diff options
| author | lloyd <[email protected]> | 2008-09-28 15:34:09 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2008-09-28 15:34:09 +0000 |
| commit | ea32d18231b9c6c5c84b3754c4249170d3b4e4c0 (patch) | |
| tree | cc179337d0594ed105768011722b9dbae105e07a /modules/eng_ossl | |
| parent | b841401e095cfc1aa0708689d7920eb95ece71af (diff) | |
This is the first checkin to net.randombit.botan.modularized, which
has the intent of modularizing Botan's source code, and making it
much easier to add or remove various things at compile time.
In this first checkin:
Add support for nested directories in modules/ and move all the modules
into grouped directories like entropy/ or compression/
Currently this is not ideal, it will _only_ find code in
modules/*/*/modinfo.txt, while it would be much better to allow for
arbitrary nestings under modules (find modules -name modinfo.txt)
for more complicated setups.
This 'new' (OMG I've found directories!) structure allows for a more free
naming convention (no need for leading es_, ml_, etc to group names, though
some keep it for lack of a more meaningful name being obvious to me right
at the moment).
Diffstat (limited to 'modules/eng_ossl')
| -rw-r--r-- | modules/eng_ossl/bn_powm.cpp | 52 | ||||
| -rw-r--r-- | modules/eng_ossl/bn_wrap.cpp | 114 | ||||
| -rw-r--r-- | modules/eng_ossl/bn_wrap.h | 51 | ||||
| -rw-r--r-- | modules/eng_ossl/eng_ossl.cpp | 374 | ||||
| -rw-r--r-- | modules/eng_ossl/eng_ossl.h | 40 | ||||
| -rw-r--r-- | modules/eng_ossl/modinfo.txt | 20 | ||||
| -rw-r--r-- | modules/eng_ossl/ossl_bc.cpp | 204 | ||||
| -rw-r--r-- | modules/eng_ossl/ossl_md.cpp | 121 | ||||
| -rw-r--r-- | modules/eng_ossl/ossl_rc4.cpp | 92 |
9 files changed, 0 insertions, 1068 deletions
diff --git a/modules/eng_ossl/bn_powm.cpp b/modules/eng_ossl/bn_powm.cpp deleted file mode 100644 index f54411240..000000000 --- a/modules/eng_ossl/bn_powm.cpp +++ /dev/null @@ -1,52 +0,0 @@ -/************************************************* -* OpenSSL Modular Exponentiation Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/eng_ossl.h> -#include <botan/bn_wrap.h> - -namespace Botan { - -namespace { - -/************************************************* -* OpenSSL Modular Exponentiator * -*************************************************/ -class OpenSSL_Modular_Exponentiator : public Modular_Exponentiator - { - public: - void set_base(const BigInt& b) { base = b; } - void set_exponent(const BigInt& e) { exp = e; } - BigInt execute() const; - Modular_Exponentiator* copy() const - { return new OpenSSL_Modular_Exponentiator(*this); } - - OpenSSL_Modular_Exponentiator(const BigInt& n) : mod(n) {} - private: - OSSL_BN base, exp, mod; - OSSL_BN_CTX ctx; - }; - -/************************************************* -* Compute the result * -*************************************************/ -BigInt OpenSSL_Modular_Exponentiator::execute() const - { - OSSL_BN r; - BN_mod_exp(r.value, base.value, exp.value, mod.value, ctx.value); - return r.to_bigint(); - } - -} - -/************************************************* -* Return the OpenSSL-based modular exponentiator * -*************************************************/ -Modular_Exponentiator* OpenSSL_Engine::mod_exp(const BigInt& n, - Power_Mod::Usage_Hints) const - { - return new OpenSSL_Modular_Exponentiator(n); - } - -} diff --git a/modules/eng_ossl/bn_wrap.cpp b/modules/eng_ossl/bn_wrap.cpp deleted file mode 100644 index 4f7ea0078..000000000 --- a/modules/eng_ossl/bn_wrap.cpp +++ /dev/null @@ -1,114 +0,0 @@ -/************************************************* -* OpenSSL BN Wrapper Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/bn_wrap.h> - -namespace Botan { - -/************************************************* -* OSSL_BN Constructor * -*************************************************/ -OSSL_BN::OSSL_BN(const BigInt& in) - { - value = BN_new(); - SecureVector<byte> encoding = BigInt::encode(in); - if(in != 0) - BN_bin2bn(encoding, encoding.size(), value); - } - -/************************************************* -* OSSL_BN Constructor * -*************************************************/ -OSSL_BN::OSSL_BN(const byte in[], u32bit length) - { - value = BN_new(); - BN_bin2bn(in, length, value); - } - -/************************************************* -* OSSL_BN