openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Add blake2 support. 

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Bill Cox 2016-03-09 23:08:31 +01:00 committed by Rich Salz
parent 40f43f8a2e
commit 2d0b441267
29 changed files with 1004 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Configure
View File

@ -220,7 +220,7 @@ $config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "tools" ];
# crypto/ subdirectories to build # crypto/ subdirectories to build
$config{sdirs} = [ $config{sdirs} = [
"objects", "objects",
"md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2",
"des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", "seed", "chacha", "modes", "des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", "seed", "chacha", "modes",
"bn", "ec", "rsa", "dsa", "dh", "dso", "engine", "bn", "ec", "rsa", "dsa", "dh", "dso", "engine",
"buffer", "bio", "stack", "lhash", "rand", "err", "buffer", "bio", "stack", "lhash", "rand", "err",
@ -243,6 +243,7 @@ my @disablables = (
"autoalginit", "autoalginit",
"autoerrinit", "autoerrinit",
"bf", "bf",
"blake2",
"camellia", "camellia",
"capieng", "capieng",
"cast", "cast",
@ -1787,6 +1788,7 @@ print "MODES_OBJ =$target{modes_obj}\n";
print "PADLOCK_OBJ =$target{padlock_obj}\n"; print "PADLOCK_OBJ =$target{padlock_obj}\n";
print "CHACHA_ENC =$target{chacha_obj}\n"; print "CHACHA_ENC =$target{chacha_obj}\n";
print "POLY1305_OBJ =$target{poly1305_obj}\n"; print "POLY1305_OBJ =$target{poly1305_obj}\n";
print "BLAKE2_OBJ =$target{blake2_obj}\n";
print "PROCESSOR =$config{processor}\n"; print "PROCESSOR =$config{processor}\n";
print "RANLIB =$target{ranlib}\n"; print "RANLIB =$target{ranlib}\n";
print "ARFLAGS =$target{arflags}\n"; print "ARFLAGS =$target{arflags}\n";

2
Makefile.in
View File

@ -137,6 +137,7 @@ RC5_ENC= {- $target{rc5_obj} -}
MD5_ASM_OBJ= {- $target{md5_obj} -} MD5_ASM_OBJ= {- $target{md5_obj} -}
SHA1_ASM_OBJ= {- $target{sha1_obj} -} SHA1_ASM_OBJ= {- $target{sha1_obj} -}
RMD160_ASM_OBJ= {- $target{rmd160_obj} -} RMD160_ASM_OBJ= {- $target{rmd160_obj} -}
BLAKE2_OBJ= {- $target{blake2_obj} -}
WP_ASM_OBJ= {- $target{wp_obj} -} WP_ASM_OBJ= {- $target{wp_obj} -}
CMLL_ENC= {- $target{cmll_obj} -} CMLL_ENC= {- $target{cmll_obj} -}
MODES_ASM_OBJ= {- $target{modes_obj} -} MODES_ASM_OBJ= {- $target{modes_obj} -}
@ -281,6 +282,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \ SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)' \
MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \ MD5_ASM_OBJ='$(MD5_ASM_OBJ)' \
RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \ RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)' \
BLAKE2_OBJ='$(BLAKE2_OBJ)' \
WP_ASM_OBJ='$(WP_ASM_OBJ)' \ WP_ASM_OBJ='$(WP_ASM_OBJ)' \
MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \ MODES_ASM_OBJ='$(MODES_ASM_OBJ)' \
PADLOCK_ASM_OBJ='$(PADLOCK_ASM_OBJ)' \ PADLOCK_ASM_OBJ='$(PADLOCK_ASM_OBJ)' \

3
apps/openssl.c
View File

@ -650,6 +650,9 @@ static void list_disabled(void)
#ifdef OPENSSL_NO_BF #ifdef OPENSSL_NO_BF
BIO_puts(bio_out, "BF\n"); BIO_puts(bio_out, "BF\n");
#endif #endif
#ifndef OPENSSL_NO_BLAKE2
BIO_puts(bio_out, "BLAKE2\n");
#endif
#ifdef OPENSSL_NO_CAMELLIA #ifdef OPENSSL_NO_CAMELLIA
BIO_puts(bio_out, "CAMELLIA\n"); BIO_puts(bio_out, "CAMELLIA\n");
#endif #endif

6
apps/progs.h
View File

@ -225,6 +225,12 @@ static FUNCTION functions[] = {
#ifndef OPENSSL_NO_RMD160 #ifndef OPENSSL_NO_RMD160
{ FT_md, "rmd160", dgst_main}, { FT_md, "rmd160", dgst_main},
#endif #endif
#ifndef OPENSSL_NO_BLAKE2B
{ FT_md, "blake2b", dgst_main},
#endif
#ifndef OPENSSL_NO_BLAKE2S
{ FT_md, "blake2s", dgst_main},
#endif
#ifndef OPENSSL_NO_AES #ifndef OPENSSL_NO_AES
{ FT_cipher, "aes-128-cbc", enc_main, enc_options }, { FT_cipher, "aes-128-cbc", enc_main, enc_options },
#endif #endif

2
apps/progs.pl
View File

@ -84,7 +84,7 @@ foreach (
"md2", "md4", "md5", "md2", "md4", "md5",
"md_ghost94", "md_ghost94",
"sha1", "sha224", "sha256", "sha384", "sha512", "sha1", "sha224", "sha256", "sha384", "sha512",
"mdc2", "rmd160" "mdc2", "rmd160", "blake2b", "blake2s"
) { ) {
printf "#ifndef OPENSSL_NO_".uc($_)."\n" if ! /sha/; printf "#ifndef OPENSSL_NO_".uc($_)."\n" if ! /sha/;
printf " { FT_md, \"".$_."\", dgst_main},\n"; printf " { FT_md, \"".$_."\", dgst_main},\n";

48
crypto/blake2/Makefile.in Normal file
View File

@ -0,0 +1,48 @@
#
# OpenSSL/crypto/blake2/Makefile
#
DIR= blake2
TOP= ../..
CC= cc
CPP= $(CC) -E
INCLUDES=
CFLAG=-g
AR= ar r
CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
ASFLAGS= $(INCLUDES) $(ASFLAG)
AFLAGS= $(ASFLAGS)
GENERAL=Makefile
LIB=$(TOP)/libcrypto.a
LIBSRC=blake2b.c blake2s.c
LIBOBJ=blake2b.o blake2s.o
SRC= $(LIBSRC)
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
all: lib
lib: $(LIBOBJ)
$(AR) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
@touch lib
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
update: depend
depend:
$(TOP)/util/domd $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
clean:
rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.

