diff options
| author | Ben Noordhuis <info@bnoordhuis.nl> | 2013-04-26 14:49:54 +0200 |
|---|---|---|
| committer | Ben Noordhuis <info@bnoordhuis.nl> | 2013-04-29 12:12:33 +0200 |
| commit | 4fdb8acdaef4c3cb1d855e992ada0e63fee520a6 (patch) | |
| tree | 4b2a796fadb3060c6952c5521c292da209b4adfb /deps/openssl/openssl/crypto/modes/cts128.c | |
| parent | 626d7abdb43b672a6153510561afdd8856b7770f (diff) | |
| download | android-node-v8-4fdb8acdaef4c3cb1d855e992ada0e63fee520a6.tar.gz android-node-v8-4fdb8acdaef4c3cb1d855e992ada0e63fee520a6.tar.bz2 android-node-v8-4fdb8acdaef4c3cb1d855e992ada0e63fee520a6.zip | |
deps: downgrade openssl to v1.0.0f
Several people have reported issues with IIS and Resin servers (or maybe
SSL terminators sitting in front of those servers) that are fixed by
downgrading OpenSSL. The AESNI performance improvements were nice but
stability is more important. Downgrade OpenSSL from 1.0.1e to 1.0.0f.
Fixes #5360 (and others).
Diffstat (limited to 'deps/openssl/openssl/crypto/modes/cts128.c')
| -rw-r--r-- | deps/openssl/openssl/crypto/modes/cts128.c | 226 |
1 files changed, 10 insertions, 216 deletions
diff --git a/deps/openssl/openssl/crypto/modes/cts128.c b/deps/openssl/openssl/crypto/modes/cts128.c index c0e1f3696c..e0430f9fdc 100644 --- a/deps/openssl/openssl/crypto/modes/cts128.c +++ b/deps/openssl/openssl/crypto/modes/cts128.c @@ -5,8 +5,7 @@ * forms are granted according to the OpenSSL license. */ -#include <openssl/crypto.h> -#include "modes_lcl.h" +#include "modes.h" #include <string.h> #ifndef MODES_DEBUG @@ -24,9 +23,8 @@ * deviates from mentioned RFCs. Most notably it allows input to be * of block length and it doesn't flip the order of the last two * blocks. CTS is being discussed even in ECB context, but it's not - * adopted for any known application. This implementation provides - * two interfaces: one compliant with above mentioned RFCs and one - * compliant with the NIST proposal, both extending CBC mode. + * adopted for any known application. This implementation complies + * with mentioned RFCs and [as such] extends CBC mode. */ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, @@ -56,34 +54,6 @@ size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, return len+residue; } -size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block) -{ size_t residue, n; - - assert (in && out && key && ivec); - - if (len < 16) return 0; - - residue=len%16; - - len -= residue; - - CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block); - - if (residue==0) return len; - - in += len; - out += len; - - for (n=0; n<residue; ++n) - ivec[n] ^= in[n]; - (*block)(ivec,ivec,key); - memcpy(out-16+residue,ivec,16); - - return len+residue; -} - size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], cbc128_f cbc) @@ -120,41 +90,6 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out, return len+residue; } -size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], cbc128_f cbc) -{ size_t residue; - union { size_t align; unsigned char c[16]; } tmp; - - assert (in && out && key && ivec); - - if (len < 16) return 0; - - residue=len%16; - - len -= residue; - - (*cbc)(in,out,len,key,ivec,1); - - if (residue==0) return len; - - in += len; - out += len; - -#if defined(CBC_HANDLES_TRUNCATED_IO) - (*cbc)(in,out-16+residue,residue,key,ivec,1); -#else - { - size_t n; - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = 0; - memcpy(tmp.c,in,residue); - } - (*cbc)(tmp.c,out-16+residue,16,key,ivec,1); -#endif - return len+residue; -} - size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out, size_t len, const void *key, unsigned char ivec[16], block128_f block) @@ -190,51 +125,7 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out, for(residue+=16; n<residue; ++n) out[n] = tmp.c[n] ^ in[n]; - return 16+len+residue; -} - -size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block) -{ size_t residue, n; - union { size_t align; unsigned char c[32]; } tmp; - - assert (in && out && key && ivec); - - if (len<16) return 0; - - residue=len%16; - - if (residue==0) { - CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block); - return len; - } - - len -= 16+residue; - - if (len) { - CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block); - in += len; - out += len; - } - - (*block)(in+residue,tmp.c+16,key); - - for (n=0; n<16; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n); - memcpy(tmp.c,in,residue); - (*block)(tmp.c,tmp.c,key); - - for(n=0; n<16; ++n) { - unsigned