Copy Constructor * -*************************************************/ -OSSL_BN::OSSL_BN(const OSSL_BN& other) - { - value = BN_dup(other.value); - } - -/************************************************* -* OSSL_BN Destructor * -*************************************************/ -OSSL_BN::~OSSL_BN() - { - BN_clear_free(value); - } - -/************************************************* -* OSSL_BN Assignment Operator * -*************************************************/ -OSSL_BN& OSSL_BN::operator=(const OSSL_BN& other) - { - BN_copy(value, other.value); - return (*this); - } - -/************************************************* -* Export the BIGNUM as a bytestring * -*************************************************/ -void OSSL_BN::encode(byte out[], u32bit length) const - { - BN_bn2bin(value, out + (length - bytes())); - } - -/************************************************* -* Return the number of significant bytes * -*************************************************/ -u32bit OSSL_BN::bytes() const - { - return BN_num_bytes(value); - } - -/************************************************* -* OpenSSL to BigInt Conversions * -*************************************************/ -BigInt OSSL_BN::to_bigint() const - { - SecureVector<byte> out(bytes()); - BN_bn2bin(value, out); - return BigInt::decode(out); - } - -/************************************************* -* OSSL_BN_CTX Constructor * -*************************************************/ -OSSL_BN_CTX::OSSL_BN_CTX() - { - value = BN_CTX_new(); - } - -/************************************************* -* OSSL_BN_CTX Copy Constructor * -*************************************************/ -OSSL_BN_CTX::OSSL_BN_CTX(const OSSL_BN_CTX&) - { - value = BN_CTX_new(); - } - -/************************************************* -* OSSL_BN_CTX Destructor * -*************************************************/ -OSSL_BN_CTX::~OSSL_BN_CTX() - { - BN_CTX_free(value); - } - -/************************************************* -* OSSL_BN_CTX Assignment Operator * -*************************************************/ -OSSL_BN_CTX& OSSL_BN_CTX::operator=(const OSSL_BN_CTX&) - { - value = BN_CTX_new(); - return (*this); - } - -} diff --git a/modules/eng_ossl/bn_wrap.h b/modules/eng_ossl/bn_wrap.h deleted file mode 100644 index 682795660..000000000 --- a/modules/eng_ossl/bn_wrap.h +++ /dev/null @@ -1,51 +0,0 @@ -/************************************************* -* OpenSSL BN Wrapper Header File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#ifndef BOTAN_EXT_OPENSSL_BN_WRAP_H__ -#define BOTAN_EXT_OPENSSL_BN_WRAP_H__ - -#include <botan/bigint.h> -#include <openssl/bn.h> - -namespace Botan { - -/************************************************* -* Lightweight OpenSSL BN Wrapper * -*************************************************/ -class OSSL_BN - { - public: - BIGNUM* value; - - BigInt to_bigint() const; - void encode(byte[], u32bit) const; - u32bit bytes() const; - - OSSL_BN& operator=(const OSSL_BN&); - - OSSL_BN(const OSSL_BN&); - OSSL_BN(const BigInt& = 0); - OSSL_BN(const byte[], u32bit); - ~OSSL_BN(); - }; - -/************************************************* -* Lightweight OpenSSL BN_CTX Wrapper * -*************************************************/ -class OSSL_BN_CTX - { - public: - BN_CTX* value; - - OSSL_BN_CTX& operator=(const OSSL_BN_CTX&); - - OSSL_BN_CTX(); - OSSL_BN_CTX(const OSSL_BN_CTX&); - ~OSSL_BN_CTX(); - }; - -} - -#endif diff --git a/modules/eng_ossl/eng_ossl.cpp b/modules/eng_ossl/eng_ossl.cpp deleted file mode 100644 index 9421495c2..000000000 --- a/modules/eng_ossl/eng_ossl.cpp +++ /dev/null @@ -1,374 +0,0 @@ -/************************************************* -* OpenSSL Engine Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/eng_ossl.h> -#include <botan/bn_wrap.h> -#include <openssl/opensslv.h> - -#if OPENSSL_VERSION_NUMBER < 0x0090700F - #error Your OpenSSL install is too old, upgrade to 0.9.7 or later -#endif - -namespace Botan { - -namespace { - -/************************************************* -* OpenSSL IF Operation * -*************************************************/ -class OpenSSL_IF_Op : public IF_Operation - { - public: - BigInt public_op(const BigInt&) const; - BigInt