144
crypto/blake2/blake2_impl.h Normal file
View File

@ -0,0 +1,144 @@
/*
* BLAKE2 reference source code package - reference C implementations
*
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.
* You may use this under the terms of the CC0, the OpenSSL Licence, or the
* Apache Public License 2.0, at your option. The terms of these licenses can
* be found at:
*
* - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
* - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
*
* More information about the BLAKE2 hash function can be found at
* https://blake2.net.
*/
/* crypto/blake2/blake2_impl.h */
#include <stdint.h>
#include <string.h>
static inline uint32_t load32(const void *src)
{
#if defined(L_ENDIAN)
uint32_t w;
memcpy(&w, src, sizeof(w));
return w;
#else
const uint8_t *p = (const uint8_t *)src;
uint32_t w = *p++;
w |= (uint32_t)(*p++) << 8;
w |= (uint32_t)(*p++) << 16;
w |= (uint32_t)(*p++) << 24;
return w;
#endif
}
static inline uint64_t load64(const void *src)
{
#if defined(L_ENDIAN)
uint64_t w;
memcpy(&w, src, sizeof(w));
return w;
#else
const uint8_t *p = (const uint8_t *)src;
uint64_t w = *p++;
w |= (uint64_t)(*p++) << 8;
w |= (uint64_t)(*p++) << 16;
w |= (uint64_t)(*p++) << 24;
w |= (uint64_t)(*p++) << 32;
w |= (uint64_t)(*p++) << 40;
w |= (uint64_t)(*p++) << 48;
w |= (uint64_t)(*p++) << 56;
return w;
#endif
}
static inline void store32(void *dst, uint32_t w)
{
#if defined(L_ENDIAN)
memcpy(dst, &w, sizeof(w));
#else
uint8_t *p = (uint8_t *)dst;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
#endif
}
static inline void store64(void *dst, uint64_t w)
{
#if defined(L_ENDIAN)
memcpy(dst, &w, sizeof(w));
#else
uint8_t *p = (uint8_t *)dst;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
#endif
}
static inline uint64_t load48(const void *src)
{
const uint8_t *p = (const uint8_t *)src;
uint64_t w = *p++;
w |= (uint64_t)(*p++) << 8;
w |= (uint64_t)(*p++) << 16;
w |= (uint64_t)(*p++) << 24;
w |= (uint64_t)(*p++) << 32;
w |= (uint64_t)(*p++) << 40;
return w;
}
static inline void store48(void *dst, uint64_t w)
{
uint8_t *p = (uint8_t *)dst;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
w >>= 8;
*p++ = (uint8_t)w;
}
static inline uint32_t rotl32(const uint32_t w, const unsigned c)
{
return (w << c) | (w >> (32 - c));
}
static inline uint64_t rotl64(const uint64_t w, const unsigned c)
{
return (w << c) | (w >> (64 - c));
}
static inline uint32_t rotr32(const uint32_t w, const unsigned c)
{
return (w >> c) | (w << (32 - c));
}
static inline uint64_t rotr64(const uint64_t w, const unsigned c)
{
return (w >> c) | (w << (64 - c));
}

