Move DES out of the FIPS module.
FIPS no longer likes it.
Change-Id: I32a4ba93a5849927ff75aa72b816cdc669e8a0af
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/51325
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index d9cfa5c..6ab74b8 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -256,6 +256,7 @@
cipher_extra/e_aesctrhmac.c
cipher_extra/e_aesgcmsiv.c
cipher_extra/e_chacha20poly1305.c
+ cipher_extra/e_des.c
cipher_extra/e_null.c
cipher_extra/e_rc2.c
cipher_extra/e_rc4.c
@@ -274,6 +275,7 @@
crypto.c
curve25519/curve25519.c
curve25519/spake25519.c
+ des/des.c
dh_extra/params.c
dh_extra/dh_asn1.c
digest_extra/digest_extra.c
diff --git a/crypto/fipsmodule/cipher/e_des.c b/crypto/cipher_extra/e_des.c
similarity index 64%
rename from crypto/fipsmodule/cipher/e_des.c
rename to crypto/cipher_extra/e_des.c
index e77363b..087029b 100644
--- a/crypto/fipsmodule/cipher/e_des.c
+++ b/crypto/cipher_extra/e_des.c
@@ -59,7 +59,6 @@
#include <openssl/nid.h>
#include "internal.h"
-#include "../delocate.h"
typedef struct {
@@ -88,17 +87,21 @@
return 1;
}
-DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_cbc) {
- memset(out, 0, sizeof(EVP_CIPHER));
- out->nid = NID_des_cbc;
- out->block_size = 8;
- out->key_len = 8;
- out->iv_len = 8;
- out->ctx_size = sizeof(EVP_DES_KEY);
- out->flags = EVP_CIPH_CBC_MODE;
- out->init = des_init_key;
- out->cipher = des_cbc_cipher;
-}
+static const EVP_CIPHER evp_des_cbc = {
+ /* nid = */ NID_des_cbc,
+ /* block_size = */ 8,
+ /* key_len = */ 8,
+ /* iv_len = */ 8,
+ /* ctx_size = */ sizeof(EVP_DES_KEY),
+ /* flags = */ EVP_CIPH_CBC_MODE,
+ /* app_data = */ NULL,
+ /* init = */ des_init_key,
+ /* cipher = */ des_cbc_cipher,
+ /* cleanup = */ NULL,
+ /* ctrl = */ NULL,
+};
+
+const EVP_CIPHER *EVP_des_cbc(void) { return &evp_des_cbc; }
static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t in_len) {
@@ -107,25 +110,29 @@
}
in_len -= ctx->cipher->block_size;
- EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
+ EVP_DES_KEY *dat = (EVP_DES_KEY *)ctx->cipher_data;
for (size_t i = 0; i <= in_len; i += ctx->cipher->block_size) {
- DES_ecb_encrypt((DES_cblock *) (in + i), (DES_cblock *) (out + i),
+ DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
&dat->ks.ks, ctx->encrypt);
}
return 1;
}
-DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ecb) {
- memset(out, 0, sizeof(EVP_CIPHER));
- out->nid = NID_des_ecb;
- out->block_size = 8;
- out->key_len = 8;
- out->iv_len = 0;
- out->ctx_size = sizeof(EVP_DES_KEY);
- out->flags = EVP_CIPH_ECB_MODE;
- out->init = des_init_key;
- out->cipher = des_ecb_cipher;
-}
+static const EVP_CIPHER evp_des_ecb = {
+ /* nid = */ NID_des_ecb,
+ /* block_size = */ 8,
+ /* key_len = */ 8,
+ /* iv_len = */ 0,
+ /* ctx_size = */ sizeof(EVP_DES_KEY),
+ /* flags = */ EVP_CIPH_ECB_MODE,