private_op(const BigInt&) const; - - IF_Operation* clone() const { return new OpenSSL_IF_Op(*this); } - - OpenSSL_IF_Op(const BigInt& e_bn, const BigInt& n_bn, const BigInt&, - const BigInt& p_bn, const BigInt& q_bn, const BigInt& d1_bn, - const BigInt& d2_bn, const BigInt& c_bn) : - e(e_bn), n(n_bn), p(p_bn), q(q_bn), d1(d1_bn), d2(d2_bn), c(c_bn) {} - private: - const OSSL_BN e, n, p, q, d1, d2, c; - OSSL_BN_CTX ctx; - }; - -/************************************************* -* OpenSSL IF Public Operation * -*************************************************/ -BigInt OpenSSL_IF_Op::public_op(const BigInt& i_bn) const - { - OSSL_BN i(i_bn), r; - BN_mod_exp(r.value, i.value, e.value, n.value, ctx.value); - return r.to_bigint(); - } - -/************************************************* -* OpenSSL IF Private Operation * -*************************************************/ -BigInt OpenSSL_IF_Op::private_op(const BigInt& i_bn) const - { - if(BN_is_zero(p.value)) - throw Internal_Error("OpenSSL_IF_Op::private_op: No private key"); - - OSSL_BN j1, j2, h(i_bn); - - BN_mod_exp(j1.value, h.value, d1.value, p.value, ctx.value); - BN_mod_exp(j2.value, h.value, d2.value, q.value, ctx.value); - BN_sub(h.value, j1.value, j2.value); - BN_mod_mul(h.value, h.value, c.value, p.value, ctx.value); - BN_mul(h.value, h.value, q.value, ctx.value); - BN_add(h.value, h.value, j2.value); - return h.to_bigint(); - } - -/************************************************* -* OpenSSL DSA Operation * -*************************************************/ -class OpenSSL_DSA_Op : public DSA_Operation - { - public: - bool verify(const byte[], u32bit, const byte[], u32bit) const; - SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; - - DSA_Operation* clone() const { return new OpenSSL_DSA_Op(*this); } - - OpenSSL_DSA_Op(const DL_Group& group, const BigInt& y1, - const BigInt& x1) : - x(x1), y(y1), p(group.get_p()), q(group.get_q()), g(group.get_g()) {} - private: - const OSSL_BN x, y, p, q, g; - OSSL_BN_CTX ctx; - }; - -/************************************************* -* OpenSSL DSA Verify Operation * -*************************************************/ -bool OpenSSL_DSA_Op::verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const - { - const u32bit q_bytes = q.bytes(); - - if(sig_len != 2*q_bytes || msg_len > q_bytes) - return false; - - OSSL_BN r(sig, q_bytes); - OSSL_BN s(sig + q_bytes, q_bytes); - OSSL_BN i(msg, msg_len); - - if(BN_is_zero(r.value) || BN_cmp(r.value, q.value) >= 0) - return false; - if(BN_is_zero(s.value) || BN_cmp(s.value, q.value) >= 0) - return false; - - if(BN_mod_inverse(s.value, s.value, q.value, ctx.value) == 0) - return false; - - OSSL_BN si; - BN_mod_mul(si.value, s.value, i.value, q.value, ctx.value); - BN_mod_exp(si.value, g.value, si.value, p.value, ctx.value); - - OSSL_BN sr; - BN_mod_mul(sr.value, s.value, r.value, q.value, ctx.value); - BN_mod_exp(sr.value, y.value, sr.value, p.value, ctx.value); - - BN_mod_mul(si.value, si.value, sr.value, p.value, ctx.value); - BN_nnmod(si.value, si.value, q.value, ctx.value); - - if(BN_cmp(si.value, r.value) == 0) - return true; - return false; - } - -/************************************************* -* OpenSSL DSA Sign Operation * -*************************************************/ -SecureVector<byte> OpenSSL_DSA_Op::sign(const byte in[], u32bit length, - const BigInt& k_bn) const - { - if(BN_is_zero(x.value)) - throw Internal_Error("OpenSSL_DSA_Op::sign: No private key"); - - OSSL_BN i(in, length); - OSSL_BN k(k_bn); - - OSSL_BN r; - BN_mod_exp(r.value, g.value, k.value, p.value, ctx.value); - BN_nnmod(r.value, r.value, q.value, ctx.value); - - BN_mod_inverse(k.value, k.value, q.value, ctx.value); - - OSSL_BN s; - BN_mul(s.value, x.value, r.value, ctx.value); - BN_add(s.value, s.value, i.value); - BN_mod_mul(s.value, s.value, k.value, q.value, ctx.value); - - if(BN_is_zero(r.value) || BN_is_zero(s.value)) - throw Internal_Error("OpenSSL_DSA_Op::sign: r or s was zero"); - - const u32bit q_bytes = q.bytes(); - - SecureVector<byte> output(2*q_bytes); - r.encode(output, q_bytes); - s.encode(output + q_bytes, q_bytes); - return output; - } - -/************************************************* -* OpenSSL NR Operation * -*************************************************/ -class OpenSSL_NR_Op : public NR_Operation - { - public: - SecureVector<byte> verify(const byte[], u32bit) const; - SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; - - NR_Operation* clone() const { return new OpenSSL_NR_Op(*this); } - - OpenSSL_NR_Op(const DL_Group& group, const BigInt& y1, - const BigInt& x1) : - x(x1), y(y1), p(group.get_p()), q(group.get_q()), g(group.get_g()) {} - private: - const OSSL_BN x, y, p, q, g; - OSSL_BN_CTX ctx; - }; - -/************************************************* -* OpenSSL NR Verify Operation * -*************************************************/ -SecureVector<byte> OpenSSL_NR_Op::verify(const byte sig[], - u32bit sig_len) const - { - const u32bit q_bytes = q.bytes(); - - if(sig_len != 2*q_bytes) - return false; - - OSSL_BN c(sig, q_bytes); - OSSL_BN d(sig + q_bytes, q_bytes); - - if(BN_is_zero(c.value) || BN_cmp(c.value, q.value) >= 0 || - BN_cmp(d.value, q.value) >= 0) - throw Invalid_Argument("OpenSSL_NR_Op::verify: Invalid signature"); - - OSSL_BN i1, i2; - BN_mod_exp(i1.value, g.value, d.value, p.value, ctx.value); - BN_mod_exp(i2.value, y.value, c.value, p.value, ctx.value); - BN_mod_mul(i1.value, i1.value, i2.value, p.value, ctx.value); - BN_sub(i1.value, c.value, i1.value); - BN_nnmod(i1.value, i1.value, q.value, ctx.value); - return BigInt::encode(i1.to_bigint()); - } - -/************************************************* -* OpenSSL NR Sign Operation * -*************************************************/ -SecureVector<byte> OpenSSL_NR_Op::sign(const byte in[], u32bit length, - const BigInt& k_bn) const - { - if(BN_is_zero(x.value)) - throw Internal_Error("OpenSSL_NR_Op::sign: No private key"); - - OSSL_BN f(in, length); - OSSL_BN k(k_bn); - - if(BN_cmp(f.value, q.value) >= 0) - throw Invalid_Argument("OpenSSL_NR_Op::sign: Input is out of range"); - - OSSL_BN c, d; - BN_mod_exp(c.value, g.value, k.value, p.value, ctx.value); - BN_add(c.value, c.value, f.value); - BN_nnmod(c.value, c.value, q.value, ctx.value); - BN_mul(d.value, x.value, c.value, ctx.value); - BN_sub(d.value, k.value, d.value); - BN_nnmod(d.value, d.value, q.value, ctx.value); - - if(BN_is_zero(c.value)) - throw Internal_Error("Default_NR_Op::sign: c was zero"); - - const u32bit q_bytes = q.bytes(); - SecureVector<byte> output(2*q_bytes); - c.encode(output, q_bytes); - d.encode(output + q_bytes, q_bytes); - return output; - } - -/************************************************* -* OpenSSL ElGamal Operation * -*************************************************/ -class OpenSSL_ELG_Op : public ELG_Operation - { - public: - SecureVector<byte> encrypt(const byte[], u32bit, const BigInt&) const; - BigInt decrypt(const BigInt&, const BigInt&) const; - - ELG_Operation* clone() const { return new OpenSSL_ELG_Op(*this); } - OpenSSL_ELG_Op(const DL_Group& group, const BigInt& y1, - const BigInt& x1) : - x(x1), y(y1), g(group.get_g()), p(group.get_p()) {} - private: - OSSL_BN x, y, g, p; - OSSL_BN_CTX ctx; - }; - -/************************************************* -* OpenSSL ElGamal Encrypt Operation * -*************************************************/ -SecureVector<byte> OpenSSL_ELG_Op::encrypt(const byte in[], u32bit length, - const BigInt& k_bn) const - { - OSSL_BN i(in, length); - - if(BN_cmp(i.value, p.value) >= 0) - throw Invalid_Argument("OpenSSL_ELG_Op: Input is too large"); - - OSSL_BN a, b, k(k_bn); - - BN_mod_exp(a.value, g.value, k.value, p.value, ctx.value); - BN_mod_exp(b.value, y.value, k.value, p.value, ctx.value); - BN_mod_mul(b.value, b.value, i.value, p.value, ctx.value); - - const u32bit p_bytes = p.bytes(); - SecureVector<byte> output(2*p_bytes); - a.encode(output, p_bytes); - b.encode(output + p_bytes, p_bytes); - return output; - } - -/************************************************* -* OpenSSL ElGamal Decrypt Operation * -*************************************************/ -BigInt OpenSSL_ELG_Op::decrypt(const BigInt& a_bn, const BigInt& b_bn) const - { - if(BN_is_zero(x.value)) - throw Internal_Error("OpenSSL_ELG_Op::decrypt: No private key"); - - OSSL_BN a(a_bn), b(b_bn), t; - - if(BN_cmp(a.value, p.value) >= 0 || BN_cmp(b.value, p.value) >= 0) - throw Invalid_Argument("OpenSSL_ELG_Op: Invalid