225
crypto/blake2/blake2b.c Normal file
View File

@ -0,0 +1,225 @@
/*
* BLAKE2 reference source code package - reference C implementations
*
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.
* You may use this under the terms of the CC0, the OpenSSL Licence, or the
* Apache Public License 2.0, at your option. The terms of these licenses can
* be found at:
*
* - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
* - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
*
* More information about the BLAKE2 hash function can be found at
* https://blake2.net.
*/
/* crypto/blake2/blake2b.c */
#include <stdint.h>
#include <string.h>
#include <stdio.h>
#include <openssl/crypto.h>
#include "internal/blake2_locl.h"
#include "blake2_impl.h"
static const uint64_t blake2b_IV[8] =
{
0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL,
0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL,
0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
};
static const uint8_t blake2b_sigma[12][16] =
{
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
/* Some helper functions, not necessarily useful */
static inline void blake2b_set_lastblock(BLAKE2B_CTX *S)
{
S->f[0] = -1;
}
/* Increment the data hashed couter. */
static inline void blake2b_increment_counter(BLAKE2B_CTX *S,
const uint64_t inc)
{
S->t[0] += inc;
S->t[1] += (S->t[0] < inc);
}
/* Initialize the hashing state. */
static inline void blake2b_init0(BLAKE2B_CTX *S)
{
int i;
memset(S, 0, sizeof(BLAKE2B_CTX));
for(i = 0; i < 8; ++i) {
S->h[i] = blake2b_IV[i];
}
}
/* init xors IV with input parameter block */
static void blake2b_init_param(BLAKE2B_CTX *S, const BLAKE2B_PARAM *P)
{
size_t i;
const uint8_t *p = (const uint8_t *)(P);
blake2b_init0(S);
/* The param struct is carefully hand packed, and should be 64 bytes on
* every platform. */
OPENSSL_assert(sizeof(BLAKE2B_PARAM) == 64);
/* IV XOR ParamBlock */
for(i = 0; i < 8; ++i) {
S->h[i] ^= load64(p + sizeof(S->h[i]) * i);
}
}
/* Initialize the hashing context. Always returns 1. */
int BLAKE2b_Init(BLAKE2B_CTX *c)
{
BLAKE2B_PARAM P[1];
P->digest_length = BLAKE2B_DIGEST_LENGTH;
P->key_length = 0;
P->fanout = 1;
P->depth = 1;
store32(&P->leaf_length, 0);
store64(&P->node_offset, 0);
P->node_depth = 0;
P->inner_length = 0;
memset(P->reserved, 0, sizeof(P->reserved));
memset(P->salt, 0, sizeof(P->salt));
memset(P->personal, 0, sizeof(P->personal));
blake2b_init_param(c, P);
return 1;
}
/* Permute the state while xoring in the block of data. */
static void blake2b_compress(BLAKE2B_CTX *S,
const uint8_t block[BLAKE2B_BLOCKBYTES])
{
uint64_t m[16];
uint64_t v[16];
int i;
for(i = 0; i < 16; ++i) {
m[i] = load64(block + i * sizeof(m[i]));
}
for(i = 0; i < 8; ++i) {
v[i] = S->h[i];
}
v[8] = blake2b_IV[0];
v[9] = blake2b_IV[1];
v[10] = blake2b_IV[2];
v[11] = blake2b_IV[3];
v[12] = S->t[0] ^ blake2b_IV[4];
v[13] = S->t[1] ^ blake2b_IV[5];
v[14] = S->f[0] ^ blake2b_IV[6];
v[15] = S->f[1] ^ blake2b_IV[7];
#define G(r,i,a,b,c,d) \
do { \
a = a + b + m[blake2b_sigma[r][2*i+0]]; \
d = rotr64(d ^ a, 32); \
c = c + d; \
b = rotr64(b ^ c, 24); \
a = a + b + m[blake2b_sigma[r][2*i+1]]; \
d = rotr64(d ^ a, 16); \
c = c + d; \
b = rotr64(b ^ c, 63); \
} while(0)
#define ROUND(r) \
do { \
G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
G(r,2,v[ 2],v[ 6],v[10],v[14]); \
G(r,3,v[ 3],v[ 7],v[11],v[15]); \
G(r,4,v[ 0],v[ 5],v[10],v[15]); \
G(r,5,v[ 1],v[ 6],v[11],v[12]); \
G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
} while(0)
ROUND(0);
ROUND(1);
ROUND(2);
ROUND(3);
ROUND(4);
ROUND(5);
ROUND(6);
ROUND(7);
ROUND(8);
ROUND(9);
ROUND(10);
ROUND(11);
for(i = 0; i < 8; ++i) {
S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
}
#undef G
#undef ROUND
}
/* Absorb the input data into the hash state. Always returns 1. */
int BLAKE2b_Update(BLAKE2B_CTX *c, const void *data, size_t datalen)
{
const uint8_t *in = data;
size_t fill;
while(datalen > 0) {
fill = sizeof(c->buf) - c->buflen;
/* Must be >, not >=, so that last block can be hashed differently */
if(datalen > fill) {
memcpy(c->buf + c->buflen, in, fill); /* Fill buffer */
blake2b_increment_counter(c, BLAKE2B_BLOCKBYTES);
blake2b_compress(c, c->buf); /* Compress */
c->buflen = 0;
in += fill;
datalen -= fill;
} else { /* datalen <= fill */
memcpy(c->buf + c->buflen, in, datalen);
c->buflen += datalen; /* Be lazy, do not compress */
return 1;
}
}
return 1;
}
/*
* Finalize the hash state in a way that avoids length extension attacks.
* Always returns 1.
*/
int BLAKE2b_Final(unsigned char *md, BLAKE2B_CTX *c)
{
int i;
blake2b_increment_counter(c, c->buflen);
blake2b_set_lastblock(c);
/* Padding */
memset(c->buf + c->buflen, 0, sizeof(c->buf) - c->buflen);
blake2b_compress(c, c->buf);
/* Output full hash to message digest */
for(i = 0; i < 8; ++i) {
store64(md + sizeof(c->h[i]) * i, c->h[i]);
}
OPENSSL_cleanse(c, sizeof(BLAKE2B_CTX));
return 1;
}

