A handful more compatibility functions. Change-Id: I814f55742910c519e9b64aca1b15a4d754adc541 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44944 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/crypto/fipsmodule/ec/ec.c b/crypto/fipsmodule/ec/ec.c index b250123..c976341 100644 --- a/crypto/fipsmodule/ec/ec.c +++ b/crypto/fipsmodule/ec/ec.c
@@ -797,6 +797,12 @@ return 1; } +int EC_POINT_get_affine_coordinates(const EC_GROUP *group, + const EC_POINT *point, BIGNUM *x, BIGNUM *y, + BN_CTX *ctx) { + return EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx); +} + void ec_affine_to_jacobian(const EC_GROUP *group, EC_RAW_POINT *out, const EC_AFFINE *p) { out->X = p->X;
diff --git a/decrepit/cfb/cfb.c b/decrepit/cfb/cfb.c index 380d4ee..fa1cfd4 100644 --- a/decrepit/cfb/cfb.c +++ b/decrepit/cfb/cfb.c
@@ -57,6 +57,13 @@ NULL /* cleanup */, NULL /* ctrl */, }; +static const EVP_CIPHER aes_192_cfb128 = { + NID_aes_192_cfb128, 1 /* block_size */, 24 /* key_size */, + 16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE, + NULL /* app_data */, aes_cfb_init_key, aes_cfb128_cipher, + NULL /* cleanup */, NULL /* ctrl */, +}; + static const EVP_CIPHER aes_256_cfb128 = { NID_aes_256_cfb128, 1 /* block_size */, 32 /* key_size */, 16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE, @@ -66,5 +73,7 @@ const EVP_CIPHER *EVP_aes_128_cfb128(void) { return &aes_128_cfb128; } const EVP_CIPHER *EVP_aes_128_cfb(void) { return &aes_128_cfb128; } +const EVP_CIPHER *EVP_aes_192_cfb128(void) { return &aes_192_cfb128; } +const EVP_CIPHER *EVP_aes_192_cfb(void) { return &aes_192_cfb128; } const EVP_CIPHER *EVP_aes_256_cfb128(void) { return &aes_256_cfb128; } const EVP_CIPHER *EVP_aes_256_cfb(void) { return &aes_256_cfb128; }
diff --git a/decrepit/cfb/cfb_test.cc b/decrepit/cfb/cfb_test.cc index ce55ba9..2510a88 100644 --- a/decrepit/cfb/cfb_test.cc +++ b/decrepit/cfb/cfb_test.cc
@@ -47,6 +47,23 @@ { // This is the test case from // http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf, + // section F.3.15, CFB128-AES192 + 24, + {0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5, + 0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b}, + {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, + {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, + 0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51, + 0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef, + 0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10}, + {0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74, + 0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21, 0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a, + 0x2e, 0x1e, 0x8a, 0x1d, 0xd5, 0x9b, 0x88, 0xb1, 0xc8, 0xe6, 0x0f, 0xed, 0x1e, 0xfa, 0xc4, 0xc9, + 0xc0, 0x5f, 0x9f, 0x9c, 0xa9, 0x83, 0x4f, 0xa0, 0x42, 0xae, 0x8f, 0xba, 0x58, 0x4b, 0x09, 0xff}, + }, + { + // This is the test case from + // http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf, // section F.3.17, CFB128-AES256 32, {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, @@ -76,11 +93,14 @@ bssl::ScopedEVP_CIPHER_CTX ctx; if (test.key_len == 16) { ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_cfb128(), nullptr, - test.key, test.iv)); + test.key, test.iv)); + } else if (test.key_len == 24) { + ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_aes_192_cfb128(), nullptr, + test.key, test.iv)); } else { assert(test.key_len == 32); ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_aes_256_cfb128(), nullptr, - test.key, test.iv)); + test.key, test.iv)); } size_t done = 0; @@ -104,11 +124,14 @@ bssl::ScopedEVP_CIPHER_CTX decrypt_ctx; if (test.key_len == 16) { ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_aes_128_cfb128(), - nullptr, test.key, test.iv)); + nullptr, test.key, test.iv)); + } else if (test.key_len == 24) { + ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_aes_192_cfb128(), + nullptr, test.key, test.iv)); } else { assert(test.key_len == 32); ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_aes_256_cfb128(), - nullptr, test.key, test.iv)); + nullptr, test.key, test.iv)); } std::unique_ptr<uint8_t[]> plaintext(new uint8_t[input_len]);
diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h index 81018db..c6bec48 100644 --- a/include/openssl/cipher.h +++ b/include/openssl/cipher.h
@@ -435,6 +435,13 @@ // decrepit. OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_cfb(void); +// EVP_aes_192_cfb128 is only available in decrepit. +OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_cfb128(void); + +// EVP_aes_192_cfb is an alias for |EVP_aes_192_cfb128| and is only available in +// decrepit. +OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_cfb(void); + // EVP_aes_256_cfb128 is only available in decrepit. OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cfb128(void);
diff --git a/include/openssl/ec.h b/include/openssl/ec.h index bd0c0f3..363c096 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h
@@ -221,6 +221,13 @@ BIGNUM *x, BIGNUM *y, BN_CTX *ctx); +// EC_POINT_get_affine_coordinates is an alias of +// |EC_POINT_get_affine_coordinates_GFp|. +OPENSSL_EXPORT int EC_POINT_get_affine_coordinates(const EC_GROUP *group, + const EC_POINT *point, + BIGNUM *x, BIGNUM *y, + BN_CTX *ctx); + // EC_POINT_set_affine_coordinates_GFp sets the value of |point| to be // (|x|, |y|). The |ctx| argument may be used if not NULL. It returns one // on success or zero on error. It's considered an error if the point is not on