diff --git a/Configure b/Configure index ac2571f932..1510818bcc 100755 --- a/Configure +++ b/Configure @@ -1,6 +1,6 @@ #! /usr/bin/env perl # -*- mode: perl; -*- -# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -314,7 +314,7 @@ $config{dirs} = [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", " $config{sdirs} = [ "objects", "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", - "des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", "seed", "chacha", "modes", + "des", "aes", "rc2", "rc4", "rc5", "idea", "aria", "bf", "cast", "camellia", "seed", "chacha", "modes", "bn", "ec", "rsa", "dsa", "dh", "dso", "engine", "buffer", "bio", "stack", "lhash", "rand", "err", "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", @@ -333,6 +333,7 @@ my @dtls = qw(dtls1 dtls1_2); my @disablables = ( "afalgeng", + "aria", "asan", "asm", "async", @@ -433,6 +434,7 @@ my %deprecated_disablables = ( # All of the following is disabled by default (RC5 was enabled before 0.9.8): our %disabled = ( # "what" => "comment" + "aria" => "default", "asan" => "default", "crypto-mdebug" => "default", "crypto-mdebug-backtrace" => "default", diff --git a/apps/openssl.c b/apps/openssl.c index 6e63df1fc2..bb776eb310 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -571,6 +571,9 @@ static int SortFnByName(const void *_f1, const void *_f2) static void list_disabled(void) { BIO_puts(bio_out, "Disabled algorithms:\n"); +#ifdef OPENSSL_NO_ARIA + BIO_puts(bio_out, "ARIA\n"); +#endif #ifdef OPENSSL_NO_BF BIO_puts(bio_out, "BF\n"); #endif diff --git a/config b/config index 641d8f509e..0ddff8abfc 100755 --- a/config +++ b/config @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -855,7 +855,7 @@ case "$GUESSOS" in i386-*) options="$options 386" ;; esac -for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha +for i in aes aria bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha do if [ ! -d $THERE/crypto/$i ] then diff --git a/crypto/aria/aria.c b/crypto/aria/aria.c new file mode 100644 index 0000000000..7e17e30396 --- /dev/null +++ b/crypto/aria/aria.c @@ -0,0 +1,454 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* ==================================================================== + * Copyright (c) 2017 Oracle and/or its affiliates. All rights reserved. + */ + +#include +#include +#include +#include "internal/aria.h" + +static const unsigned char sb1[256] = { + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, + 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, + 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, + 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, + 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, + 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, + 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, + 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, + 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, + 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, + 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, + 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, + 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, + 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, + 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, + 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, + 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, + 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, + 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, + 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, + 