Move DES out of the FIPS module. FIPS no longer likes it. Change-Id: I32a4ba93a5849927ff75aa72b816cdc669e8a0af Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/51325 Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt index d9cfa5c..6ab74b8 100644 --- a/crypto/CMakeLists.txt +++ b/crypto/CMakeLists.txt
@@ -256,6 +256,7 @@ cipher_extra/e_aesctrhmac.c cipher_extra/e_aesgcmsiv.c cipher_extra/e_chacha20poly1305.c + cipher_extra/e_des.c cipher_extra/e_null.c cipher_extra/e_rc2.c cipher_extra/e_rc4.c @@ -274,6 +275,7 @@ crypto.c curve25519/curve25519.c curve25519/spake25519.c + des/des.c dh_extra/params.c dh_extra/dh_asn1.c digest_extra/digest_extra.c
diff --git a/crypto/fipsmodule/cipher/e_des.c b/crypto/cipher_extra/e_des.c similarity index 64% rename from crypto/fipsmodule/cipher/e_des.c rename to crypto/cipher_extra/e_des.c index e77363b..087029b 100644 --- a/crypto/fipsmodule/cipher/e_des.c +++ b/crypto/cipher_extra/e_des.c
@@ -59,7 +59,6 @@ #include <openssl/nid.h> #include "internal.h" -#include "../delocate.h" typedef struct { @@ -88,17 +87,21 @@ return 1; } -DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_cbc) { - memset(out, 0, sizeof(EVP_CIPHER)); - out->nid = NID_des_cbc; - out->block_size = 8; - out->key_len = 8; - out->iv_len = 8; - out->ctx_size = sizeof(EVP_DES_KEY); - out->flags = EVP_CIPH_CBC_MODE; - out->init = des_init_key; - out->cipher = des_cbc_cipher; -} +static const EVP_CIPHER evp_des_cbc = { + /* nid = */ NID_des_cbc, + /* block_size = */ 8, + /* key_len = */ 8, + /* iv_len = */ 8, + /* ctx_size = */ sizeof(EVP_DES_KEY), + /* flags = */ EVP_CIPH_CBC_MODE, + /* app_data = */ NULL, + /* init = */ des_init_key, + /* cipher = */ des_cbc_cipher, + /* cleanup = */ NULL, + /* ctrl = */ NULL, +}; + +const EVP_CIPHER *EVP_des_cbc(void) { return &evp_des_cbc; } static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, size_t in_len) { @@ -107,25 +110,29 @@ } in_len -= ctx->cipher->block_size; - EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data; + EVP_DES_KEY *dat = (EVP_DES_KEY *)ctx->cipher_data; for (size_t i = 0; i <= in_len; i += ctx->cipher->block_size) { - DES_ecb_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i), + DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), &dat->ks.ks, ctx->encrypt); } return 1; } -DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ecb) { - memset(out, 0, sizeof(EVP_CIPHER)); - out->nid = NID_des_ecb; - out->block_size = 8; - out->key_len = 8; - out->iv_len = 0; - out->ctx_size = sizeof(EVP_DES_KEY); - out->flags = EVP_CIPH_ECB_MODE; - out->init = des_init_key; - out->cipher = des_ecb_cipher; -} +static const EVP_CIPHER evp_des_ecb = { + /* nid = */ NID_des_ecb, + /* block_size = */ 8, + /* key_len = */ 8, + /* iv_len = */ 0, + /* ctx_size = */ sizeof(EVP_DES_KEY), + /* flags = */ EVP_CIPH_ECB_MODE, + /* app_data = */ NULL, + /* init = */ des_init_key, + /* cipher = */ des_ecb_cipher, + /* cleanup = */ NULL, + /* ctrl = */ NULL, +}; + +const EVP_CIPHER *EVP_des_ecb(void) { return &evp_des_ecb; } typedef struct { union { @@ -137,7 +144,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; - DES_EDE_KEY *dat = (DES_EDE_KEY*) ctx->cipher_data; + DES_EDE_KEY *dat = (DES_EDE_KEY *)ctx->cipher_data; DES_set_key(&deskey[0], &dat->ks.ks[0]); DES_set_key(&deskey[1], &dat->ks.ks[1]); @@ -147,8 +154,8 @@ } static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, - const uint8_t *in, size_t in_len) { - DES_EDE_KEY *dat = (DES_EDE_KEY*) ctx->cipher_data; + const uint8_t *in, size_t in_len) { + DES_EDE_KEY *dat = (DES_EDE_KEY *)ctx->cipher_data; DES_ede3_cbc_encrypt(in, out, in_len, &dat->ks.ks[0], &dat->ks.ks[1], &dat->ks.ks[2], (DES_cblock *)ctx->iv, ctx->encrypt); @@ -156,22 +163,26 @@ return 