+ /* app_data = */ NULL,
+ /* init = */ des_init_key,
+ /* cipher = */ des_ecb_cipher,
+ /* cleanup = */ NULL,
+ /* ctrl = */ NULL,
+};
+
+const EVP_CIPHER *EVP_des_ecb(void) { return &evp_des_ecb; }
typedef struct {
union {
@@ -137,7 +144,7 @@
static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
const uint8_t *iv, int enc) {
DES_cblock *deskey = (DES_cblock *)key;
- DES_EDE_KEY *dat = (DES_EDE_KEY*) ctx->cipher_data;
+ DES_EDE_KEY *dat = (DES_EDE_KEY *)ctx->cipher_data;
DES_set_key(&deskey[0], &dat->ks.ks[0]);
DES_set_key(&deskey[1], &dat->ks.ks[1]);
@@ -147,8 +154,8 @@
}
static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
- const uint8_t *in, size_t in_len) {
- DES_EDE_KEY *dat = (DES_EDE_KEY*) ctx->cipher_data;
+ const uint8_t *in, size_t in_len) {
+ DES_EDE_KEY *dat = (DES_EDE_KEY *)ctx->cipher_data;
DES_ede3_cbc_encrypt(in, out, in_len, &dat->ks.ks[0], &dat->ks.ks[1],
&dat->ks.ks[2], (DES_cblock *)ctx->iv, ctx->encrypt);
@@ -156,22 +163,26 @@
return 1;
}
-DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede3_cbc) {
- memset(out, 0, sizeof(EVP_CIPHER));
- out->nid = NID_des_ede3_cbc;
- out->block_size = 8;
- out->key_len = 24;
- out->iv_len = 8;
- out->ctx_size = sizeof(DES_EDE_KEY);
- out->flags = EVP_CIPH_CBC_MODE;
- out->init = des_ede3_init_key;
- out->cipher = des_ede3_cbc_cipher;
-}
+static const EVP_CIPHER evp_des_ede3_cbc = {
+ /* nid = */ NID_des_ede3_cbc,
+ /* block_size = */ 8,
+ /* key_len = */ 24,
+ /* iv_len = */ 8,
+ /* ctx_size = */ sizeof(DES_EDE_KEY),
+ /* flags = */ EVP_CIPH_CBC_MODE,
+ /* app_data = */ NULL,
+ /* init = */ des_ede3_init_key,
+ /* cipher = */ des_ede3_cbc_cipher,
+ /* cleanup = */ NULL,
+ /* ctrl = */ NULL,
+};
+
+const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &evp_des_ede3_cbc; }
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
- const uint8_t *iv, int enc) {
- DES_cblock *deskey = (DES_cblock *) key;
- DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data;
+ const uint8_t *iv, int enc) {
+ DES_cblock *deskey = (DES_cblock *)key;
+ DES_EDE_KEY *dat = (DES_EDE_KEY *)ctx->cipher_data;
DES_set_key(&deskey[0], &dat->ks.ks[0]);
DES_set_key(&deskey[1], &dat->ks.ks[1]);
@@ -180,17 +191,21 @@
return 1;
}
-DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede_cbc) {
- memset(out, 0, sizeof(EVP_CIPHER));
- out->nid = NID_des_ede_cbc;
- out->block_size = 8;
- out->key_len = 16;
- out->iv_len = 8;
- out->ctx_size = sizeof(DES_EDE_KEY);
- out->flags = EVP_CIPH_CBC_MODE;
- out->init = des_ede_init_key;
- out->cipher = des_ede3_cbc_cipher;
-}
+static const EVP_CIPHER evp_des_ede_cbc = {
+ /* nid = */ NID_des_ede_cbc,
+ /* block_size = */ 8,
+ /* key_len = */ 16,
+ /* iv_len = */ 8,
+ /* ctx_size = */ sizeof(DES_EDE_KEY),
+ /* flags = */ EVP_CIPH_CBC_MODE,
+ /* app_data = */ NULL,
+ /* init = */ des_ede_init_key,