220
crypto/blake2/blake2s.c Normal file
View File

@ -0,0 +1,220 @@
/*
* BLAKE2 reference source code package - reference C implementations
*
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.
* You may use this under the terms of the CC0, the OpenSSL Licence, or the
* Apache Public License 2.0, at your option. The terms of these licenses can
* be found at:
*
* - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
* - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
*
* More information about the BLAKE2 hash function can be found at
* https://blake2.net.
*/
/* crypto/blake2/blake2s.c */
#include <stdint.h>
#include <string.h>
#include <stdio.h>
#include <openssl/crypto.h>
#include "internal/blake2_locl.h"
#include "blake2_impl.h"
static const uint32_t blake2s_IV[8] =
{
0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL,
0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
};
static const uint8_t blake2s_sigma[10][16] =
{
{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
{ 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
{ 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
{ 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
{ 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
{ 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
{ 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
{ 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
{ 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
};
/* Some helper functions, not necessarily useful */
static inline void blake2s_set_lastblock(BLAKE2S_CTX *S)
{
S->f[0] = -1;
}
/* Increment the data hashed couter. */
static inline void blake2s_increment_counter(BLAKE2S_CTX *S,
const uint32_t inc)
{
S->t[0] += inc;
S->t[1] += (S->t[0] < inc);
}
/* Initialize the hashing state. */
static inline void blake2s_init0(BLAKE2S_CTX *S)
{
int i;
memset(S, 0, sizeof(BLAKE2S_CTX));
for(i = 0; i < 8; ++i) {
S->h[i] = blake2s_IV[i];
}
}
/* init2 xors IV with input parameter block */
static void blake2s_init_param(BLAKE2S_CTX *S, const BLAKE2S_PARAM *P)
{
const uint32_t *p = (const uint32_t *)(P);
size_t i;
/* The param struct is carefully hand packed, and should be 32 bytes on
* every platform. */
OPENSSL_assert(sizeof(BLAKE2S_PARAM) == 32);
blake2s_init0(S);
/* IV XOR ParamBlock */
for(i = 0; i < 8; ++i) {
S->h[i] ^= load32(&p[i]);
}
}
/* Initialize the hashing context. Always returns 1. */
int BLAKE2s_Init(BLAKE2S_CTX *c)
{
BLAKE2S_PARAM P[1];
P->digest_length = BLAKE2S_DIGEST_LENGTH;
P->key_length = 0;
P->fanout = 1;
P->depth = 1;
store32(&P->leaf_length, 0);
store48(&P->node_offset, 0);
P->node_depth = 0;
P->inner_length = 0;
/* memset(P->reserved, 0, sizeof(P->reserved)); */
memset(P->salt, 0, sizeof(P->salt));
memset(P->personal, 0, sizeof(P->personal));
blake2s_init_param(c, P);
return 1;
}
/* Permute the state while xoring in the block of data. */
static void blake2s_compress(BLAKE2S_CTX *S,
const uint8_t block[BLAKE2S_BLOCKBYTES])
{
uint32_t m[16];
uint32_t v[16];
size_t i;
for(i = 0; i < 16; ++i) {
m[i] = load32(block + i * sizeof(m[i]));
}
for(i = 0; i < 8; ++i) {
v[i] = S->h[i];
}
v[ 8] = blake2s_IV[0];
v[ 9] = blake2s_IV[1];
v[10] = blake2s_IV[2];
v[11] = blake2s_IV[3];
v[12] = S->t[0] ^ blake2s_IV[4];
v[13] = S->t[1] ^ blake2s_IV[5];
v[14] = S->f[0] ^ blake2s_IV[6];
v[15] = S->f[1] ^ blake2s_IV[7];
#define G(r,i,a,b,c,d) \
do { \
a = a + b + m[blake2s_sigma[r][2*i+0]]; \
d = rotr32(d ^ a, 16); \
c = c + d; \
b = rotr32(b ^ c, 12); \
a = a + b + m[blake2s_sigma[r][2*i+1]]; \
d = rotr32(d ^ a, 8); \
c = c + d; \
b = rotr32(b ^ c, 7); \
} while(0)
#define ROUND(r) \
do { \
G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
G(r,2,v[ 2],v[ 6],v[10],v[14]); \
G(r,3,v[ 3],v[ 7],v[11],v[15]); \
G(r,4,v[ 0],v[ 5],v[10],v[15]); \
G(r,5,v[ 1],v[ 6],v[11],v[12]); \
G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
} while(0)
ROUND(0);
ROUND(1);
ROUND(2);
ROUND(3);
ROUND(4);
ROUND(5);
ROUND(6);
ROUND(7);
ROUND(8);
ROUND(9);
for(i = 0; i < 8; ++i) {
S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
}
#undef G
#undef ROUND
}
/* Absorb the input data into the hash state. Always returns 1. */
int BLAKE2s_Update(BLAKE2S_CTX *c, const void *data, size_t datalen)
{
const uint8_t *in = data;
size_t fill;
while(datalen > 0) {
fill = sizeof(c->buf) - c->buflen;
/* Must be >, not >=, so that last block can be hashed differently */
if(datalen > fill) {
memcpy(c->buf + c->buflen, in, fill); /* Fill buffer */
blake2s_increment_counter(c, BLAKE2S_BLOCKBYTES);
blake2s_compress(c, c->buf); /* Compress */
c->buflen = 0;
in += fill;
datalen -= fill;
} else { /* datalen <= fill */
memcpy(c->buf + c->buflen, in, datalen);
c->buflen += datalen; /* Be lazy, do not compress */
return 1;
}
}
return 1;
}
/*
* Finalize the hash state in a way that avoids length extension attacks.
* Always returns 1.
*/
int BLAKE2s_Final(unsigned char *md, BLAKE2S_CTX *c)
{
int i;
blake2s_increment_counter(c, (uint32_t)c->buflen);
blake2s_set_lastblock(c);
/* Padding */
memset(c->buf + c->buflen, 0, sizeof(c->buf) - c->buflen);
blake2s_compress(c, c->buf);
/* Output full hash to temp buffer */
for(i = 0; i < 8; ++i) {
store32(md + sizeof(c->h[i]) * i, c->h[i]);
}
OPENSSL_cleanse(c, sizeof(BLAKE2S_CTX));
return 1;
}

3
crypto/blake2/build.info Normal file
View File

@ -0,0 +1,3 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
blake2b.c blake2s.c

4
crypto/evp/Makefile.in
View File

@ -20,7 +20,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_cnf.c \
e_rc4.c e_aes.c names.c e_seed.c \ e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
m_md5_sha1.c m_mdc2.c m_ripemd.c \ m_md5_sha1.c m_mdc2.c m_ripemd.c m_blake2b.c m_blake2s.c \
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_allc.c c_alld.c evp_lib.c bio_ok.c \ c_allc.c c_alld.c evp_lib.c bio_ok.c \
@ -34,7 +34,7 @@ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_cnf.o \
e_rc4.o e_aes.o names.o e_seed.o \ e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \ m_null.o m_md2.o m_md4.o m_md5.o m_sha1.o m_wp.o \
m_md5_sha1.o m_mdc2.o m_ripemd.o \ m_md5_sha1.o m_mdc2.o m_ripemd.o m_blake2b.o m_blake2s.o \
p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \ bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
c_allc.o c_alld.o evp_lib.o bio_ok.o \ c_allc.o c_alld.o evp_lib.o bio_ok.o \