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, + 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, + 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, + 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, + 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, + 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, + 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, + 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, + 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, + 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, + 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 +}; + +static const unsigned char sb2[256] = { + 0xe2, 0x4e, 0x54, 0xfc, 0x94, 0xc2, 0x4a, 0xcc, + 0x62, 0x0d, 0x6a, 0x46, 0x3c, 0x4d, 0x8b, 0xd1, + 0x5e, 0xfa, 0x64, 0xcb, 0xb4, 0x97, 0xbe, 0x2b, + 0xbc, 0x77, 0x2e, 0x03, 0xd3, 0x19, 0x59, 0xc1, + 0x1d, 0x06, 0x41, 0x6b, 0x55, 0xf0, 0x99, 0x69, + 0xea, 0x9c, 0x18, 0xae, 0x63, 0xdf, 0xe7, 0xbb, + 0x00, 0x73, 0x66, 0xfb, 0x96, 0x4c, 0x85, 0xe4, + 0x3a, 0x09, 0x45, 0xaa, 0x0f, 0xee, 0x10, 0xeb, + 0x2d, 0x7f, 0xf4, 0x29, 0xac, 0xcf, 0xad, 0x91, + 0x8d, 0x78, 0xc8, 0x95, 0xf9, 0x2f, 0xce, 0xcd, + 0x08, 0x7a, 0x88, 0x38, 0x5c, 0x83, 0x2a, 0x28, + 0x47, 0xdb, 0xb8, 0xc7, 0x93, 0xa4, 0x12, 0x53, + 0xff, 0x87, 0x0e, 0x31, 0x36, 0x21, 0x58, 0x48, + 0x01, 0x8e, 0x37, 0x74, 0x32, 0xca, 0xe9, 0xb1, + 0xb7, 0xab, 0x0c, 0xd7, 0xc4, 0x56, 0x42, 0x26, + 0x07, 0x98, 0x60, 0xd9, 0xb6, 0xb9, 0x11, 0x40, + 0xec, 0x20, 0x8c, 0xbd, 0xa0, 0xc9, 0x84, 0x04, + 0x49, 0x23, 0xf1, 0x4f, 0x50, 0x1f, 0x13, 0xdc, + 0xd8, 0xc0, 0x9e, 0x57, 0xe3, 0xc3, 0x7b, 0x65, + 0x3b, 0x02, 0x8f, 0x3e, 0xe8, 0x25, 0x92, 0xe5, + 0x15, 0xdd, 0xfd, 0x17, 0xa9, 0xbf, 0xd4, 0x9a, + 0x7e, 0xc5, 0x39, 0x67, 0xfe, 0x76, 0x9d, 0x43, + 0xa7, 0xe1, 0xd0, 0xf5, 0x68, 0xf2, 0x1b, 0x34, + 0x70, 0x05, 0xa3, 0x8a, 0xd5, 0x79, 0x86, 0xa8, + 0x30, 0xc6, 0x51, 0x4b, 0x1e, 0xa6, 0x27, 0xf6, + 0x35, 0xd2, 0x6e, 0x24, 0x16, 0x82, 0x5f, 0xda, + 0xe6, 0x75, 0xa2, 0xef, 0x2c, 0xb2, 0x1c, 0x9f, + 0x5d, 0x6f, 0x80, 0x0a, 0x72, 0x44, 0x9b, 0x6c, + 0x90, 0x0b, 0x5b, 0x33, 0x7d, 0x5a, 0x52, 0xf3, + 0x61, 0xa1, 0xf7, 0xb0, 0xd6, 0x3f, 0x7c, 0x6d, + 0xed, 0x14, 0xe0, 0xa5, 0x3d, 0x22, 0xb3, 0xf8, + 0x89, 0xde, 0x71, 0x1a, 0xaf, 0xba, 0xb5, 0x81 +}; + +static const unsigned char sb3[256] = { + 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, + 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, + 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, + 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, + 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, + 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, + 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, + 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, + 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, + 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, + 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, + 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, + 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, + 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, + 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, + 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, + 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, + 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, + 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, + 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, + 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, + 