+ /* cipher = */ des_ede3_cbc_cipher,
+ /* cleanup = */ NULL,
+ /* ctrl = */ NULL,
+};
+
+const EVP_CIPHER *EVP_des_ede_cbc(void) { return &evp_des_ede_cbc; }
static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t in_len) {
@@ -208,30 +223,36 @@
return 1;
}
-DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede) {
- memset(out, 0, sizeof(EVP_CIPHER));
- out->nid = NID_des_ede_ecb;
- out->block_size = 8;
- out->key_len = 16;
- out->iv_len = 0;
- out->ctx_size = sizeof(DES_EDE_KEY);
- out->flags = EVP_CIPH_ECB_MODE;
- out->init = des_ede_init_key;
- out->cipher = des_ede_ecb_cipher;
-}
+static const EVP_CIPHER evp_des_ede = {
+ /* nid = */ NID_des_ede_ecb,
+ /* block_size = */ 8,
+ /* key_len = */ 16,
+ /* iv_len = */ 0,
+ /* ctx_size = */ sizeof(DES_EDE_KEY),
+ /* flags = */ EVP_CIPH_ECB_MODE,
+ /* app_data = */ NULL,
+ /* init = */ des_ede_init_key,
+ /* cipher = */ des_ede_ecb_cipher,
+ /* cleanup = */ NULL,
+ /* ctrl = */ NULL,
+};
-DEFINE_METHOD_FUNCTION(EVP_CIPHER, EVP_des_ede3) {
- memset(out, 0, sizeof(EVP_CIPHER));
- out->nid = NID_des_ede3_ecb;
- out->block_size = 8;
- out->key_len = 24;
- out->iv_len = 0;
- out->ctx_size = sizeof(DES_EDE_KEY);
- out->flags = EVP_CIPH_ECB_MODE;
- out->init = des_ede3_init_key;
- out->cipher = des_ede_ecb_cipher;
-}
+const EVP_CIPHER *EVP_des_ede(void) { return &evp_des_ede; }
-const EVP_CIPHER* EVP_des_ede3_ecb(void) {
- return EVP_des_ede3();
-}
+static const EVP_CIPHER evp_des_ede3 = {
+ /* nid = */ NID_des_ede3_ecb,
+ /* block_size = */ 8,
+ /* key_len = */ 24,
+ /* iv_len = */ 0,
+ /* ctx_size = */ sizeof(DES_EDE_KEY),
+ /* flags = */ EVP_CIPH_ECB_MODE,
+ /* app_data = */ NULL,
+ /* init = */ des_ede3_init_key,
+ /* cipher = */ des_ede_ecb_cipher,
+ /* cleanup = */ NULL,
+ /* ctrl = */ NULL,
+};
+
+const EVP_CIPHER *EVP_des_ede3(void) { return &evp_des_ede3; }
+
+const EVP_CIPHER *EVP_des_ede3_ecb(void) { return EVP_des_ede3(); }
diff --git a/crypto/fipsmodule/des/des.c b/crypto/des/des.c
similarity index 100%
rename from crypto/fipsmodule/des/des.c
rename to crypto/des/des.c
diff --git a/crypto/fipsmodule/des/internal.h b/crypto/des/internal.h
similarity index 99%
rename from crypto/fipsmodule/des/internal.h
rename to crypto/des/internal.h
index 3e3992e..2124fd5 100644
--- a/crypto/fipsmodule/des/internal.h
+++ b/crypto/des/internal.h
@@ -59,7 +59,7 @@
#include <openssl/base.h>
-#include "../../internal.h"
+#include "../internal.h"
#if defined(__cplusplus)
extern "C" {
diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c
index 639235e..bab30cf 100644
--- a/crypto/fipsmodule/bcm.c
+++ b/crypto/fipsmodule/bcm.c
@@ -58,8 +58,6 @@
#include "cipher/aead.c"
#include "cipher/cipher.c"
#include "cipher/e_aes.c"
-#include "cipher/e_des.c"
-#include "des/des.c"
#include "dh/check.c"
#include "dh/dh.c"