message"); - - BN_mod_exp(t.value, a.value, x.value, p.value, ctx.value); - BN_mod_inverse(a.value, t.value, p.value, ctx.value); - BN_mod_mul(a.value, a.value, b.value, p.value, ctx.value); - return a.to_bigint(); - } - -/************************************************* -* OpenSSL DH Operation * -*************************************************/ -class OpenSSL_DH_Op : public DH_Operation - { - public: - BigInt agree(const BigInt& i) const; - DH_Operation* clone() const { return new OpenSSL_DH_Op(*this); } - - OpenSSL_DH_Op(const DL_Group& group, const BigInt& x_bn) : - x(x_bn), p(group.get_p()) {} - private: - OSSL_BN x, p; - OSSL_BN_CTX ctx; - }; - -/************************************************* -* OpenSSL DH Key Agreement Operation * -*************************************************/ -BigInt OpenSSL_DH_Op::agree(const BigInt& i_bn) const - { - OSSL_BN i(i_bn), r; - BN_mod_exp(r.value, i.value, x.value, p.value, ctx.value); - return r.to_bigint(); - } - -} - -/************************************************* -* Acquire an IF op * -*************************************************/ -IF_Operation* OpenSSL_Engine::if_op(const BigInt& e, const BigInt& n, - const BigInt& d, const BigInt& p, - const BigInt& q, const BigInt& d1, - const BigInt& d2, const BigInt& c) const - { - return new OpenSSL_IF_Op(e, n, d, p, q, d1, d2, c); - } - -/************************************************* -* Acquire a DSA op * -*************************************************/ -DSA_Operation* OpenSSL_Engine::dsa_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new OpenSSL_DSA_Op(group, y, x); - } - -/************************************************* -* Acquire a NR op * -*************************************************/ -NR_Operation* OpenSSL_Engine::nr_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new OpenSSL_NR_Op(group, y, x); - } - -/************************************************* -* Acquire an ElGamal op * -*************************************************/ -ELG_Operation* OpenSSL_Engine::elg_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new OpenSSL_ELG_Op(group, y, x); - } - -/************************************************* -* Acquire a DH op * -*************************************************/ -DH_Operation* OpenSSL_Engine::dh_op(const DL_Group& group, - const BigInt& x) const - { - return new OpenSSL_DH_Op(group, x); - } - -} diff --git a/modules/eng_ossl/eng_ossl.h b/modules/eng_ossl/eng_ossl.h deleted file mode 100644 index a1886662f..000000000 --- a/modules/eng_ossl/eng_ossl.h +++ /dev/null @@ -1,40 +0,0 @@ -/************************************************* -* OpenSSL Engine Header File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#ifndef BOTAN_EXT_ENGINE_OPENSSL_H__ -#define BOTAN_EXT_ENGINE_OPENSSL_H__ - -#include <botan/engine.h> -#include <botan/mutex.h> - -namespace Botan { - -/************************************************* -* OpenSSL Engine * -*************************************************/ -class OpenSSL_Engine : public Engine - { - public: - IF_Operation* if_op(const BigInt&, const BigInt&, const BigInt&, - const BigInt&, const BigInt&, const BigInt&, - const BigInt&, const BigInt&) const; - DSA_Operation* dsa_op(const DL_Group&, const BigInt&, - const BigInt&) const; - NR_Operation* nr_op(const DL_Group&, const BigInt&, const BigInt&) const; - ELG_Operation* elg_op(const DL_Group&, const BigInt&, - const BigInt&) const; - DH_Operation* dh_op(const DL_Group&, const BigInt&) const; - - Modular_Exponentiator* mod_exp(const BigInt&, - Power_Mod::Usage_Hints) const; - private: - BlockCipher* find_block_cipher(const std::string&) const; - StreamCipher* find_stream_cipher(const std::string&) const; - HashFunction* find_hash(const std::string&) const; - }; - -} - -#endif diff --git a/modules/eng_ossl/modinfo.txt b/modules/eng_ossl/modinfo.txt deleted file mode 100644 index 7892e8e90..000000000 --- a/modules/eng_ossl/modinfo.txt +++ /dev/null @@ -1,20 +0,0 @@ -realname "OpenSSL Engine" - -define ENGINE_OPENSSL - -load_on request - -<add> -eng_ossl.cpp -bn_wrap.cpp -bn_powm.cpp -ossl_bc.cpp -ossl_rc4.cpp -ossl_md.cpp -eng_ossl.h -bn_wrap.h -</add> - -<libs> -all -> crypto -</libs> diff --git a/modules/eng_ossl/ossl_bc.cpp b/modules/eng_ossl/ossl_bc.cpp