2
crypto/evp/build.info
View File

@ -5,7 +5,7 @@ SOURCE[../../libcrypto]=\
e_rc4.c e_aes.c names.c e_seed.c \ e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \
m_md5_sha1.c m_mdc2.c m_ripemd.c \ m_md5_sha1.c m_mdc2.c m_ripemd.c m_blake2b.c m_blake2s.c \
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \ bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_allc.c c_alld.c evp_lib.c bio_ok.c \ c_allc.c c_alld.c evp_lib.c bio_ok.c \

4
crypto/evp/c_alld.c
View File

@ -90,4 +90,8 @@ void openssl_add_all_digests_internal(void)
#ifndef OPENSSL_NO_WHIRLPOOL #ifndef OPENSSL_NO_WHIRLPOOL
EVP_add_digest(EVP_whirlpool()); EVP_add_digest(EVP_whirlpool());
#endif #endif
#ifndef OPENSSL_NO_BLAKE2
EVP_add_digest(EVP_blake2b());
EVP_add_digest(EVP_blake2s());
#endif
} }

62
crypto/evp/m_blake2b.c Normal file
View File

@ -0,0 +1,62 @@
/*
* BLAKE2 reference source code package - reference C implementations
*
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.
* You may use this under the terms of the CC0, the OpenSSL Licence, or the
* Apache Public License 2.0, at your option. The terms of these licenses can
* be found at:
*
* - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
* - CC0 1.0 Universal : http://www.apache.org/licenses/LICENSE-2.0
*
* More information about the BLAKE2 hash function can be found at
* https://blake2.net.
*/
/* crypto/evp/m_blake2b.c */
#include <stdio.h>
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_BLAKE2
# include <openssl/evp.h>
# include <openssl/objects.h>
# include "internal/blake2_locl.h"
# include "internal/evp_int.h"
static int init(EVP_MD_CTX *ctx)
{
return BLAKE2b_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return BLAKE2b_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return BLAKE2b_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD blake2b_md = {
NID_blake2b,
0,
BLAKE2B_DIGEST_LENGTH,
0,
init,
update,
final,
NULL,
NULL,
0,
sizeof(EVP_MD *) + sizeof(BLAKE2B_CTX),
};
const EVP_MD *EVP_blake2b(void)
{
return (&blake2b_md);
}
#endif

62
crypto/evp/m_blake2s.c Normal file
View File

@ -0,0 +1,62 @@
/*
* BLAKE2 reference source code package - reference C implementations
*
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.
* You may use this under the terms of the CC0, the OpenSSL Licence, or the
* Apache Public License 2.0, at your option. The terms of these licenses can
* be found at:
*
* - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
* - CC0 1.0 Universal : http://www.apache.org/licenses/LICENSE-2.0
*
* More information about the BLAKE2 hash function can be found at
* https://blake2.net.
*/
/* crypto/evp/m_blake2s.c */
#include <stdio.h>
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_BLAKE2
# include <openssl/evp.h>
# include <openssl/objects.h>
# include "internal/blake2_locl.h"
# include "internal/evp_int.h"
static int init(EVP_MD_CTX *ctx)
{
return BLAKE2s_Init(EVP_MD_CTX_md_data(ctx));
}
static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
{
return BLAKE2s_Update(EVP_MD_CTX_md_data(ctx), data, count);
}
static int final(EVP_MD_CTX *ctx, unsigned char *md)
{
return BLAKE2s_Final(md, EVP_MD_CTX_md_data(ctx));
}
static const EVP_MD blake2s_md = {
NID_blake2s,
0,
BLAKE2S_DIGEST_LENGTH,
0,
init,
update,
final,
NULL,
NULL,
0,
sizeof(EVP_MD *) + sizeof(BLAKE2S_CTX),
};
const EVP_MD *EVP_blake2s(void)
{
return (&blake2s_md);
}
#endif