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, + 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, + 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, + 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, + 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, + 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, + 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, + 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, + 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, + 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d +}; + +static const unsigned char sb4[256] = { + 0x30, 0x68, 0x99, 0x1b, 0x87, 0xb9, 0x21, 0x78, + 0x50, 0x39, 0xdb, 0xe1, 0x72, 0x09, 0x62, 0x3c, + 0x3e, 0x7e, 0x5e, 0x8e, 0xf1, 0xa0, 0xcc, 0xa3, + 0x2a, 0x1d, 0xfb, 0xb6, 0xd6, 0x20, 0xc4, 0x8d, + 0x81, 0x65, 0xf5, 0x89, 0xcb, 0x9d, 0x77, 0xc6, + 0x57, 0x43, 0x56, 0x17, 0xd4, 0x40, 0x1a, 0x4d, + 0xc0, 0x63, 0x6c, 0xe3, 0xb7, 0xc8, 0x64, 0x6a, + 0x53, 0xaa, 0x38, 0x98, 0x0c, 0xf4, 0x9b, 0xed, + 0x7f, 0x22, 0x76, 0xaf, 0xdd, 0x3a, 0x0b, 0x58, + 0x67, 0x88, 0x06, 0xc3, 0x35, 0x0d, 0x01, 0x8b, + 0x8c, 0xc2, 0xe6, 0x5f, 0x02, 0x24, 0x75, 0x93, + 0x66, 0x1e, 0xe5, 0xe2, 0x54, 0xd8, 0x10, 0xce, + 0x7a, 0xe8, 0x08, 0x2c, 0x12, 0x97, 0x32, 0xab, + 0xb4, 0x27, 0x0a, 0x23, 0xdf, 0xef, 0xca, 0xd9, + 0xb8, 0xfa, 0xdc, 0x31, 0x6b, 0xd1, 0xad, 0x19, + 0x49, 0xbd, 0x51, 0x96, 0xee, 0xe4, 0xa8, 0x41, + 0xda, 0xff, 0xcd, 0x55, 0x86, 0x36, 0xbe, 0x61, + 0x52, 0xf8, 0xbb, 0x0e, 0x82, 0x48, 0x69, 0x9a, + 0xe0, 0x47, 0x9e, 0x5c, 0x04, 0x4b, 0x34, 0x15, + 0x79, 0x26, 0xa7, 0xde, 0x29, 0xae, 0x92, 0xd7, + 0x84, 0xe9, 0xd2, 0xba, 0x5d, 0xf3, 0xc5, 0xb0, + 0xbf, 0xa4, 0x3b, 0x71, 0x44, 0x46, 0x2b, 0xfc, + 0xeb, 0x6f, 0xd5, 0xf6, 0x14, 0xfe, 0x7c, 0x70, + 0x5a, 0x7d, 0xfd, 0x2f, 0x18, 0x83, 0x16, 0xa5, + 0x91, 0x1f, 0x05, 0x95, 0x74, 0xa9, 0xc1, 0x5b, + 0x4a, 0x85, 0x6d, 0x13, 0x07, 0x4f, 0x4e, 0x45, + 0xb2, 0x0f, 0xc9, 0x1c, 0xa6, 0xbc, 0xec, 0x73, + 0x90, 0x7b, 0xcf, 0x59, 0x8f, 0xa1, 0xf9, 0x2d, + 0xf2, 0xb1, 0x00, 0x94, 0x37, 0x9f, 0xd0, 0x2e, + 0x9c, 0x6e, 0x28, 0x3f, 0x80, 0xf0, 0x3d, 0xd3, + 0x25, 0x8a, 0xb5, 0xe7, 0x42, 0xb3, 0xc7, 0xea, + 0xf7, 0x4c, 0x11, 0x33, 0x03, 0xa2, 0xac, 0x60 +}; + +static const ARIA_u128 c1 = { + 0x51, 0x7c, 0xc1, 0xb7, 0x27, 0x22, 0x0a, 0x94, + 0xfe, 0x13, 0xab, 0xe8, 0xfa, 0x9a, 0x6e, 0xe0 +}; + +static const ARIA_u128 c2 = { + 0x6d, 0xb1, 0x4a, 0xcc, 0x9e, 0x21, 0xc8, 0x20, + 0xff, 0x28, 0xb1, 0xd5, 0xef, 0x5d, 0xe2, 0xb0 +}; + +static const ARIA_u128 c3 = { + 0xdb, 0x92, 0x37, 0x1d, 0x21, 0x26, 0xe9, 0x70, + 0x03, 0x24, 0x97, 0x75, 0x04, 0xe8, 0xc9, 0x0e +}; + +/* + * Exclusive or two 128 bit values into the result. + * It is safe for the result to be the same as the either input. + */ +static void xor128(ARIA_u128 o, const ARIA_u128 x, const ARIA_u128 y) +{ + int i; + + for (i = 0; i < ARIA_BLOCK_SIZE; i++) + o[i] = x[i] ^ y[i]; +} + +/* + * Generalised circular rotate right and exclusive or function. + * It is safe for the output to overlap either input. + */ +static ossl_inline void rotnr(unsigned int n, ARIA_u128 o, const ARIA_u128 xor, + const ARIA_u128 z) +{ + const unsigned int bytes = n / 8, bits = n % 8; + unsigned int i; + ARIA_u128 t; + + for (i = 0; i < ARIA_BLOCK_SIZE; i++) + t[(i + bytes) % ARIA_BLOCK_SIZE] = z[i]; + for (i = 0; i < ARIA_BLOCK_SIZE; i++) + o[i] = ((t[i] >> bits) | + (t[i ? i - 1 : ARIA_BLOCK_SIZE - 1] << (8 - bits))) ^ xor[i]; +} + +/* + * Circular rotate 19 bits right and xor. + * It is