#include "digest/digest.c"
@@ -192,7 +190,6 @@
#endif
assert_within(rodata_start, kPrimes, rodata_end);
- assert_within(rodata_start, des_skb, rodata_end);
assert_within(rodata_start, kP256Params, rodata_end);
assert_within(rodata_start, kPKCS1SigPrefixes, rodata_end);
diff --git a/crypto/fipsmodule/self_check/self_check.c b/crypto/fipsmodule/self_check/self_check.c
index 94f2da7..9dacf91 100644
--- a/crypto/fipsmodule/self_check/self_check.c
+++ b/crypto/fipsmodule/self_check/self_check.c
@@ -20,7 +20,6 @@
#include <openssl/aead.h>
#include <openssl/aes.h>
#include <openssl/bn.h>
-#include <openssl/des.h>
#include <openssl/dh.h>
#include <openssl/digest.h>
#include <openssl/ec.h>
@@ -356,23 +355,6 @@
0x00
#endif
};
- static const DES_cblock kDESKey1 = {"BCMDESK1"};
- static const DES_cblock kDESKey2 = {"BCMDESK2"};
- static const DES_cblock kDESKey3 = {"BCMDESK3"};
- static const DES_cblock kDESIV = {"BCMDESIV"};
- static const uint8_t kDESCiphertext[64] = {
- 0xa4, 0x30, 0x7a, 0x4c, 0x1f, 0x60, 0x16, 0xd7, 0x4f, 0x41, 0xe1,
- 0xbb, 0x27, 0xc4, 0x27, 0x37, 0xd4, 0x7f, 0xb9, 0x10, 0xf8, 0xbc,
- 0xaf, 0x93, 0x91, 0xb8, 0x88, 0x24, 0xb1, 0xf6, 0xf8, 0xbd, 0x31,
- 0x96, 0x06, 0x76, 0xde, 0x32, 0xcd, 0x29, 0x29, 0xba, 0x70, 0x5f,
- 0xea, 0xc0, 0xcb, 0xde, 0xc7, 0x75, 0x90, 0xe0, 0x0f, 0x5e, 0x2c,
- 0x0d, 0x49, 0x20, 0xd5, 0x30, 0x83, 0xf8, 0x08,
-#if !defined(BORINGSSL_FIPS_BREAK_DES)
- 0x5a
-#else
- 0x00
-#endif
- };
static const uint8_t kPlaintextSHA1[20] = {
0xc6, 0xf8, 0xc9, 0x63, 0x1c, 0x14, 0x23, 0x62, 0x9b, 0xbd,
0x55, 0x82, 0xf4, 0xd6, 0x1d, 0xf2, 0xab, 0x7d, 0xc8,
@@ -652,30 +634,6 @@
goto err;
}
- DES_key_schedule des1, des2, des3;
- DES_cblock des_iv;
- DES_set_key(&kDESKey1, &des1);
- DES_set_key(&kDESKey2, &des2);
- DES_set_key(&kDESKey3, &des3);
-
- // 3DES Encryption KAT
- memcpy(&des_iv, &kDESIV, sizeof(des_iv));
- DES_ede3_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &des1, &des2,
- &des3, &des_iv, DES_ENCRYPT);
- if (!check_test(kDESCiphertext, output, sizeof(kDESCiphertext),
- "3DES Encryption KAT")) {
- goto err;
- }
-
- // 3DES Decryption KAT
- memcpy(&des_iv, &kDESIV, sizeof(des_iv));
- DES_ede3_cbc_encrypt(kDESCiphertext, output, sizeof(kDESCiphertext), &des1,
- &des2, &des3, &des_iv, DES_DECRYPT);
- if (!check_test(kPlaintext, output, sizeof(kPlaintext),
- "3DES Decryption KAT")) {
- goto err;
- }
-
// SHA-1 KAT
SHA1(kPlaintext, sizeof(kPlaintext), output);
if (!check_test(kPlaintextSHA1, output, sizeof(kPlaintextSHA1),
diff --git a/decrepit/des/cfb64ede.c b/decrepit/des/cfb64ede.c
index 6c39923..820c52e 100644
--- a/decrepit/des/cfb64ede.c
+++ b/decrepit/des/cfb64ede.c
@@ -58,7 +58,7 @@
#include <openssl/des.h>
-#include "../../crypto/fipsmodule/des/internal.h"
+#include "../../crypto/des/internal.h"
#include "../../crypto/internal.h"