98
crypto/include/internal/blake2_locl.h Normal file
View File

@ -0,0 +1,98 @@
/*
* BLAKE2 reference source code package - reference C implementations
*
* Copyright 2012, Samuel Neves <sneves@dei.uc.pt>.
* You may use this under the terms of the CC0, the OpenSSL Licence, or the
* Apache Public License 2.0, at your option. The terms of these licenses can
* be found at:
*
* - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0
* - CC0 1.0 Universal : http://www.apache.org/licenses/LICENSE-2.0
*
* More information about the BLAKE2 hash function can be found at
* https://blake2.net.
*/
/* crypto/blake2/blake2_locl.h */
#include <stddef.h>
#include <stdint.h>
# ifdef OPENSSL_NO_BLAKE2
# error BLAKE2 is disabled.
# endif
#define BLAKE2S_BLOCKBYTES 64
#define BLAKE2S_OUTBYTES 32
#define BLAKE2S_KEYBYTES 32
#define BLAKE2S_SALTBYTES 8
#define BLAKE2S_PERSONALBYTES 8
#define BLAKE2B_BLOCKBYTES 128
#define BLAKE2B_OUTBYTES 64
#define BLAKE2B_KEYBYTES 64
#define BLAKE2B_SALTBYTES 16
#define BLAKE2B_PERSONALBYTES 16
struct blake2s_param_st {
uint8_t digest_length; /* 1 */
uint8_t key_length; /* 2 */
uint8_t fanout; /* 3 */
uint8_t depth; /* 4 */
uint32_t leaf_length; /* 8 */
uint8_t node_offset[6];/* 14 */
uint8_t node_depth; /* 15 */
uint8_t inner_length; /* 16 */
/* uint8_t reserved[0]; */
uint8_t salt[BLAKE2S_SALTBYTES]; /* 24 */
uint8_t personal[BLAKE2S_PERSONALBYTES]; /* 32 */
};
typedef struct blake2s_param_st BLAKE2S_PARAM;
struct blake2s_ctx_st {
uint32_t h[8];
uint32_t t[2];
uint32_t f[2];
uint8_t buf[BLAKE2S_BLOCKBYTES];
size_t buflen;
};
struct blake2b_param_st {
uint8_t digest_length; /* 1 */
uint8_t key_length; /* 2 */
uint8_t fanout; /* 3 */
uint8_t depth; /* 4 */
uint32_t leaf_length; /* 8 */
uint64_t node_offset; /* 16 */
uint8_t node_depth; /* 17 */
uint8_t inner_length; /* 18 */
uint8_t reserved[14]; /* 32 */
uint8_t salt[BLAKE2B_SALTBYTES]; /* 48 */
uint8_t personal[BLAKE2B_PERSONALBYTES]; /* 64 */
};
typedef struct blake2b_param_st BLAKE2B_PARAM;
struct blake2b_ctx_st {
uint64_t h[8];
uint64_t t[2];
uint64_t f[2];
uint8_t buf[BLAKE2B_BLOCKBYTES];
size_t buflen;
};
#define BLAKE2B_DIGEST_LENGTH 64
#define BLAKE2S_DIGEST_LENGTH 32
typedef struct blake2s_ctx_st BLAKE2S_CTX;
typedef struct blake2b_ctx_st BLAKE2B_CTX;
int BLAKE2b_Init(BLAKE2B_CTX *c);
int BLAKE2b_Update(BLAKE2B_CTX *c, const void *data, size_t datalen);
int BLAKE2b_Final(unsigned char *md, BLAKE2B_CTX *c);
int BLAKE2s_Init(BLAKE2S_CTX *c);
int BLAKE2s_Update(BLAKE2S_CTX *c, const void *data, size_t datalen);
int BLAKE2s_Final(unsigned char *md, BLAKE2S_CTX *c);

22
crypto/objects/obj_dat.h
View File

@ -60,12 +60,12 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
#define NUM_NID 1054 #define NUM_NID 1058
#define NUM_SN 1047 #define NUM_SN 1049
#define NUM_LN 1047 #define NUM_LN 1049
#define NUM_OBJ 951 #define NUM_OBJ 953
static const unsigned char lvalues[6722]={ static const unsigned char lvalues[6744]={
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
@ -1011,6 +1011,8 @@ static const unsigned char lvalues[6722]={
0x2B,0x06,0x01,0x05,0x02,0x03,0x05, /* [6696] OBJ_pkInitKDC */ 0x2B,0x06,0x01,0x05,0x02,0x03,0x05, /* [6696] OBJ_pkInitKDC */
0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0F,0x01,/* [6703] OBJ_X25519 */ 0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0F,0x01,/* [6703] OBJ_X25519 */
0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0F,0x02,/* [6712] OBJ_X448 */ 0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0F,0x02,/* [6712] OBJ_X448 */
0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x01,0x10,/* [6721] OBJ_blake2b */
0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x02,0x08,/* [6732] OBJ_blake2s */
}; };
static const ASN1_OBJECT nid_objs[NUM_NID]={ static const ASN1_OBJECT nid_objs[NUM_NID]={
@ -2722,6 +2724,10 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
{"AuthGOST12","auth-gost12",NID_auth_gost12,0,NULL,0}, {"AuthGOST12","auth-gost12",NID_auth_gost12,0,NULL,0},
{"AuthSRP","auth-srp",NID_auth_srp,0,NULL,0}, {"AuthSRP","auth-srp",NID_auth_srp,0,NULL,0},
{"AuthNULL","auth-null",NID_auth_null,0,NULL,0}, {"AuthNULL","auth-null",NID_auth_null,0,NULL,0},
{NULL,NULL,NID_undef,0,NULL,0},
{NULL,NULL,NID_undef,0,NULL,0},
{"BLAKE2b","blake2b",NID_blake2b,11,&(lvalues[6721]),0},
{"BLAKE2s","blake2s",NID_blake2s,11,&(lvalues[6732]),0},
}; };
static const unsigned int sn_objs[NUM_SN]={ static const unsigned int sn_objs[NUM_SN]={
@ -2770,6 +2776,8 @@ static const unsigned int sn_objs[NUM_SN]={
93, /* "BF-CFB" */ 93, /* "BF-CFB" */
92, /* "BF-ECB" */ 92, /* "BF-ECB" */
94, /* "BF-OFB" */ 94, /* "BF-OFB" */
1056, /* "BLAKE2b" */
1057, /* "BLAKE2s" */
14, /* "C" */ 14, /* "C" */
751, /* "CAMELLIA-128-CBC" */ 751, /* "CAMELLIA-128-CBC" */
962, /* "CAMELLIA-128-CCM" */ 962, /* "CAMELLIA-128-CCM" */
@ -4008,6 +4016,8 @@ static const unsigned int ln_objs[NUM_LN]={
93, /* "bf-cfb" */ 93, /* "bf-cfb" */
92, /* "bf-ecb" */ 92, /* "bf-ecb" */
94, /* "bf-ofb" */ 94, /* "bf-ofb" */
1056, /* "blake2b" */
1057, /* "blake2s" */
921, /* "brainpoolP160r1" */ 921, /* "brainpoolP160r1" */
922, /* "brainpoolP160t1" */ 922, /* "brainpoolP160t1" */
923, /* "brainpoolP192r1" */ 923, /* "brainpoolP192r1" */
@ -5776,5 +5786,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
955, /* OBJ_jurisdictionLocalityName 1 3 6 1 4 1 311 60 2 1 1 */ 955, /* OBJ_jurisdictionLocalityName 1 3 6 1 4 1 311 60 2 1 1 */
956, /* OBJ_jurisdictionStateOrProvinceName 1 3 6 1 4 1 311 60 2 1 2 */ 956, /* OBJ_jurisdictionStateOrProvinceName 1 3 6 1 4 1 311 60 2 1 2 */
957, /* OBJ_jurisdictionCountryName 1 3 6 1 4 1 311 60 2 1 3 */ 957, /* OBJ_jurisdictionCountryName 1 3 6 1 4 1 311 60 2 1 3 */
1056, /* OBJ_blake2b 1 3 6 1 4 1 1722 12 2 1 16 */
1057, /* OBJ_blake2s 1 3 6 1 4 1 1722 12 2 2 8 */
}; };