safe for the output to overlap either input. + */ +static void rot19r(ARIA_u128 o, const ARIA_u128 xor, const ARIA_u128 z) +{ + rotnr(19, o, xor, z); +} + +/* + * Circular rotate 31 bits right and xor. + * It is safe for the output to overlap either input. + */ +static void rot31r(ARIA_u128 o, const ARIA_u128 xor, const ARIA_u128 z) +{ + rotnr(31, o, xor, z); +} + +/* + * Circular rotate 61 bits left and xor. + * It is safe for the output to overlap either input. + */ +static void rot61l(ARIA_u128 o, const ARIA_u128 xor, const ARIA_u128 z) +{ + rotnr(8 * ARIA_BLOCK_SIZE - 61, o, xor, z); +} + +/* + * Circular rotate 31 bits left and xor. + * It is safe for the output to overlap either input. + */ +static void rot31l(ARIA_u128 o, const ARIA_u128 xor, const ARIA_u128 z) +{ + rotnr(8 * ARIA_BLOCK_SIZE - 31, o, xor, z); +} + +/* + * Circular rotate 19 bits left and xor. + * It is safe for the output to overlap either input. + */ +static void rot19l(ARIA_u128 o, const ARIA_u128 xor, const ARIA_u128 z) +{ + rotnr(8 * ARIA_BLOCK_SIZE - 19, o, xor, z); +} + +/* + * First substitution and xor layer, used for odd steps. + * It is safe for the input and output to be the same. + */ +static void sl1(ARIA_u128 o, const ARIA_u128 x, const ARIA_u128 y) +{ + unsigned int i; + for (i = 0; i < ARIA_BLOCK_SIZE; i += 4) { + o[i ] = sb1[x[i ] ^ y[i ]]; + o[i + 1] = sb2[x[i + 1] ^ y[i + 1]]; + o[i + 2] = sb3[x[i + 2] ^ y[i + 2]]; + o[i + 3] = sb4[x[i + 3] ^ y[i + 3]]; + } +} + +/* + * Second substitution and xor layer, used for even steps. + * It is safe for the input and output to be the same. + */ +static void sl2(ARIA_u128 o, const ARIA_u128 x, const ARIA_u128 y) +{ + unsigned int i; + for (i = 0; i < ARIA_BLOCK_SIZE; i += 4) { + o[i ] = sb3[x[i ] ^ y[i ]]; + o[i + 1] = sb4[x[i + 1] ^ y[i + 1]]; + o[i + 2] = sb1[x[i + 2] ^ y[i + 2]]; + o[i + 3] = sb2[x[i + 3] ^ y[i + 3]]; + } +} + +/* + * Diffusion layer step + * It is NOT safe for the input and output to overlap. + */ +static void a(ARIA_u128 y, const ARIA_u128 x) +{ + y[ 0] = x[3] ^ x[4] ^ x[6] ^ x[ 8] ^ x[ 9] ^ x[13] ^ x[14]; + y[ 1] = x[2] ^ x[5] ^ x[7] ^ x[ 8] ^ x[ 9] ^ x[12] ^ x[15]; + y[ 2] = x[1] ^ x[4] ^ x[6] ^ x[10] ^ x[11] ^ x[12] ^ x[15]; + y[ 3] = x[0] ^ x[5] ^ x[7] ^ x[10] ^ x[11] ^ x[13] ^ x[14]; + y[ 4] = x[0] ^ x[2] ^ x[5] ^ x[ 8] ^ x[11] ^ x[14] ^ x[15]; + y[ 5] = x[1] ^ x[3] ^ x[4] ^ x[ 9] ^ x[10] ^ x[14] ^ x[15]; + y[ 6] = x[0] ^ x[2] ^ x[7] ^ x[ 9] ^ x[10] ^ x[12] ^ x[13]; + y[ 7] = x[1] ^ x[3] ^ x[6] ^ x[ 8] ^ x[11] ^ x[12] ^ x[13]; + y[ 8] = x[0] ^ x[1] ^ x[4] ^ x[ 7] ^ x[10] ^ x[13] ^ x[15]; + y[ 9] = x[0] ^ x[1] ^ x[5] ^ x[ 6] ^ x[11] ^ x[12] ^ x[14]; + y[10] = x[2] ^ x[3] ^ x[5] ^ x[ 6] ^ x[ 8] ^ x[13] ^ x[15]; + y[11] = x[2] ^ x[3] ^ x[4] ^ x[ 7] ^ x[ 9] ^ x[12] ^ x[14]; + y[12] = x[1] ^ x[2] ^ x[6] ^ x[ 7] ^ x[ 9] ^ x[11] ^ x[12]; + y[13] = x[0] ^ x[3] ^ x[6] ^ x[ 7] ^ x[ 8] ^ x[10] ^ x[13]; + y[14] = x[0] ^ x[3] ^ x[4] ^ x[ 5] ^ x[ 9] ^ x[11] ^ x[14]; + y[15] = x[1] ^ x[2] ^ x[4] ^ x[ 5] ^ x[ 8] ^ x[10] ^ x[15]; +} + +/* + * Odd round function + * Apply the first substitution layer and then a diffusion step. + * It is safe for the input and output to overlap. + */ +static ossl_inline void FO(ARIA_u128 o, const ARIA_u128 d, const ARIA_u128 rk) +{ + ARIA_u128 y; + + sl1(y, d, rk); + a(o, y); +} + +/* + * Even round function + * Apply the second substitution layer and then a diffusion step. + * It is safe for the input and output to overlap. + */ +static ossl_inline void FE(ARIA_u128 o, const ARIA_u128 