Update OpenSSL engine with encrypt_n interface for block ciphers.

Add support for SHA-2 and SEED. Wrap block cipher usage in checks for OPENSSL_NO_XXX
author: lloyd <[email protected]> 2009-09-17 13:46:29 +0000
committer: lloyd <[email protected]> 2009-09-17 13:46:29 +0000
commit: 268c1b8902fccc4e942f6ccd5651dab826846a92 (patch)
tree: d125a3382afe7380599781184133a19d488cda73 /src/engine
parent: 486165fedeb64bce3fce80939451514a21eb6ae4 (diff)
2 files changed, 46 insertions, 12 deletions
diff --git a/src/engine/openssl/ossl_bc.cpp b/src/engine/openssl/ossl_bc.cpp
index 4d3761adb..dd6bb38db 100644
--- a/src/engine/openssl/ossl_bc.cpp
+++ b/src/engine/openssl/ossl_bc.cpp
@@ -27,8 +27,8 @@ class EVP_BlockCipher : public BlockCipher
 
       ~EVP_BlockCipher();
    private:
-      void enc(const byte[], byte[]) const;
-      void dec(const byte[], byte[]) const;
+      void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
+      void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
       void key_schedule(const byte[], u32bit);
       std::string cipher_name;
       mutable EVP_CIPHER_CTX encrypt, decrypt;
@@ -90,19 +90,21 @@ EVP_BlockCipher::~EVP_BlockCipher()
 /*
 * Encrypt a block
 */
-void EVP_BlockCipher::enc(const byte in[], byte out[]) const
+void EVP_BlockCipher::encrypt_n(const byte in[], byte out[],
+                                u32bit blocks) const
    {
    int out_len = 0;
-   EVP_EncryptUpdate(&encrypt, out, &out_len, in, BLOCK_SIZE);
+   EVP_EncryptUpdate(&encrypt, out, &out_len, in, blocks * BLOCK_SIZE);
    }
 
 /*
 * Decrypt a block
 */
-void EVP_BlockCipher::dec(const byte in[], byte out[]) const
+void EVP_BlockCipher::decrypt_n(const byte in[], byte out[],
+                                u32bit blocks) const
    {
    int out_len = 0;
-   EVP_DecryptUpdate(&decrypt, out, &out_len, in, BLOCK_SIZE);
+   EVP_DecryptUpdate(&decrypt, out, &out_len, in, blocks * BLOCK_SIZE);
    }
 
 /*
@@ -174,7 +176,7 @@ OpenSSL_Engine::find_block_cipher(const SCAN_Name& request,
    if(request.algo_name() == NAME && request.arg_count() == 0)  \
       return new EVP_BlockCipher(EVP, NAME, MIN, MAX, MOD);
 
-#if 0
+#if 0 && !defined(OPENSSL_NO_AES)
    /*
    Using OpenSSL's AES causes crashes inside EVP on x86-64 with OpenSSL 0.9.8g
    cause is unknown
@@ -184,12 +186,30 @@ OpenSSL_Engine::find_block_cipher(const SCAN_Name& request,
    HANDLE_EVP_CIPHER("AES-256", EVP_aes_256_ecb());
 #endif
 
+#if !defined(OPENSSL_NO_DES)
    HANDLE_EVP_CIPHER("DES", EVP_des_ecb());
    HANDLE_EVP_CIPHER_KEYLEN("TripleDES", EVP_des_ede3_ecb(), 16, 24, 8);
+#endif
 
+#if !defined(OPENSSL_NO_BF)
    HANDLE_EVP_CIPHER_KEYLEN("Blowfish", EVP_bf_ecb(), 1, 56, 1);
+#endif
+
+#if !defined(OPENSSL_NO_CAST)
    HANDLE_EVP_CIPHER_KEYLEN("CAST-128", EVP_cast5_ecb(), 1, 16, 1);
+#endif
+
+#if !defined(OPENSSL_NO_RC2)
    HANDLE_EVP_CIPHER_KEYLEN("RC2", EVP_rc2_ecb(), 1, 32, 1);
+#endif
+
+#if !defined(OPENSSL_NO_IDEA)
+   HANDLE_EVP_CIPHER("IDEA", EVP_idea_ecb());
+#endif
+
+#if !defined(OPENSSL_NO_SEED)
+   HANDLE_EVP_CIPHER("SEED", EVP_seed_ecb());
+#endif
 
 #undef HANDLE_EVP_CIPHER
 #undef HANDLE_EVP_CIPHER_KEYLEN
diff --git a/src/engine/openssl/ossl_md.cpp b/src/engine/openssl/ossl_md.cpp
index 7c8fb678c..42975c8a3 100644
--- a/src/engine/openssl/ossl_md.cpp
+++ b/src/engine/openssl/ossl_md.cpp
@@ -95,27 +95,41 @@ EVP_HashFunction::~EVP_HashFunction()
 HashFunction* OpenSSL_Engine::find_hash(const SCAN_Name& request,
                                         Algorithm_Factory&) const
    {
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA)
    if(request.algo_name() == "SHA-160")
       return new EVP_HashFunction(EVP_sha1(), "SHA-160");
 #endif
 
-#ifndef OPENSSL_NO_MD2
+#if !defined(OPENSSL_NO_SHA256)
+   if(request.algo_name() == "SHA-224")
+      return new EVP_HashFunction(EVP_sha224(), "SHA-224");
+   if(request.algo_name() == "SHA-256")
+      return new EVP_HashFunction(EVP_sha256(), "SHA-256");
+#endif
+
+#if !defined(OPENSSL_NO_SHA512)
+   if(request.algo_name() == "SHA-384")
+      return new EVP_HashFunction(EVP_sha384(), "SHA-384");
+   if(request.algo_name() == "SHA-512")
+      return new EVP_HashFunction(EVP_sha512(), "SHA-512");
+#endif
+
+#if !defined(OPENSSL_NO_MD2)
    if(request.algo_name() == "MD2")
       return new EVP_HashFunction(EVP_md2(), "MD2");
 #endif
 
-#ifndef OPENSSL_NO_MD4
+#if !defined(OPENSSL_NO_MD4)
    if(request.algo_name() == "MD4")
       return new EVP_HashFunction(EVP_md4(), "MD4");
 #endif
 
-#ifndef OPENSSL_NO_MD5
+#if !defined(OPENSSL_NO_MD5)
    if(request.algo_name() == "MD5")
       return new EVP_HashFunction(EVP_md5(), "MD5");
 #endif
 
-#ifndef OPENSSL_NO_RIPEMD
+#if !defined(OPENSSL_NO_RIPEMD)
    if(request.algo_name() == "RIPEMD-160")
       return new EVP_HashFunction(EVP_ripemd160(), "RIPEMD-160");
 #endif
author	lloyd <[email protected]>	2009-09-17 13:46:29 +0000
committer	lloyd <[email protected]>	2009-09-17 13:46:29 +0000
commit	268c1b8902fccc4e942f6ccd5651dab826846a92 (patch)
tree	d125a3382afe7380599781184133a19d488cda73 /src/engine
parent	486165fedeb64bce3fce80939451514a21eb6ae4 (diff)