2
crypto/objects/obj_mac.num
View File

@ -1053,3 +1053,5 @@ auth_srp 1052
auth_null 1053 auth_null 1053
fips_none 1054 fips_none 1054
fips_140_2 1055 fips_140_2 1055
blake2b 1056
blake2s 1057

3
crypto/objects/objects.txt
View File

@ -671,6 +671,9 @@ algorithm 29 : RSA-SHA1-2 : sha1WithRSA
1 3 36 3 2 1 : RIPEMD160 : ripemd160 1 3 36 3 2 1 : RIPEMD160 : ripemd160
1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA 1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA
1 3 6 1 4 1 1722 12 2 1 16 : BLAKE2b : blake2b
1 3 6 1 4 1 1722 12 2 2 8 : BLAKE2s : blake2s
!Cname sxnet !Cname sxnet
1 3 101 1 4 1 : SXNetID : Strong Extranet ID 1 3 101 1 4 1 : SXNetID : Strong Extranet ID

2
doc/apps/dgst.pod
View File

@ -2,7 +2,7 @@
=head1 NAME =head1 NAME
dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5 - message digests dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5, blake2b, blake2s - message digests
=head1 SYNOPSIS =head1 SYNOPSIS

17
doc/crypto/EVP_DigestInit.pod
View File

@ -8,8 +8,8 @@ EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type,
EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1, EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha1,
EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_mdc2, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_mdc2,
EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - EVP_ripemd160, EVP_blake2b, EVP_blake2s, EVP_get_digestbyname,
EVP digest routines EVP_get_digestbynid, EVP_get_digestbyobj - EVP digest routines
=head1 SYNOPSIS =head1 SYNOPSIS
@ -57,6 +57,8 @@ EVP digest routines
const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_sha1(void);
const EVP_MD *EVP_mdc2(void); const EVP_MD *EVP_mdc2(void);
const EVP_MD *EVP_ripemd160(void); const EVP_MD *EVP_ripemd160(void);
const EVP_MD *EVP_blake2b(void);
const EVP_MD *EVP_blake2s(void);
const EVP_MD *EVP_sha224(void); const EVP_MD *EVP_sha224(void);
const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha256(void);
@ -134,9 +136,10 @@ are no longer linked this function is only retained for compatibility
reasons. reasons.
EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD> EVP_sha384(), EVP_sha512(), EVP_mdc2(), EVP_ripemd160(), EVP_blake2b, and
structures for the MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2 EVP_blake2s return B<EVP_MD> structures for the MD2, MD5, SHA1, SHA224, SHA256,
and RIPEMD160 digest algorithms respectively. SHA384, SHA512, MDC2, RIPEMD160, BLAKE2b, and BLAKE2s digest algorithms
respectively.
EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
returns is of zero length. returns is of zero length.
@ -159,8 +162,8 @@ EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
EVP_MD_CTX_block_size() return the digest or block size in bytes. EVP_MD_CTX_block_size() return the digest or block size in bytes.
EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
EVP_mdc2() and EVP_ripemd160() return pointers to the EVP_mdc2(), EVP_ripemd160(), EVP_blake2b(), and EVP_blake2s() return pointers
corresponding EVP_MD structures. to the corresponding EVP_MD structures.
EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj() EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
return either an B<EVP_MD> structure or NULL if an error occurs. return either an B<EVP_MD> structure or NULL if an error occurs.

2
doc/standards.txt
View File

@ -163,3 +163,5 @@ STARTTLS documents.
3657 Use of the Camellia Encryption Algorithm in Cryptographic 3657 Use of the Camellia Encryption Algorithm in Cryptographic
Message Syntax (CMS) Message Syntax (CMS)
7693 The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)

4
include/openssl/evp.h
View File

@ -700,6 +700,10 @@ const EVP_MD *EVP_md4(void);
const EVP_MD *EVP_md5(void); const EVP_MD *EVP_md5(void);
const EVP_MD *EVP_md5_sha1(void); const EVP_MD *EVP_md5_sha1(void);
# endif # endif
# ifndef OPENSSL_NO_BLAKE2
const EVP_MD *EVP_blake2b(void);
const EVP_MD *EVP_blake2s(void);
# endif
const EVP_MD *EVP_sha1(void); const EVP_MD *EVP_sha1(void);
const EVP_MD *EVP_sha224(void); const EVP_MD *EVP_sha224(void);
const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha256(void);

10
include/openssl/obj_mac.h
View File

@ -2078,6 +2078,16 @@
#define NID_ripemd160WithRSA 119 #define NID_ripemd160WithRSA 119
#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L #define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
#define SN_blake2b "BLAKE2b"
#define LN_blake2b "blake2b"
#define NID_blake2b 1056
#define OBJ_blake2b 1L,3L,6L,1L,4L,1L,1722L,12L,2L,1L,16L
#define SN_blake2s "BLAKE2s"
#define LN_blake2s "blake2s"
#define NID_blake2s 1057
#define OBJ_blake2s 1L,3L,6L,1L,4L,1L,1722L,12L,2L,2L,8L
#define SN_sxnet "SXNetID" #define SN_sxnet "SXNetID"
#define LN_sxnet "Strong Extranet ID" #define LN_sxnet "Strong Extranet ID"
#define NID_sxnet 143 #define NID_sxnet 143