d, const ARIA_u128 rk) +{ + ARIA_u128 y; + + sl2(y, d, rk); + a(o, y); +} + +/* + * Encrypt or decrypt a single block + * in and out can overlap + */ +static void do_encrypt(ARIA_u128 o, const ARIA_u128 pin, unsigned int rounds, + const ARIA_u128 *keys) +{ + ARIA_u128 p; + unsigned int i; + + memcpy(p, pin, sizeof(p)); + for (i = 0; i < rounds - 2; i += 2) { + FO(p, p, keys[i]); + FE(p, p, keys[i + 1]); + } + FO(p, p, keys[rounds - 2]); + sl2(o, p, keys[rounds - 1]); + xor128(o, o, keys[rounds]); +} + +/* + * Encrypt a single block + * in and out can overlap + */ +void aria_encrypt(const unsigned char *in, unsigned char *out, + const ARIA_KEY *key) +{ + assert(in != NULL && out != NULL && key != NULL); + do_encrypt(out, in, key->rounds, key->rd_key); +} + + +/* + * Expand the cipher key into the encryption key schedule. + * We short circuit execution of the last two + * or four rotations based on the key size. + */ +int aria_set_encrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key) +{ + const unsigned char *ck1, *ck2, *ck3; + ARIA_u128 kr, w0, w1, w2, w3; + + if (!userKey || !key) + return -1; + memcpy(w0, userKey, sizeof(w0)); + switch (bits) { + default: + return -2; + case 128: + key->rounds = 12; + ck1 = c1; + ck2 = c2; + ck3 = c3; + memset(kr, 0, sizeof(kr)); + break; + + case 192: + key->rounds = 14; + ck1 = c2; + ck2 = c3; + ck3 = c1; + memcpy(kr, userKey + ARIA_BLOCK_SIZE, sizeof(kr) / 2); + memset(kr + ARIA_BLOCK_SIZE / 2, 0, sizeof(kr) / 2); + break; + + case 256: + key->rounds = 16; + ck1 = c3; + ck2 = c1; + ck3 = c2; + memcpy(kr, userKey + ARIA_BLOCK_SIZE, sizeof(kr)); + break; + } + + FO(w3, w0, ck1); xor128(w1, w3, kr); + FE(w3, w1, ck2); xor128(w2, w3, w0); + FO(kr, w2, ck3); xor128(w3, kr, w1); + + rot19r(key->rd_key[ 0], w0, w1); + rot19r(key->rd_key[ 1], w1, w2); + rot19r(key->rd_key[ 2], w2, w3); + rot19r(key->rd_key[ 3], w3, w0); + + rot31r(key->rd_key[ 4], w0, w1); + rot31r(key->rd_key[ 5], w1, w2); + rot31r(key->rd_key[ 6], w2, w3); + rot31r(key->rd_key[ 7], w3, w0); + + rot61l(key->rd_key[ 8], w0, w1); + rot61l(key->rd_key[ 9], w1, w2); + rot61l(key->rd_key[10], w2, w3); + rot61l(key->rd_key[11], w3, w0); + + rot31l(key->rd_key[12], w0, w1); + if (key->rounds > 12) { + rot31l(key->rd_key[13], w1, w2); + rot31l(key->rd_key[14], w2, w3); + + if (key->rounds > 14) { + rot31l(key->rd_key[15], w3, w0); + rot19l(key->rd_key[16], w0, w1); + } + } + return 0; +} + +/* + * Expand the cipher key into the decryption key schedule. + */ +int aria_set_decrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key) +{ + ARIA_KEY ek; + const int r = aria_set_encrypt_key(userKey, bits, &ek); + unsigned int i, rounds = ek.rounds; + + if (r == 0) { + key->rounds = rounds; + memcpy(key->rd_key[0], ek.rd_key[rounds], sizeof(key->rd_key[0])); + for (i = 1; i < rounds; i++) + a(key->rd_key[i], ek.rd_key[rounds - i]); + memcpy(key->rd_key[rounds], ek.rd_key[0], sizeof(key->rd_key[rounds])); + } + return r; +} diff --git a/crypto/aria/build.info b/crypto/aria/build.info new file mode 100644 index 0000000000..218d0612f7 --- /dev/null +++ b/crypto/aria/build.info @@ -0,0 +1,4 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ + aria.c + diff --git a/crypto/evp/build.info b/crypto/evp/build.info index bf633dc713..c0df858ae0 100644 --- a/crypto/evp/build.info +++ b/crypto/evp/build.info @@ -2,7 +2,7 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ encode.c digest.c evp_enc.c evp_key.c evp_cnf.c \ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ - e_rc4.c e_aes.c names.c e_seed.c \ + e_rc4.c e_aes.c names.c e_seed.c e_aria.