From 54884ec24d13af4da318e807379a3a0a8373a2e0 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 12 Dec 2001 12:04:25 +0000 Subject: * cipher.c: Added OIDs for AES. (gcry_cipher_mode_from_oid): New. (gcry_cipher_map_name): Moved OID search code to .. (search_oid): .. new function. --- THANKS | 1 + cipher/ChangeLog | 7 ++++ cipher/cipher.c | 117 ++++++++++++++++++++++++++++++++++++------------------- configure.ac | 2 +- src/ChangeLog | 4 ++ src/gcrypt.h | 8 ++-- 6 files changed, 96 insertions(+), 43 deletions(-) diff --git a/THANKS b/THANKS index e7049bbe..d7ec021e 100644 --- a/THANKS +++ b/THANKS @@ -69,6 +69,7 @@ Michael Sobolev mss@despair.transas.com Nicolas Graner Nicolas.Graner@cri.u-psud.fr NIIBE Yutaka gniibe@chroot.org Niklas Hernaeus +Nikos Mavroyanopoulos nmav@hellug.gr Nimrod Zimerman zimerman@forfree.at N J Doye nic@niss.ac.uk Oliver Haakert haakert@hsp.de diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 94ea75a3..9105c82c 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,10 @@ +2001-12-11 Werner Koch + + * cipher.c: Added OIDs for AES. + (gcry_cipher_mode_from_oid): New. + (gcry_cipher_map_name): Moved OID search code to .. + (search_oid): .. new function. + 2001-12-10 Werner Koch * pubkey.c (gcry_pk_encrypt): Find the signature algorithm by name diff --git a/cipher/cipher.c b/cipher/cipher.c index 1cd5a65b..0a076f21 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -43,8 +43,25 @@ static struct { const char *oidstring; int algo; + int mode; } oid_table[] = { - { "1.2.840.113549.3.7", GCRY_CIPHER_3DES /* des-EDE3-CBC*/}, + { "1.2.840.113549.3.7", GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC }, + + /* OIDs from NIST. See http://csrc.nist.gov.csor/ */ + { "2.16.840.1.101.3.4.1.1", GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_ECB }, + { "2.16.840.1.101.3.4.1.2", GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC }, + { "2.16.840.1.101.3.4.1.3", GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_OFB }, + { "2.16.840.1.101.3.4.1.4", GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CFB }, + { "2.16.840.1.101.3.4.1.21", GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_ECB }, + { "2.16.840.1.101.3.4.1.22", GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CBC }, + { "2.16.840.1.101.3.4.1.23", GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_OFB }, + { "2.16.840.1.101.3.4.1.24", GCRY_CIPHER_AES192, GCRY_CIPHER_MODE_CFB }, + { "2.16.840.1.101.3.4.1.41", GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_ECB }, + { "2.16.840.1.101.3.4.1.42", GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC }, + { "2.16.840.1.101.3.4.1.43", GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_OFB }, + { "2.16.840.1.101.3.4.1.44", GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CFB }, + + {NULL} }; @@ -280,6 +297,28 @@ load_cipher_modules(void) return any; } +/* locate the OID in the oid table and return the index or -1 when not + found */ +static int +search_oid (const char *string) +{ + int i; + const char *s; + + if (string && (digitp (string) + || !strncmp (string, "oid.", 4) + || !strncmp (string, "OID.", 4) )) + { + s = digitp(string)? string : (string+4); + + for (i=0; oid_table[i].oidstring; i++) + { + if (!strcmp (s, oid_table[i].oidstring)) + return i; + } + } + return -1; +} /**************** * Map a string to the cipher algo. @@ -298,19 +337,9 @@ gcry_cipher_map_name( const char *string ) /* If the string starts with a digit (optionally prefixed with either "OID." or "oid."), we first look into our table of ASN.1 object identifiers to figure out the algorithm */ - if (digitp (string) - || !strncmp (string, "oid.", 4) - || !strncmp (string, "OID.", 4) ) - { - int i; - const char *s = digitp(string)? string : (string+4); - - for (i=0; oid_table[i].oidstring; i++) - { - if (!strcmp (s, oid_table[i].oidstring)) - return oid_table[i].algo; - } - } + i = search_oid (string); + if (i != -1) + return oid_table[i].algo; do { for(i=0; (s=cipher_table[i].name); i++ ) @@ -320,6 +349,15 @@ gcry_cipher_map_name( const char *string ) return 0; } +int +gcry_cipher_mode_from_oid (const char *string) +{ + int i; + + i = search_oid (string); + return i == -1? 