10
include/openssl/objects.h
View File

@ -642,6 +642,16 @@
# define NID_ripemd160WithRSA 119 # define NID_ripemd160WithRSA 119
# define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L # define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
# define SN_blake2b "BLAKE2b"
# define LN_blake2b "blake2b"
# define NID_blake2b 1022
# define OBJ_blake2b 1,3,6,1,4,1,1722,12,2,1,16
# define SN_blake2s "BLAKE2s"
# define LN_blake2s "blake2"
# define NID_blake2s 1023
# define OBJ_blake2s 1,3,6,1,4,1,1722,12,2,2,8
/*- /*-
* Taken from rfc2040 * Taken from rfc2040
* RC5_CBC_Parameters ::= SEQUENCE { * RC5_CBC_Parameters ::= SEQUENCE {

57
test/evptests.txt
View File

@ -2,6 +2,63 @@
#aadcipher:key:iv:plaintext:ciphertext:aad:tag:0/1(decrypt/encrypt) #aadcipher:key:iv:plaintext:ciphertext:aad:tag:0/1(decrypt/encrypt)
#digest:::input:output #digest:::input:output
# BLAKE2 tests, using same inputs as MD5
Digest = BLAKE2s
Input =
Output = 69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9
Digest = BLAKE2s
Input = 61
Output = 4a0d129873403037c2cd9b9048203687f6233fb6738956e0349bd4320fec3e90
Digest = BLAKE2s
Input = 616263
Output = 508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982
Digest = BLAKE2s
Input = 6d65737361676520646967657374
Output = fa10ab775acf89b7d3c8a6e823d586f6b67bdbac4ce207fe145b7d3ac25cd28c
Digest = BLAKE2s
Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
Output = bdf88eb1f86a0cdf0e840ba88fa118508369df186c7355b4b16cf79fa2710a12
Digest = BLAKE2s
Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
Output = c75439ea17e1de6fa4510c335dc3d3f343e6f9e1ce2773e25b4174f1df8b119b
Digest = BLAKE2s
Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
Output = fdaedb290a0d5af9870864fec2e090200989dc9cd53a3c092129e8535e8b4f66
Digest = BLAKE2b
Input =
Output = 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce
Digest = BLAKE2b
Input = 61
Output = 333fcb4ee1aa7c115355ec66ceac917c8bfd815bf7587d325aec1864edd24e34d5abe2c6b1b5ee3face62fed78dbef802f2a85cb91d455a8f5249d330853cb3c
Digest = BLAKE2b
Input = 616263
Output = ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923
Digest = BLAKE2b
Input = 6d65737361676520646967657374
Output = 3c26ce487b1c0f062363afa3c675ebdbf5f4ef9bdc022cfbef91e3111cdc283840d8331fc30a8a0906cff4bcdbcd230c61aaec60fdfad457ed96b709a382359a
Digest = BLAKE2b
Input = 6162636465666768696a6b6c6d6e6f707172737475767778797a
Output = c68ede143e416eb7b4aaae0d8e48e55dd529eafed10b1df1a61416953a2b0a5666c761e7d412e6709e31ffe221b7a7a73908cb95a4d120b8b090a87d1fbedb4c
Digest = BLAKE2b
Input = 4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839
Output = 99964802e5c25e703722905d3fb80046b6bca698ca9e2cc7e49b4fe1fa087c2edf0312dfbb275cf250a1e542fd5dc2edd313f9c491127c2e8c0c9b24168e2d50
Digest = BLAKE2b
Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930
Output = 686f41ec5afff6e87e1f076f542aa466466ff5fbde162c48481ba48a748d842799f5b30f5b67fc684771b33b994206d05cc310f31914edd7b97e41860d77d282
# SHA(1) tests (from shatest.c) # SHA(1) tests (from shatest.c)
Digest = SHA1 Digest = SHA1
Input = 616263 Input = 616263

2
util/libcrypto.num
View File

@ -4057,3 +4057,5 @@ ECPKPARAMETERS_it 3923 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:
EC_GROUP_get_ecparameters 3924 1_1_0 EXIST::FUNCTION:EC EC_GROUP_get_ecparameters 3924 1_1_0 EXIST::FUNCTION:EC
DHparams_it 3925 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DH DHparams_it 3925 1_1_0 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DH
DHparams_it 3925 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DH DHparams_it 3925 1_1_0 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DH
EVP_blake2b 3926 1_1_0 EXIST::FUNCTION:BLAKE2
EVP_blake2s 3927 1_1_0 EXIST::FUNCTION:BLAKE2

2
util/mkdef.pl
View File

@ -75,7 +75,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"SHA256", "SHA512", "RMD160", "SHA256", "SHA512", "RMD160",
"MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M", "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",
"HMAC", "AES", "CAMELLIA", "SEED", "GOST", "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
"SCRYPT", "CHACHA", "POLY1305", "SCRYPT", "CHACHA", "POLY1305", "BLAKE2",
# EC_NISTP_64_GCC_128 # EC_NISTP_64_GCC_128
"EC_NISTP_64_GCC_128", "EC_NISTP_64_GCC_128",
# Envelope "algorithms" # Envelope "algorithms"

1
util/mkfiles.pl
View File

@ -63,6 +63,7 @@ my @dirs = (
"crypto/async", "crypto/async",
"crypto/chacha", "crypto/chacha",
"crypto/poly1305", "crypto/poly1305",
"crypto/blake2",
"crypto/kdf", "crypto/kdf",
"ssl", "ssl",
"apps", "apps",