1; } -DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede3_cbc) { - memset(out, 0, sizeof(EVP_CIPHER)); - out->nid = NID_des_ede3_cbc; - out->block_size = 8; - out->key_len = 24; - out->iv_len = 8; - out->ctx_size = sizeof(DES_EDE_KEY); - out->flags = EVP_CIPH_CBC_MODE; - out->init = des_ede3_init_key; - out->cipher = des_ede3_cbc_cipher; -} +static const EVP_CIPHER evp_des_ede3_cbc = { + /* nid = */ NID_des_ede3_cbc, + /* block_size = */ 8, + /* key_len = */ 24, + /* iv_len = */ 8, + /* ctx_size = */ sizeof(DES_EDE_KEY), + /* flags = */ EVP_CIPH_CBC_MODE, + /* app_data = */ NULL, + /* init = */ des_ede3_init_key, + /* cipher = */ des_ede3_cbc_cipher, + /* cleanup = */ NULL, + /* ctrl = */ NULL, +}; + +const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &evp_des_ede3_cbc; } static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, - const uint8_t *iv, int enc) { - DES_cblock *deskey = (DES_cblock *) key; - DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data; + const uint8_t *iv, int enc) { + DES_cblock *deskey = (DES_cblock *)key; + DES_EDE_KEY *dat = (DES_EDE_KEY *)ctx->cipher_data; DES_set_key(&deskey[0], &dat->ks.ks[0]); DES_set_key(&deskey[1], &dat->ks.ks[1]); @@ -180,17 +191,21 @@ return 1; } -DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede_cbc) { - memset(out, 0, sizeof(EVP_CIPHER)); - out->nid = NID_des_ede_cbc; - out->block_size = 8; - out->key_len = 16; - out->iv_len = 8; - out->ctx_size = sizeof(DES_EDE_KEY); - out->flags = EVP_CIPH_CBC_MODE; - out->init = des_ede_init_key; - out->cipher = des_ede3_cbc_cipher; -} +static const EVP_CIPHER evp_des_ede_cbc = { + /* nid = */ NID_des_ede_cbc, + /* block_size = */ 8, + /* key_len = */ 16, + /* iv_len = */ 8, + /* ctx_size = */ sizeof(DES_EDE_KEY), + /* flags = */ EVP_CIPH_CBC_MODE, + /* app_data = */ NULL, + /* init = */ des_ede_init_key, + /* cipher = */ des_ede3_cbc_cipher, + /* cleanup = */ NULL, + /* ctrl = */ NULL, +}; + +const EVP_CIPHER *EVP_des_ede_cbc(void) { return &evp_des_ede_cbc; } static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, size_t in_len) { @@ -208,30 +223,36 @@ return 1; } -DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede) { - memset(out, 0, sizeof(EVP_CIPHER)); - out->nid = NID_des_ede_ecb; - out->block_size = 8; - out->key_len = 16; - out->iv_len = 0; - out->ctx_size = sizeof(DES_EDE_KEY); - out->flags = EVP_CIPH_ECB_MODE; - out->init = des_ede_init_key; - out->cipher = des_ede_ecb_cipher; -} +static const EVP_CIPHER evp_des_ede = { + /* nid = */ NID_des_ede_ecb, + /* block_size = */ 8, + /* key_len = */ 16, + /* iv_len = */ 0, + /* ctx_size = */ sizeof(DES_EDE_KEY), + /* flags = */ EVP_CIPH_ECB_MODE, + /* app_data = */ NULL, + /* init = */ des_ede_init_key, + /* cipher = */ des_ede_ecb_cipher, + /* cleanup = */ NULL, + /* ctrl = */ NULL, +}; -DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede3) { - memset(out, 0, sizeof(EVP_CIPHER)); - out->nid = NID_des_ede3_ecb; - out->block_size = 8; - out->key_len = 24; - out->iv_len = 0; - out->ctx_size = sizeof(DES_EDE_KEY); - out->flags = EVP_CIPH_ECB_MODE; - out->init = des_ede3_init_key; - out->cipher = des_ede_ecb_cipher; -} +const EVP_CIPHER *EVP_des_ede(void) { return &evp_des_ede; } -const EVP_CIPHER* EVP_des_ede3_ecb(void) { - return EVP_des_ede3(); -} +static const EVP_CIPHER evp_des_ede3 = { + /* nid = */ NID_des_ede3_ecb, + /* block_size = */ 8, + /* key_len = */ 24, + /* iv_len = */ 0, + /* ctx_size = */ sizeof(DES_EDE_KEY), + /* flags = */ EVP_CIPH_ECB_MODE, + /* app_data = */ NULL, + /* init = */ des_ede3_init_key, + /* cipher = */ des_ede_ecb_cipher, + /* cleanup = */ NULL, + /* ctrl = */ NULL, +}; + +const EVP_CIPHER *EVP_des_ede3(void) { return &evp_des_ede3; } + +const EVP_CIPHER *EVP_des_ede3_ecb(void) { return EVP_des_ede3(); }
