diff options
| author | Pauli <paul.dale@oracle.com> | 2017-02-01 10:10:13 +1000 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2017-02-21 11:51:45 +0100 |
| commit | d42d0a4dc7925e3ea398821028a254c94665d733 (patch) | |
| tree | 4525cbb07e99c47cd4e8576b014111ccd427e398 /crypto/evp | |
| parent | ad39b31c1ce0323d6f6ec44842d955f9f2556adf (diff) | |
| download | openssl-d42d0a4dc7925e3ea398821028a254c94665d733.tar.gz | |
Implementation of the ARIA cipher as described in RFC 5794.
This implementation is written in endian agnostic C code. No attempt
at providing machine specific assembly code has been made. This
implementation expands the evptests by including the test cases from
RFC 5794 and ARIA official site rather than providing an individual
test case. Support for ARIA has been integrated into the command line
applications, but not TLS. Implemented modes are CBC, CFB1, CFB8,
CFB128, CTR, ECB and OFB128.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2337)
Diffstat (limited to 'crypto/evp')
| -rw-r--r-- | crypto/evp/build.info | 2 | ||||
| -rw-r--r-- | crypto/evp/c_allc.c | 32 | ||||
| -rw-r--r-- | crypto/evp/e_aria.c | 156 | ||||
| -rw-r--r-- | crypto/evp/evp_err.c | 2 |
4 files changed, 190 insertions, 2 deletions
diff --git a/crypto/evp/build.info b/crypto/evp/build.info index bf633dc713..c0df858ae0 100644 --- a/crypto/evp/build.info +++ b/crypto/evp/build.info @@ -2,7 +2,7 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ encode.c digest.c evp_enc.c evp_key.c evp_cnf.c \ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ - e_rc4.c e_aes.c names.c e_seed.c \ + e_rc4.c e_aes.c names.c e_seed.c e_aria.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \ m_md5_sha1.c m_mdc2.c m_ripemd.c \ diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 6ed31edbcb..76edfbd37b 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -181,6 +181,36 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); +#ifndef OPENSSL_NO_ARIA + EVP_add_cipher(EVP_aria_128_ecb()); + EVP_add_cipher(EVP_aria_128_cbc()); + EVP_add_cipher(EVP_aria_128_cfb()); + EVP_add_cipher(EVP_aria_128_cfb1()); + EVP_add_cipher(EVP_aria_128_cfb8()); + EVP_add_cipher(EVP_aria_128_ctr()); + EVP_add_cipher(EVP_aria_128_ofb()); + EVP_add_cipher_alias(SN_aria_128_cbc, "ARIA128"); + EVP_add_cipher_alias(SN_aria_128_cbc, "aria128"); + EVP_add_cipher(EVP_aria_192_ecb()); + EVP_add_cipher(EVP_aria_192_cbc()); + EVP_add_cipher(EVP_aria_192_cfb()); + EVP_add_cipher(EVP_aria_192_cfb1()); + EVP_add_cipher(EVP_aria_192_cfb8()); + EVP_add_cipher(EVP_aria_192_ctr()); + EVP_add_cipher(EVP_aria_192_ofb()); + EVP_add_cipher_alias(SN_aria_192_cbc, "ARIA192"); + EVP_add_cipher_alias(SN_aria_192_cbc, "aria192"); + EVP_add_cipher(EVP_aria_256_ecb()); + EVP_add_cipher(EVP_aria_256_cbc()); + EVP_add_cipher(EVP_aria_256_cfb()); + EVP_add_cipher(EVP_aria_256_cfb1()); + EVP_add_cipher(EVP_aria_256_cfb8()); + EVP_add_cipher(EVP_aria_256_ctr()); + EVP_add_cipher(EVP_aria_256_ofb()); + EVP_add_cipher_alias(SN_aria_256_cbc, "ARIA256"); + EVP_add_cipher_alias(SN_aria_256_cbc, "aria256"); +#endif + #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_ecb()); EVP_add_cipher(EVP_camellia_128_cbc()); diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c new file mode 100644 index 0000000000..8745bfeb26 --- /dev/null +++ b/crypto/evp/e_aria.c @@ -0,0 +1,156 @@ +/* + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* ==================================================================== + * Copyright (c) 2017 Oracle and/or its affiliates. All rights reserved. + */ + +#include "internal/cryptlib.h" +#ifndef OPENSSL_NO_ARIA +# include <openssl/evp.h> +# include <openssl/modes.h> +# include"internal/aria.h" +# include "internal/evp_int.h" + +/* ARIA subkey Structure */ +typedef struct { + ARIA_KEY ks; +} EVP_ARIA_KEY; + +/* The subkey for ARIA is generated. */ +static int aria_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + int ret; + int mode = EVP_CIPHER_CTX_mode(ctx); + + if (enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) + ret = aria_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, + EVP_CIPHER_CTX_get_cipher_data(ctx)); + else + ret = aria_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, + EVP_CIPHER_CTX_get_cipher_data(ctx)); + if (ret < 0) { + EVPerr(EVP_F_ARIA_INIT_KEY,EVP_R_ARIA_KEY_SETUP_FAILED); + return 0; + } + return 1; +} + +static void aria_cbc_encrypt(const unsigned char *in, unsigned char *out, + size_t len, const ARIA_KEY *key, + unsigned char *ivec, const int enc) +{ + + if (enc) + CRYPTO_cbc128_encrypt(in, out, len, key, ivec, + (block128_f) aria_encrypt); + else + CRYPTO_cbc128_decrypt(in, out, len, key, ivec, + (block128_f) aria_encrypt); +} + +static void aria_cfb128_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num, const int enc) +{ + + CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc, + (block128_f) aria_encrypt); +} + +static void aria_cfb1_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num, const int enc) +{ + CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc, + (block128_f) aria_encrypt); +} + +static void aria_cfb8_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num, const int enc) +{ + CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc, + (block128_f) aria_encrypt); +} + +static void aria_ecb_encrypt(const unsigned char *in, unsigned char *out, + const ARIA_KEY *key, const int enc) +{ + aria_encrypt(in, out, key); +} + +static void aria_ofb128_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num) +{ + CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num, + (block128_f) aria_encrypt); +} + +IMPLEMENT_BLOCK_CIPHER(aria_128, ks, aria, EVP_ARIA_KEY, + NID_aria_128, 16, 16, 16, 128, + 0, aria_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) +IMPLEMENT_BLOCK_CIPHER(aria_192, ks, aria, EVP_ARIA_KEY, + NID_aria_192, 16, 24, 16, 128, + 0, aria_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) +IMPLEMENT_BLOCK_CIPHER(aria_256, ks, aria, EVP_ARIA_KEY, + NID_aria_256, 16, 32, 16, 128, + 0, aria_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) + +# define IMPLEMENT_ARIA_CFBR(ksize,cbits) \ + IMPLEMENT_CFBR(aria,aria,EVP_ARIA_KEY,ks,ksize,cbits,16,0) +IMPLEMENT_ARIA_CFBR(128,1) +IMPLEMENT_ARIA_CFBR(192,1) +IMPLEMENT_ARIA_CFBR(256,1) +IMPLEMENT_ARIA_CFBR(128,8) +IMPLEMENT_ARIA_CFBR(192,8) +IMPLEMENT_ARIA_CFBR(256,8) + +# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ +static const EVP_CIPHER aria_##keylen##_##mode = { \ + nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ + flags|EVP_CIPH_##MODE##_MODE, \ + aria_init_key, \ + aria_##mode##_cipher, \ + NULL, \ + sizeof(EVP_ARIA_KEY), \ + NULL,NULL,NULL,NULL }; \ +const EVP_CIPHER *EVP_aria_##keylen##_##mode(void) \ +{ return &aria_##keylen##_##mode; } + +static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) +{ + unsigned int num = EVP_CIPHER_CTX_num(ctx); + EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY,ctx); + + CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, + EVP_CIPHER_CTX_iv_noconst(ctx), + EVP_CIPHER_CTX_buf_noconst(ctx), &num, + (block128_f) aria_encrypt); + EVP_CIPHER_CTX_set_num(ctx, num); + return 1; +} + +BLOCK_CIPHER_generic(NID_aria, 128, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0) + +#endif diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 6ff9ec4eae..eb73a5a555 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -25,6 +25,7 @@ static ERR_STRING_DATA EVP_str_functs[] = { {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"}, {ERR_FUNC(EVP_F_AES_WRAP_CIPHER), "aes_wrap_cipher"}, {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"}, + {ERR_FUNC(EVP_F_ARIA_INIT_KEY), "aria_init_key"}, {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"}, {ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"}, {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"}, @@ -97,6 +98,7 @@ static ERR_STRING_DATA EVP_str_functs[] = { static ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"}, + {ERR_REASON(EVP_R_ARIA_KEY_SETUP_FAILED), "aria key setup failed"}, {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"}, {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"}, {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), |