diff options
author | lloyd <[email protected]> | 2009-09-17 13:46:29 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2009-09-17 13:46:29 +0000 |
commit | 268c1b8902fccc4e942f6ccd5651dab826846a92 (patch) | |
tree | d125a3382afe7380599781184133a19d488cda73 /src/engine/openssl | |
parent | 486165fedeb64bce3fce80939451514a21eb6ae4 (diff) |
Update OpenSSL engine with encrypt_n interface for block ciphers.
Add support for SHA-2 and SEED.
Wrap block cipher usage in checks for OPENSSL_NO_XXX
Diffstat (limited to 'src/engine/openssl')
-rw-r--r-- | src/engine/openssl/ossl_bc.cpp | 34 | ||||
-rw-r--r-- | src/engine/openssl/ossl_md.cpp | 24 |
2 files changed, 46 insertions, 12 deletions
diff --git a/src/engine/openssl/ossl_bc.cpp b/src/engine/openssl/ossl_bc.cpp index 4d3761adb..dd6bb38db 100644 --- a/src/engine/openssl/ossl_bc.cpp +++ b/src/engine/openssl/ossl_bc.cpp @@ -27,8 +27,8 @@ class EVP_BlockCipher : public BlockCipher ~EVP_BlockCipher(); private: - void enc(const byte[], byte[]) const; - void dec(const byte[], byte[]) const; + void encrypt_n(const byte in[], byte out[], u32bit blocks) const; + void decrypt_n(const byte in[], byte out[], u32bit blocks) const; void key_schedule(const byte[], u32bit); std::string cipher_name; mutable EVP_CIPHER_CTX encrypt, decrypt; @@ -90,19 +90,21 @@ EVP_BlockCipher::~EVP_BlockCipher() /* * Encrypt a block */ -void EVP_BlockCipher::enc(const byte in[], byte out[]) const +void EVP_BlockCipher::encrypt_n(const byte in[], byte out[], + u32bit blocks) const { int out_len = 0; - EVP_EncryptUpdate(&encrypt, out, &out_len, in, BLOCK_SIZE); + EVP_EncryptUpdate(&encrypt, out, &out_len, in, blocks * BLOCK_SIZE); } /* * Decrypt a block */ -void EVP_BlockCipher::dec(const byte in[], byte out[]) const +void EVP_BlockCipher::decrypt_n(const byte in[], byte out[], + u32bit blocks) const { int out_len = 0; - EVP_DecryptUpdate(&decrypt, out, &out_len, in, BLOCK_SIZE); + EVP_DecryptUpdate(&decrypt, out, &out_len, in, blocks * BLOCK_SIZE); } /* @@ -174,7 +176,7 @@ OpenSSL_Engine::find_block_cipher(const SCAN_Name& request, if(request.algo_name() == NAME && request.arg_count() == 0) \ return new EVP_BlockCipher(EVP, NAME, MIN, MAX, MOD); -#if 0 +#if 0 && !defined(OPENSSL_NO_AES) /* Using OpenSSL's AES causes crashes inside EVP on x86-64 with OpenSSL 0.9.8g cause is unknown @@ -184,12 +186,30 @@ OpenSSL_Engine::find_block_cipher(const SCAN_Name& request, HANDLE_EVP_CIPHER("AES-256", EVP_aes_256_ecb()); #endif +#if !defined(OPENSSL_NO_DES) HANDLE_EVP_CIPHER("DES", EVP_des_ecb()); HANDLE_EVP_CIPHER_KEYLEN("TripleDES", EVP_des_ede3_ecb(), 16, 24, 8); +#endif +#if !defined(OPENSSL_NO_BF) HANDLE_EVP_CIPHER_KEYLEN("Blowfish", EVP_bf_ecb(), 1, 56, 1); +#endif + +#if !defined(OPENSSL_NO_CAST) HANDLE_EVP_CIPHER_KEYLEN("CAST-128", EVP_cast5_ecb(), 1, 16, 1); +#endif + +#if !defined(OPENSSL_NO_RC2) HANDLE_EVP_CIPHER_KEYLEN("RC2", EVP_rc2_ecb(), 1, 32, 1); +#endif + +#if !defined(OPENSSL_NO_IDEA) + HANDLE_EVP_CIPHER("IDEA", EVP_idea_ecb()); +#endif + +#if !defined(OPENSSL_NO_SEED) + HANDLE_EVP_CIPHER("SEED", EVP_seed_ecb()); +#endif #undef HANDLE_EVP_CIPHER #undef HANDLE_EVP_CIPHER_KEYLEN diff --git a/src/engine/openssl/ossl_md.cpp b/src/engine/openssl/ossl_md.cpp index 7c8fb678c..42975c8a3 100644 --- a/src/engine/openssl/ossl_md.cpp +++ b/src/engine/openssl/ossl_md.cpp @@ -95,27 +95,41 @@ EVP_HashFunction::~EVP_HashFunction() HashFunction* OpenSSL_Engine::find_hash(const SCAN_Name& request, Algorithm_Factory&) const { -#ifndef OPENSSL_NO_SHA +#if !defined(OPENSSL_NO_SHA) if(request.algo_name() == "SHA-160") return new EVP_HashFunction(EVP_sha1(), "SHA-160"); #endif -#ifndef OPENSSL_NO_MD2 +#if !defined(OPENSSL_NO_SHA256) + if(request.algo_name() == "SHA-224") + return new EVP_HashFunction(EVP_sha224(), "SHA-224"); + if(request.algo_name() == "SHA-256") + return new EVP_HashFunction(EVP_sha256(), "SHA-256"); +#endif + +#if !defined(OPENSSL_NO_SHA512) + if(request.algo_name() == "SHA-384") + return new EVP_HashFunction(EVP_sha384(), "SHA-384"); + if(request.algo_name() == "SHA-512") + return new EVP_HashFunction(EVP_sha512(), "SHA-512"); +#endif + +#if !defined(OPENSSL_NO_MD2) if(request.algo_name() == "MD2") return new EVP_HashFunction(EVP_md2(), "MD2"); #endif -#ifndef OPENSSL_NO_MD4 +#if !defined(OPENSSL_NO_MD4) if(request.algo_name() == "MD4") return new EVP_HashFunction(EVP_md4(), "MD4"); #endif -#ifndef OPENSSL_NO_MD5 +#if !defined(OPENSSL_NO_MD5) if(request.algo_name() == "MD5") return new EVP_HashFunction(EVP_md5(), "MD5"); #endif -#ifndef OPENSSL_NO_RIPEMD +#if !defined(OPENSSL_NO_RIPEMD) if(request.algo_name() == "RIPEMD-160") return new EVP_HashFunction(EVP_ripemd160(), "RIPEMD-160"); #endif |