0 : oid_table[i].mode; +} + /**************** * Map a cipher algo to a string @@ -889,32 +927,33 @@ cipher_sync( GCRY_CIPHER_HD c ) int gcry_cipher_ctl( GCRY_CIPHER_HD h, int cmd, void *buffer, size_t buflen) { - int rc = 0; - - switch( cmd ) { - case GCRYCTL_SET_KEY: - rc = cipher_setkey( h, buffer, buflen ); - break; - case GCRYCTL_SET_IV: - cipher_setiv( h, buffer, buflen ); - break; - case GCRYCTL_CFB_SYNC: - cipher_sync( h ); - break; - - case GCRYCTL_DISABLE_ALGO: - /* this one expects a NULL handle and buffer pointing to an - * integer with the algo number. - */ - if( h || !buffer || buflen != sizeof(int) ) - return set_lasterr( GCRYERR_INV_CIPHER_ALGO ); - disable_cipher_algo( *(int*)buffer ); - break; - - default: - rc = GCRYERR_INV_OP; + int rc = 0; + + switch (cmd) + { + case GCRYCTL_SET_KEY: + rc = cipher_setkey( h, buffer, buflen ); + break; + case GCRYCTL_SET_IV: + cipher_setiv( h, buffer, buflen ); + break; + case GCRYCTL_CFB_SYNC: + cipher_sync( h ); + break; + + case GCRYCTL_DISABLE_ALGO: + /* this one expects a NULL handle and buffer pointing to an + * integer with the algo number. + */ + if( h || !buffer || buflen != sizeof(int) ) + return set_lasterr( GCRYERR_INV_CIPHER_ALGO ); + disable_cipher_algo( *(int*)buffer ); + break; + + default: + rc = GCRYERR_INV_OP; } - return set_lasterr (rc); + return set_lasterr (rc); } diff --git a/configure.ac b/configure.ac index 5ba46846..d001b0b6 100644 --- a/configure.ac +++ b/configure.ac @@ -23,7 +23,7 @@ AC_REVISION($Revision$)dnl AC_PREREQ(2.52) # Version numbers (Remember to change them just before a release) # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) -# (Interfaces added: CURRENT++, AGE++, REVISION=0) +# X (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) AC_INIT(libgcrypt,1.1.4b-cvs) LIBGCRYPT_LT_CURRENT=2 diff --git a/src/ChangeLog b/src/ChangeLog index 9e173db8..b4230642 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,7 @@ +2001-12-11 Werner Koch + + * gcrypt.h: Fixed AES128 macro, add enum for OFB mode. + 2001-12-05 Werner Koch * misc.c (_gcry_log_printf): New. diff --git a/src/gcrypt.h b/src/gcrypt.h index bcfc050b..e49bbc29 100644 --- a/src/gcrypt.h +++ b/src/gcrypt.h @@ -189,7 +189,7 @@ GCRY_MPI gcry_sexp_nth_mpi( GCRY_SEXP list, int number, int mpifmt ); enum gcry_mpi_format { GCRYMPI_FMT_NONE= 0, GCRYMPI_FMT_STD = 1, /* twos complement stored without length */ - GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP */ + GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (only defined as unsigned)*/ GCRYMPI_FMT_SSH = 3, /* As used by SSH (same as 1 but with length)*/ GCRYMPI_FMT_HEX = 4, /* hex format */ GCRYMPI_FMT_USG = 5 /* like STD but this is an unsigned one */ @@ -311,7 +311,7 @@ enum gcry_cipher_algos { }; #define GCRY_CIPHER_AES GCRY_CIPHER_RIJNDAEL -#define GCRY_CIPHER_AES128 GCRY_CIPHER_RIJNDAEL128 +#define GCRY_CIPHER_AES128 GCRY_CIPHER_RIJNDAEL #define GCRY_CIPHER_AES192 GCRY_CIPHER_RIJNDAEL192 #define GCRY_CIPHER_AES256 GCRY_CIPHER_RIJNDAEL256 @@ -320,7 +320,8 @@ enum gcry_cipher_modes { GCRY_CIPHER_MODE_ECB = 1, GCRY_CIPHER_MODE_CFB = 2, GCRY_CIPHER_MODE_CBC = 3, - GCRY_CIPHER_MODE_STREAM = 4 /* native stream mode of some the algorithms */ + GCRY_CIPHER_MODE_STREAM = 4, /* native stream mode of some the algorithms */ + GCRY_CIPHER_MODE_OFB = 5 }; enum gcry_cipher_flags { @@ -336,6 +337,7 @@ int gcry_cipher_info( GCRY_CIPHER_HD h, int what, void *buffer, size_t *nbytes); int gcry_cipher_algo_info( int algo, int what, void *buffer, size_t *nbytes); const char *gcry_cipher_algo_name( int algo ); int gcry_cipher_map_name( const char* name ); +int gcry_cipher_mode_from_oid (const char *string); int gcry_cipher_encrypt( GCRY_CIPHER_HD h, byte *out, size_t outsize, const byte *in, size_t inlen ); -- cgit v1.2.1