char c = in[n]; - out[n] = tmp.c[n] ^ ivec[n]; - ivec[n] = in[n+residue]; - tmp.c[n] = c; - } - for(residue+=16; n<residue; ++n) - out[n] = tmp.c[n] ^ tmp.c[n-16]; - - return 16+len+residue; + return len+residue-16; } size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, @@ -269,47 +160,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out, (*cbc)(tmp.c,tmp.c,32,key,ivec,0); memcpy(out,tmp.c,16+residue); #endif - return 16+len+residue; -} - -size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], cbc128_f cbc) -{ size_t residue, n; - union { size_t align; unsigned char c[32]; } tmp; - - assert (in && out && key && ivec); - - if (len<16) return 0; - - residue=len%16; - - if (residue==0) { - (*cbc)(in,out,len,key,ivec,0); - return len; - } - - len -= 16+residue; - - if (len) { - (*cbc)(in,out,len,key,ivec,0); - in += len; - out += len; - } - - for (n=16; n<32; n+=sizeof(size_t)) - *(size_t *)(tmp.c+n) = 0; - /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */ - (*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0); - - memcpy(tmp.c,in,residue); -#if defined(CBC_HANDLES_TRUNCATED_IO) - (*cbc)(tmp.c,out,16+residue,key,ivec,0); -#else - (*cbc)(tmp.c,tmp.c,32,key,ivec,0); - memcpy(out,tmp.c,16+residue); -#endif - return 16+len+residue; + return len+residue; } #if defined(SELFTEST) @@ -349,8 +200,9 @@ static const unsigned char vector_64[64] = static AES_KEY encks, decks; void test_vector(const unsigned char *vector,size_t len) -{ unsigned char iv[sizeof(test_iv)]; - unsigned char cleartext[64],ciphertext[64]; +{ unsigned char cleartext[64]; + unsigned char iv[sizeof(test_iv)]; + unsigned char ciphertext[64]; size_t tail; printf("vector_%d\n",len); fflush(stdout); @@ -391,57 +243,7 @@ void test_vector(const unsigned char *vector,size_t len) fprintf(stderr,"iv_%d mismatch\n",len), exit(4); } -void test_nistvector(const unsigned char *vector,size_t len) -{ unsigned char iv[sizeof(test_iv)]; - unsigned char cleartext[64],ciphertext[64],nistvector[64]; - size_t tail; - - printf("nistvector_%d\n",len); fflush(stdout); - - if ((tail=len%16) == 0) tail = 16; - - len -= 16 + tail; - memcpy(nistvector,vector,len); - /* flip two last blocks */ - memcpy(nistvector+len,vector+len+16,tail); - memcpy(nistvector+len+tail,vector+len,16); - len += 16 + tail; - tail = 16; - - /* test block-based encryption */ - memcpy(iv,test_iv,sizeof(test_iv)); - CRYPTO_nistcts128_encrypt_block(test_input,ciphertext,len,&encks,iv,(block128_f)AES_encrypt); - if (memcmp(ciphertext,nistvector,len)) - fprintf(stderr,"output_%d mismatch\n",len), exit(1); - if (memcmp(iv,nistvector+len-tail,sizeof(iv))) - fprintf(stderr,"iv_%d mismatch\n",len), exit(1); - - /* test block-based decryption */ - memcpy(iv,test_iv,sizeof(test_iv)); - CRYPTO_nistcts128_decrypt_block(ciphertext,cleartext,len,&decks,iv,(block128_f)AES_decrypt); - if (memcmp(cleartext,test_input,len)) - fprintf(stderr,"input_%d mismatch\n",len), exit(2); - if (memcmp(iv,nistvector+len-tail,sizeof(iv))) - fprintf(stderr,"iv_%d mismatch\n",len), exit(2); - - /* test streamed encryption */ - memcpy(iv,test_iv,sizeof(test_iv)); - CRYPTO_nistcts128_encrypt(test_input,ciphertext,len,&encks,iv,(cbc128_f)AES_cbc_encrypt); - if (memcmp(ciphertext,nistvector,len)) - fprintf(stderr,"output_%d mismatch\n",len), exit(3); - if (memcmp(iv,nistvector+len-tail,sizeof(iv))) - fprintf(stderr,"iv_%d mismatch\n",len), exit(3); - - /* test streamed decryption */ - memcpy(iv,test_iv,sizeof(test_iv)); - CRYPTO_nistcts128_decrypt(ciphertext,cleartext,len,&decks,iv,(cbc128_f)AES_cbc_encrypt); - if (memcmp(cleartext,test_input,len)) - fprintf(stderr,"input_%d mismatch\n",len), exit(4); - if (memcmp(iv,nistvector+len-tail,sizeof(iv))) - fprintf(stderr,"iv_%d mismatch\n",len), exit(4); -} - -int main() +main() { AES_set_encrypt_key(test_key,128,&encks); AES_set_decrypt_key(test_key,128,&decks); @@ -452,14 +254,6 @@ int main() test_vector(vector_47,sizeof(vector_47)); test_vector(vector_48,sizeof(vector_48)); test_vector(vector_64,sizeof(vector_64)); - - test_nistvector(vector_17,sizeof(vector_17)); - test_nistvector(vector_31,sizeof(vector_31)); - test_nistvector(vector_32,sizeof(vector_32)); - test_nistvector(vector_47,sizeof(vector_47)); - test_nistvector(vector_48,sizeof(vector_48)); - test_nistvector(vector_64,sizeof(vector_64)); - - return 0; + exit(0); } #endif |