deleted file mode 100644 index 407bb3cde..000000000 --- a/modules/eng_ossl/ossl_bc.cpp +++ /dev/null @@ -1,204 +0,0 @@ -/************************************************* -* OpenSSL Block Cipher Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/eng_ossl.h> -#include <botan/parsing.h> -#include <botan/libstate.h> -#include <openssl/evp.h> - -namespace Botan { - -namespace { - -/************************************************* -* EVP Block Cipher * -*************************************************/ -class EVP_BlockCipher : public BlockCipher - { - public: - void clear() throw(); - std::string name() const { return cipher_name; } - BlockCipher* clone() const; - EVP_BlockCipher(const EVP_CIPHER*, const std::string&); - EVP_BlockCipher(const EVP_CIPHER*, const std::string&, - u32bit, u32bit, u32bit); - - ~EVP_BlockCipher(); - private: - void enc(const byte[], byte[]) const; - void dec(const byte[], byte[]) const; - void key(const byte[], u32bit); - std::string cipher_name; - mutable EVP_CIPHER_CTX encrypt, decrypt; - }; - -/************************************************* -* EVP Block Cipher Constructor * -*************************************************/ -EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* algo, - const std::string& algo_name) : - BlockCipher(EVP_CIPHER_block_size(algo), EVP_CIPHER_key_length(algo)), - cipher_name(algo_name) - { - if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE) - throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in"); - - EVP_CIPHER_CTX_init(&encrypt); - EVP_CIPHER_CTX_init(&decrypt); - - EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0); - EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0); - - EVP_CIPHER_CTX_set_padding(&encrypt, 0); - EVP_CIPHER_CTX_set_padding(&decrypt, 0); - } - -/************************************************* -* EVP Block Cipher Constructor * -*************************************************/ -EVP_BlockCipher::EVP_BlockCipher(const EVP_CIPHER* algo, - const std::string& algo_name, - u32bit key_min, u32bit key_max, - u32bit key_mod) : - BlockCipher(EVP_CIPHER_block_size(algo), key_min, key_max, key_mod), - cipher_name(algo_name) - { - if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE) - throw Invalid_Argument("EVP_BlockCipher: Non-ECB EVP was passed in"); - - EVP_CIPHER_CTX_init(&encrypt); - EVP_CIPHER_CTX_init(&decrypt); - - EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0); - EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0); - - EVP_CIPHER_CTX_set_padding(&encrypt, 0); - EVP_CIPHER_CTX_set_padding(&decrypt, 0); - } - -/************************************************* -* EVP Block Cipher Destructor * -*************************************************/ -EVP_BlockCipher::~EVP_BlockCipher() - { - EVP_CIPHER_CTX_cleanup(&encrypt); - EVP_CIPHER_CTX_cleanup(&decrypt); - } - -/************************************************* -* Encrypt a block * -*************************************************/ -void EVP_BlockCipher::enc(const byte in[], byte out[]) const - { - int out_len = 0; - EVP_EncryptUpdate(&encrypt, out, &out_len, in, BLOCK_SIZE); - } - -/************************************************* -* Decrypt a block * -*************************************************/ -void EVP_BlockCipher::dec(const byte in[], byte out[]) const - { - int out_len = 0; - EVP_DecryptUpdate(&decrypt, out, &out_len, in, BLOCK_SIZE); - } - -/************************************************* -* Set the key * -*************************************************/ -void EVP_BlockCipher::key(const byte key[], u32bit length) - { - SecureVector<byte> full_key(key, length); - - if(cipher_name == "TripleDES" && length == 16) - full_key.append(key, 8); - else - if(EVP_CIPHER_CTX_set_key_length(&encrypt, length) == 0 || - EVP_CIPHER_CTX_set_key_length(&decrypt, length) == 0) - throw Invalid_Argument("EVP_BlockCipher: Bad key length for " + - cipher_name); - - if(cipher_name == "RC2") - { - EVP_CIPHER_CTX_ctrl(&encrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0); - EVP_CIPHER_CTX_ctrl(&decrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0); - } - - EVP_EncryptInit_ex(&encrypt, 0, 0, full_key.begin(), 0); - EVP_DecryptInit_ex(&decrypt, 0, 0, full_key.begin(), 