diff --git a/crypto/fipsmodule/des/des.c b/crypto/des/des.c similarity index 100% rename from crypto/fipsmodule/des/des.c rename to crypto/des/des.c
diff --git a/crypto/fipsmodule/des/internal.h b/crypto/des/internal.h similarity index 99% rename from crypto/fipsmodule/des/internal.h rename to crypto/des/internal.h index 3e3992e..2124fd5 100644 --- a/crypto/fipsmodule/des/internal.h +++ b/crypto/des/internal.h
@@ -59,7 +59,7 @@ #include <openssl/base.h> -#include "../../internal.h" +#include "../internal.h" #if defined(__cplusplus) extern "C" {
diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c index 639235e..bab30cf 100644 --- a/crypto/fipsmodule/bcm.c +++ b/crypto/fipsmodule/bcm.c
@@ -58,8 +58,6 @@ #include "cipher/aead.c" #include "cipher/cipher.c" #include "cipher/e_aes.c" -#include "cipher/e_des.c" -#include "des/des.c" #include "dh/check.c" #include "dh/dh.c" #include "digest/digest.c" @@ -192,7 +190,6 @@ #endif assert_within(rodata_start, kPrimes, rodata_end); - assert_within(rodata_start, des_skb, rodata_end); assert_within(rodata_start, kP256Params, rodata_end); assert_within(rodata_start, kPKCS1SigPrefixes, rodata_end);
diff --git a/crypto/fipsmodule/self_check/self_check.c b/crypto/fipsmodule/self_check/self_check.c index 94f2da7..9dacf91 100644 --- a/crypto/fipsmodule/self_check/self_check.c +++ b/crypto/fipsmodule/self_check/self_check.c
@@ -20,7 +20,6 @@ #include <openssl/aead.h> #include <openssl/aes.h> #include <openssl/bn.h> -#include <openssl/des.h> #include <openssl/dh.h> #include <openssl/digest.h> #include <openssl/ec.h> @@ -356,23 +355,6 @@ 0x00 #endif }; - static const DES_cblock kDESKey1 = {"BCMDESK1"}; - static const DES_cblock kDESKey2 = {"BCMDESK2"}; - static const DES_cblock kDESKey3 = {"BCMDESK3"}; - static const DES_cblock kDESIV = {"BCMDESIV"}; - static const uint8_t kDESCiphertext[64] = { - 0xa4, 0x30, 0x7a, 0x4c, 0x1f, 0x60, 0x16, 0xd7, 0x4f, 0x41, 0xe1, - 0xbb, 0x27, 0xc4, 0x27, 0x37, 0xd4, 0x7f, 0xb9, 0x10, 0xf8, 0xbc, - 0xaf, 0x93, 0x91, 0xb8, 0x88, 0x24, 0xb1, 0xf6, 0xf8, 0xbd, 0x31, - 0x96, 0x06, 0x76, 0xde, 0x32, 0xcd, 0x29, 0x29, 0xba, 0x70, 0x5f, - 0xea, 0xc0, 0xcb, 0xde, 0xc7, 0x75, 0x90, 0xe0, 0x0f, 0x5e, 0x2c, - 0x0d, 0x49, 0x20, 0xd5, 0x30, 0x83, 0xf8, 0x08, -#if !defined(BORINGSSL_FIPS_BREAK_DES) - 0x5a -#else - 0x00 -#endif - }; static const uint8_t kPlaintextSHA1[20] = { 0xc6, 0xf8, 0xc9, 0x63, 0x1c, 0x14, 0x23, 0x62, 0x9b, 0xbd, 0x55, 0x82, 0xf4, 0xd6, 0x1d, 0xf2, 0xab, 0x7d, 0xc8, @@ -652,30 +634,6 @@ goto err; } - DES_key_schedule des1, des2, des3; - DES_cblock des_iv; - DES_set_key(&kDESKey1, &des1); - DES_set_key(&kDESKey2, &des2); - DES_set_key(&kDESKey3, &des3); - - // 3DES Encryption KAT - memcpy(&des_iv, &kDESIV, sizeof(des_iv)); - DES_ede3_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &des1, &des2, - &des3, &des_iv, DES_ENCRYPT); - if (!check_test(kDESCiphertext, output, sizeof(kDESCiphertext), - "3DES Encryption KAT")) { - goto err; - } - - // 3DES Decryption KAT - memcpy(&des_iv, &kDESIV, sizeof(des_iv)); - DES_ede3_cbc_encrypt(kDESCiphertext, output, sizeof(kDESCiphertext), &des1, - &des2, &des3, &des_iv, DES_DECRYPT); - if (!check_test(kPlaintext, output, sizeof(kPlaintext), - "3DES Decryption KAT")) { - goto err; - } - // SHA-1 KAT SHA1(kPlaintext, sizeof(kPlaintext), output); if (!check_test(kPlaintextSHA1, output, sizeof(kPlaintextSHA1),
diff --git a/decrepit/des/cfb64ede.c b/decrepit/des/cfb64ede.c index 6c39923..820c52e 100644 --- a/decrepit/des/cfb64ede.c +++ b/decrepit/des/cfb64ede.c
@@ -58,7 +58,7 @@ #include <openssl/des.h> -#include "../../crypto/fipsmodule/des/internal.h" +#include "../../crypto/des/internal.h" #include "../../crypto/internal.h"