes_192_cbc();
- ctr = EVP_aes_192_ctr();
- break;
- case 32:
- cbc = EVP_aes_256_cbc();
- ctr = EVP_aes_256_ctr();
- break;
- default:
- return 0;
- }
-
- /* klen is the length of the underlying cipher, not the input key,
- which should be twice as long */
- return CRYPTO_siv128_init(sctx, key, klen, cbc, ctr, NULL, NULL);
-}
-
-#define aesni_siv_cipher aes_siv_cipher
-static int aes_siv_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len)
-{
- SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx);
-
- /* EncryptFinal or DecryptFinal */
- if (in == NULL)
- return CRYPTO_siv128_finish(sctx);
-
- /* Deal with associated data */
- if (out == NULL)
- return CRYPTO_siv128_aad(sctx, in, len);
-
- if (EVP_CIPHER_CTX_encrypting(ctx))
- return CRYPTO_siv128_encrypt(sctx, in, out, len);
-
- return CRYPTO_siv128_decrypt(sctx, in, out, len);
-}
-
-#define aesni_siv_cleanup aes_siv_cleanup
-static int aes_siv_cleanup(EVP_CIPHER_CTX *c)
-{
- SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c);
-
- return CRYPTO_siv128_cleanup(sctx);
-}
-
-
-#define aesni_siv_ctrl aes_siv_ctrl
-static int aes_siv_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
- SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c);
- SIV128_CONTEXT *sctx_out;
-
- switch (type) {
- case EVP_CTRL_INIT:
- return CRYPTO_siv128_cleanup(sctx);
-
- case EVP_CTRL_SET_SPEED:
- return CRYPTO_siv128_speed(sctx, arg);
-
- case EVP_CTRL_AEAD_SET_TAG:
- if (!EVP_CIPHER_CTX_encrypting(c))
- return CRYPTO_siv128_set_tag(sctx, ptr, arg);
- return 1;
-
- case EVP_CTRL_AEAD_GET_TAG:
- if (!EVP_CIPHER_CTX_encrypting(c))
- return 0;
- return CRYPTO_siv128_get_tag(sctx, ptr, arg);
-
- case EVP_CTRL_COPY:
- sctx_out = EVP_C_DATA(SIV128_CONTEXT, (EVP_CIPHER_CTX*)ptr);
- return CRYPTO_siv128_copy_ctx(sctx_out, sctx);
-
- default:
- return -1;
-
- }
-}
-
-#define SIV_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \
- | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
- | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_COPY \
- | EVP_CIPH_CTRL_INIT)
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 0, siv, SIV, SIV_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 192, 1, 0, siv, SIV, SIV_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 256, 1, 0, siv, SIV, SIV_FLAGS)
-#endif
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index b2b87f2ab4..4472bcf50e 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -950,11 +950,6 @@ const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
-# ifndef OPENSSL_NO_SIV
-const EVP_CIPHER *EVP_aes_128_siv(void);
-const EVP_CIPHER *EVP_aes_192_siv(void);
-const EVP_CIPHER *EVP_aes_256_siv(void);
-# endif
# ifndef OPENSSL_NO_ARIA
const EVP_CIPHER *EVP_aria_128_ecb(void);
const EVP_CIPHER *EVP_aria_128_cbc(void);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 3d3edf9356..3573058dc9 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4427,9 +4427,6 @@ OPENSSL_version_minor ? 3_0_0 EXIST::FUNCTION:
OPENSSL_version_patch ? 3_0_0 EXIST::FUNCTION:
OPENSSL_version_pre_release ? 3_0_0 EXIST::FUNCTION:
OPENSSL_version_build_metadata ? 3_0_0 EXIST::FUNCTION:
-EVP_aes_128_siv ? 3_0_0 EXIST::FUNCTION:SIV
-EVP_aes_192_siv ? 3_0_0 EXIST::FUNCTION:SIV
-EVP_aes_256_siv ? 3_0_0 EXIST::FUNCTION:SIV
OPENSSL_INIT_set_config_filename ? 3_0_0 EXIST::FUNCTION:STDIO
OPENSSL_INIT_set_config_file_flags ? 3_0_0 EXIST::FUNCTION:STDIO
ASYNC_WAIT_CTX_get_callback ? 3_0_0 EXIST::FUNCTION:
diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt
index f2b91e2587..71c0d5002b 100644
--- a/util/missingcrypto.txt
+++ b/util/missingcrypto.txt
@@ -700,9 +700,6 @@ EVP_PKEY_save_parameters(3)
EVP_add_alg_module(3)
EVP_add_cipher(3)
EVP_add_digest(3)
-EVP_aes_128_siv(3)
-EVP_aes_192_siv(3)
-EVP_aes_256_siv(3)
EVP_get_pw_prompt(3)
EVP_hex2ctrl(3)
EVP_read_pw_string(3)
More information about the openssl-commits
mailing list