0); - } - -/************************************************* -* Return a clone of this object * -*************************************************/ -BlockCipher* EVP_BlockCipher::clone() const - { - return new EVP_BlockCipher(EVP_CIPHER_CTX_cipher(&encrypt), - cipher_name, MINIMUM_KEYLENGTH, - MAXIMUM_KEYLENGTH, KEYLENGTH_MULTIPLE); - } - -/************************************************* -* Clear memory of sensitive data * -*************************************************/ -void EVP_BlockCipher::clear() throw() - { - const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&encrypt); - - EVP_CIPHER_CTX_cleanup(&encrypt); - EVP_CIPHER_CTX_cleanup(&decrypt); - EVP_CIPHER_CTX_init(&encrypt); - EVP_CIPHER_CTX_init(&decrypt); - EVP_EncryptInit_ex(&encrypt, algo, 0, 0, 0); - EVP_DecryptInit_ex(&decrypt, algo, 0, 0, 0); - EVP_CIPHER_CTX_set_padding(&encrypt, 0); - EVP_CIPHER_CTX_set_padding(&decrypt, 0); - } - -} - -/************************************************* -* Look for an algorithm with this name * -*************************************************/ -BlockCipher* -OpenSSL_Engine::find_block_cipher(const std::string& algo_spec) const - { -#define HANDLE_EVP_CIPHER(NAME, EVP) \ - if(algo_name == NAME) \ - { \ - if(name.size() == 1) \ - return new EVP_BlockCipher(EVP, NAME); \ - throw Invalid_Algorithm_Name(algo_spec); \ - } - -#define HANDLE_EVP_CIPHER_KEYLEN(NAME, EVP, MIN, MAX, MOD) \ - if(algo_name == NAME) \ - { \ - if(name.size() == 1) \ - return new EVP_BlockCipher(EVP, NAME, MIN, MAX, MOD); \ - throw Invalid_Algorithm_Name(algo_spec); \ - } - - std::vector<std::string> name = parse_algorithm_name(algo_spec); - if(name.size() == 0) - return 0; - const std::string algo_name = global_state().deref_alias(name[0]); - - HANDLE_EVP_CIPHER_KEYLEN("Blowfish", EVP_bf_ecb(), 1, 56, 1); - HANDLE_EVP_CIPHER_KEYLEN("CAST-128", EVP_cast5_ecb(), 1, 16, 1); - HANDLE_EVP_CIPHER_KEYLEN("RC2", EVP_rc2_ecb(), 1, 32, 1); - HANDLE_EVP_CIPHER_KEYLEN("TripleDES", EVP_des_ede3_ecb(), 16, 24, 8); - HANDLE_EVP_CIPHER("DES", EVP_des_ecb()); - HANDLE_EVP_CIPHER("AES-128", EVP_aes_128_ecb()); - HANDLE_EVP_CIPHER("AES-192", EVP_aes_192_ecb()); - HANDLE_EVP_CIPHER("AES-256", EVP_aes_256_ecb()); - -#undef HANDLE_EVP_CIPHER -#undef HANDLE_EVP_CIPHER_KEYLEN - - return 0; - } - -} diff --git a/modules/eng_ossl/ossl_md.cpp b/modules/eng_ossl/ossl_md.cpp deleted file mode 100644 index 8e24c7213..000000000 --- a/modules/eng_ossl/ossl_md.cpp +++ /dev/null @@ -1,121 +0,0 @@ -/************************************************* -* OpenSSL Hash Functions Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/eng_ossl.h> -#include <botan/parsing.h> -#include <botan/libstate.h> -#include <openssl/evp.h> - -namespace Botan { - -namespace { - -/************************************************* -* EVP Hash Function * -*************************************************/ -class EVP_HashFunction : public HashFunction - { - public: - void clear() throw(); - std::string name() const { return algo_name; } - HashFunction* clone() const; - EVP_HashFunction(const EVP_MD*, const std::string&); - ~EVP_HashFunction(); - private: - void add_data(const byte[], u32bit); - void final_result(byte[]); - - std::string algo_name; - EVP_MD_CTX md; - }; - -/************************************************* -* Update an EVP Hash Calculation * -*************************************************/ -void EVP_HashFunction::add_data(const byte input[], u32bit length) - { - EVP_DigestUpdate(&md, input, length); - } - -/************************************************* -* Finalize an EVP Hash Calculation * -*************************************************/ -void EVP_HashFunction::final_result(byte output[]) - { - EVP_DigestFinal_ex(&md, output, 0); - const EVP_MD* algo = EVP_MD_CTX_md(&md); - EVP_DigestInit_ex(&md, algo, 0); - } - -/************************************************* -* Clear memory of sensitive data * -*************************************************/ -void EVP_HashFunction::clear() throw() - { - const EVP_MD* algo = EVP_MD_CTX_md(&md); - EVP_DigestInit_ex(&md, algo, 0); - } - -/************************************************* -* Return a clone of this object * -*************************************************/ -HashFunction* EVP_HashFunction::clone() const - { - const EVP_MD* algo = EVP_MD_CTX_md(&md); - return new EVP_HashFunction(algo, name()); - } - -/************************************************* -* Create an EVP hash function * -*************************************************/ -EVP_HashFunction::EVP_HashFunction(const EVP_MD* algo, - const std::string& name) : - HashFunction(EVP_MD_size(algo), EVP_MD_block_size(algo)), - algo_name(name) - { - EVP_MD_CTX_init(&md); - EVP_DigestInit_ex(&md, algo, 0); - } - -/************************************************* -* Destroy an EVP hash function * -*************************************************/ -EVP_HashFunction::~EVP_HashFunction() - { - EVP_MD_CTX_cleanup(&md); - } - -} - -/************************************************* -* Look for an algorithm with this name * -*************************************************/ -HashFunction* OpenSSL_Engine::find_hash(const std::string& algo_spec) const - { - std::vector<std::string> name = parse_algorithm_name(algo_spec); - if(name.size() == 0) - return 0; - const std::string algo_name = global_state().deref_alias(name[0]); - -#define HANDLE_EVP_MD(NAME, EVP) \ - if(algo_name == NAME) \ - { \ - if(name.size() == 1) \ - return new EVP_HashFunction(EVP, NAME); \ - throw Invalid_Algorithm_Name(algo_spec); \ - } - - HANDLE_EVP_MD("SHA-160", EVP_sha1()); - HANDLE_EVP_MD("MD2", EVP_md2()); - HANDLE_EVP_MD("MD4", EVP_md4()); - HANDLE_EVP_MD("MD5", EVP_md5()); - HANDLE_EVP_MD("RIPEMD-160", EVP_ripemd160()); - -#undef HANDLE_EVP_MD - - return 0; - } - -} diff --git a/modules/eng_ossl/ossl_rc4.cpp b/modules/eng_ossl/ossl_rc4.cpp deleted file mode 100644 index eb8e9ded8..000000000 --- a/modules/eng_ossl/ossl_rc4.cpp +++ /dev/null @@ -1,92 +0,0 @@ -/************************************************* -* OpenSSL ARC4 Source File * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ - -#include <botan/eng_ossl.h> -#include <botan/parsing.h> -#include <botan/libstate.h> -#include <openssl/rc4.h> - -namespace Botan { - -namespace { - -/************************************************* -* OpenSSL ARC4 * -*************************************************/ -class OpenSSL_ARC4 : public StreamCipher - { - public: - void clear() throw() { std::memset(&state, 0, sizeof(state)); } - std::string name() const; - StreamCipher* clone() const { return new OpenSSL_ARC4(SKIP); } - OpenSSL_ARC4(u32bit s = 0) : StreamCipher(1, 32), SKIP(s) { clear(); } - ~OpenSSL_ARC4() { clear(); } - private: - void cipher(const byte[], byte[], u32bit); - void key(const byte[], u32bit); - - const u32bit SKIP; - RC4_KEY state; - }; - -/************************************************* -* Return the name of this type * -*************************************************/ -std::string OpenSSL_ARC4::name() const - { - if(SKIP == 0) return "ARC4"; - if(SKIP == 256) return "MARK-4"; - else return "RC4_skip(" + to_string(SKIP) + ")"; - } - -/************************************************* -* ARC4 Key Schedule * -*************************************************/ -void OpenSSL_ARC4::key(const byte key[], u32bit length) - { - RC4_set_key(&state, length, key); - byte dummy = 0; - for(u32bit j = 0; j != SKIP; j++) - RC4(&state, 1, &dummy, &dummy); - } - -/************************************************* -* ARC4 Encryption * -*************************************************/ -void OpenSSL_ARC4::cipher(const byte in[], byte out[], u32bit length) - { - RC4(&state, length, in, out); - } - -} - -/************************************************* -* Look for an algorithm with this name * -*************************************************/ -StreamCipher* -OpenSSL_Engine::find_stream_cipher(const std::string& algo_spec) const - { - std::vector<std::string> name = parse_algorithm_name(algo_spec); - if(name.size() == 0) - return 0; - const std::string algo_name = global_state().deref_alias(name[0]); - -#define HANDLE_TYPE_ONE_U32BIT(NAME, TYPE, DEFAULT) \ - if(algo_name == NAME) \ - { \ - if(name.size() == 1) \ - return new TYPE(DEFAULT); \ - if(name.size() == 2) \ - return new TYPE(to_u32bit(name[1])); \ - throw Invalid_Algorithm_Name(algo_spec); \ - } - - HANDLE_TYPE_ONE_U32BIT("ARC4", OpenSSL_ARC4, 0); - HANDLE_TYPE_ONE_U32BIT("RC4_drop", OpenSSL_ARC4, 768); - - return 0; - } - -} |