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ m_null.c m_md2.c m_md4.c m_md5.c m_sha1.c m_wp.c \ m_md5_sha1.c m_mdc2.c m_ripemd.c \ diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 6ed31edbcb..76edfbd37b 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -181,6 +181,36 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); +#ifndef OPENSSL_NO_ARIA + EVP_add_cipher(EVP_aria_128_ecb()); + EVP_add_cipher(EVP_aria_128_cbc()); + EVP_add_cipher(EVP_aria_128_cfb()); + EVP_add_cipher(EVP_aria_128_cfb1()); + EVP_add_cipher(EVP_aria_128_cfb8()); + EVP_add_cipher(EVP_aria_128_ctr()); + EVP_add_cipher(EVP_aria_128_ofb()); + EVP_add_cipher_alias(SN_aria_128_cbc, "ARIA128"); + EVP_add_cipher_alias(SN_aria_128_cbc, "aria128"); + EVP_add_cipher(EVP_aria_192_ecb()); + EVP_add_cipher(EVP_aria_192_cbc()); + EVP_add_cipher(EVP_aria_192_cfb()); + EVP_add_cipher(EVP_aria_192_cfb1()); + EVP_add_cipher(EVP_aria_192_cfb8()); + EVP_add_cipher(EVP_aria_192_ctr()); + EVP_add_cipher(EVP_aria_192_ofb()); + EVP_add_cipher_alias(SN_aria_192_cbc, "ARIA192"); + EVP_add_cipher_alias(SN_aria_192_cbc, "aria192"); + EVP_add_cipher(EVP_aria_256_ecb()); + EVP_add_cipher(EVP_aria_256_cbc()); + EVP_add_cipher(EVP_aria_256_cfb()); + EVP_add_cipher(EVP_aria_256_cfb1()); + EVP_add_cipher(EVP_aria_256_cfb8()); + EVP_add_cipher(EVP_aria_256_ctr()); + EVP_add_cipher(EVP_aria_256_ofb()); + EVP_add_cipher_alias(SN_aria_256_cbc, "ARIA256"); + EVP_add_cipher_alias(SN_aria_256_cbc, "aria256"); +#endif + #ifndef OPENSSL_NO_CAMELLIA EVP_add_cipher(EVP_camellia_128_ecb()); EVP_add_cipher(EVP_camellia_128_cbc()); diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c new file mode 100644 index 0000000000..8745bfeb26 --- /dev/null +++ b/crypto/evp/e_aria.c @@ -0,0 +1,156 @@ +/* + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* ==================================================================== + * Copyright (c) 2017 Oracle and/or its affiliates. All rights reserved. + */ + +#include "internal/cryptlib.h" +#ifndef OPENSSL_NO_ARIA +# include +# include +# include"internal/aria.h" +# include "internal/evp_int.h" + +/* ARIA subkey Structure */ +typedef struct { + ARIA_KEY ks; +} EVP_ARIA_KEY; + +/* The subkey for ARIA is generated. */ +static int aria_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + int ret; + int mode = EVP_CIPHER_CTX_mode(ctx); + + if (enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) + ret = aria_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, + EVP_CIPHER_CTX_get_cipher_data(ctx)); + else + ret = aria_set_decrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8, + EVP_CIPHER_CTX_get_cipher_data(ctx)); + if (ret < 0) { + EVPerr(EVP_F_ARIA_INIT_KEY,EVP_R_ARIA_KEY_SETUP_FAILED); + return 0; + } + return 1; +} + +static void aria_cbc_encrypt(const unsigned char *in, unsigned char *out, + size_t len, const ARIA_KEY *key, + unsigned char *ivec, const int enc) +{ + + if (enc) + CRYPTO_cbc128_encrypt(in, out, len, key, ivec, + (block128_f) aria_encrypt); + else + CRYPTO_cbc128_decrypt(in, out, len, key, ivec, + (block128_f) aria_encrypt); +} + +static void aria_cfb128_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num, const int enc) +{ + + CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc, + (block128_f) aria_encrypt); +} + +static void aria_cfb1_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num, const int enc) +{ + CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc, + (block128_f) aria_encrypt); +} + +static void aria_cfb8_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num, const int enc) +{ + CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc, + (block128_f) aria_encrypt); +} + +static void aria_ecb_encrypt(const unsigned char *in, unsigned char *out, + const ARIA_KEY *key, const int enc) +{ + aria_encrypt(in, out, key); +} + +static void aria_ofb128_encrypt(const unsigned char *in, unsigned char *out, + size_t length, const ARIA_KEY *key, + unsigned char *ivec, int *num) +{ + CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num, + (block128_f) aria_encrypt); +} + +IMPLEMENT_BLOCK_CIPHER(aria_128, ks, aria, EVP_ARIA_KEY, + NID_aria_128, 16, 16, 16, 128, + 0, aria_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) +IMPLEMENT_BLOCK_CIPHER(aria_192, ks, aria, EVP_ARIA_KEY, + NID_aria_192, 16, 24, 16, 128, + 0, aria_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) +IMPLEMENT_BLOCK_CIPHER(aria_256, ks, aria, EVP_ARIA_KEY, + NID_aria_256, 16, 32, 16, 128, + 0, aria_init_key, NULL, + EVP_CIPHER_set_asn1_iv, + EVP_CIPHER_get_asn1_iv, + NULL) + +# define IMPLEMENT_ARIA_CFBR(ksize,cbits) \ + IMPLEMENT_CFBR(aria,aria,EVP_ARIA_KEY,ks,ksize,cbits,16,0) +IMPLEMENT_ARIA_CFBR(128,1) +IMPLEMENT_ARIA_CFBR(192,1) +IMPLEMENT_ARIA_CFBR(256,1) +IMPLEMENT_ARIA_CFBR(128,8) +IMPLEMENT_ARIA_CFBR(192,8) +IMPLEMENT_ARIA_CFBR(256,8) + +# define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \ +static const EVP_CIPHER aria_##keylen##_##mode = { \ + nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \ + flags|EVP_CIPH_##MODE##_MODE, \ + aria_init_key, \ + aria_##mode##_cipher, \ + NULL, \ + sizeof(EVP_ARIA_KEY), \ + NULL,NULL,NULL,NULL }; \ +const EVP_CIPHER *EVP_aria_##keylen##_##mode(void) \ +{ return &aria_##keylen##_##mode; } + +static int aria_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) +{ + unsigned int num = EVP_CIPHER_CTX_num(ctx); + EVP_ARIA_KEY *dat = EVP_C_DATA(EVP_ARIA_KEY,ctx); + + CRYPTO_ctr128_encrypt(in, out, len, &dat->ks, + EVP_CIPHER_CTX_iv_noconst(ctx), + EVP_CIPHER_CTX_buf_noconst(ctx), &num, + (block128_f) aria_encrypt); + EVP_CIPHER_CTX_set_num(ctx, num); + return 1; +} + +BLOCK_CIPHER_generic(NID_aria, 128, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 192, 1, 16, ctr, ctr, CTR, 0) +BLOCK_CIPHER_generic(NID_aria, 256, 1, 16, ctr, ctr, CTR, 0) + +#endif diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index 6ff9ec4eae..eb73a5a555 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -25,6 +25,7 @@ static ERR_STRING_DATA EVP_str_functs[] = { {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"}, {ERR_FUNC(EVP_F_AES_WRAP_CIPHER), "aes_wrap_cipher"}, {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"}, + {ERR_FUNC(EVP_F_ARIA_INIT_KEY), "aria_init_key"}, {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"}, {ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"}, {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"}, @@ -97,6 +98,7 @@ static ERR_STRING_DATA EVP_str_functs[] = { static ERR_STRING_DATA EVP_str_reasons[] = { {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"}, + {ERR_REASON(EVP_R_ARIA_KEY_SETUP_FAILED), "aria key setup failed"}, {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"}, {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"}, {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), diff --git a/crypto/include/internal/aria.h b/crypto/include/internal/aria.h new file mode 100644 index 0000000000..4d37189ae4 --- /dev/null +++ b/crypto/include/internal/aria.h @@ -0,0 +1,56 @@ +/* + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* ==================================================================== + * Copyright (c) 2017 Oracle and/or its affiliates. All rights reserved. + */ + +#ifndef HEADER_ARIA_H +# define HEADER_ARIA_H + +# include + +# ifdef OPENSSL_NO_ARIA +# error ARIA is disabled. +# endif + +# include + +# define ARIA_ENCRYPT 1 +# define ARIA_DECRYPT 0 + +# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decription block */ +# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */ + +# ifdef __cplusplus +extern "C" { +# endif + +typedef unsigned char ARIA_u128[ARIA_BLOCK_SIZE]; + +struct aria_key_st { + unsigned int rounds; + ARIA_u128 rd_key[ARIA_MAX_KEYS]; +}; +typedef struct aria_key_st ARIA_KEY; + + +int aria_set_encrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key); +int aria_set_decrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key); + +void aria_encrypt(const unsigned char *in, unsigned char *out, + const ARIA_KEY *key); + +# ifdef __cplusplus +} +# endif + +#endif diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 8de2592341..93843e16c2 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[6765] = { +static const unsigned char so[6900] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -961,9 +961,24 @@ static const unsigned char so[6765] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x13, /* [ 6731] OBJ_id_smime_ct_contentCollection */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x17, /* [ 6742] OBJ_id_smime_ct_authEnvelopedData */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1C, /* [ 6753] OBJ_id_ct_xml */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x01, /* [ 6764] OBJ_aria_128_ecb */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x02, /* [ 6773] OBJ_aria_128_cbc */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x03, /* [ 6782] OBJ_aria_128_cfb128 */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x04, /* [ 6791] OBJ_aria_128_ofb128 */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x05, /* [ 6800] OBJ_aria_128_ctr */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x06, /* [ 6809] OBJ_aria_192_ecb */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x07, /* [ 6818] OBJ_aria_192_cbc */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x08, /* [ 6827] OBJ_aria_192_cfb128 */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x09, /* [ 6836] OBJ_aria_192_ofb128 */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0A, /* [ 6845] OBJ_aria_192_ctr */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0B, /* [ 6854] OBJ_aria_256_ecb */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0C, /* [ 6863] OBJ_aria_256_cbc */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0D, /* [ 6872] OBJ_aria_256_cfb128 */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0E, /* [ 6881] OBJ_aria_256_ofb128 */ + 0x2A,0x83,0x1A,0x8C,0x9A,0x6E,0x01,0x01,0x0F, /* [ 6890] OBJ_aria_256_ctr */ }; -#define NUM_NID 1065 +#define NUM_NID 1086 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2030,9 +2045,30 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"SipHash", "siphash", NID_siphash}, {"KxANY", "kx-any", NID_kx_any}, {"AuthANY", "auth-any", NID_auth_any}, + {"ARIA-128-ECB", "aria-128-ecb", NID_aria_128_ecb, 9, &so[6764]}, + {"ARIA-128-CBC", "aria-128-cbc", NID_aria_128_cbc, 9, &so[6773]}, + {"ARIA-128-CFB", "aria-128-cfb", NID_aria_128_cfb128, 9, &so[6782]}, + {"ARIA-128-OFB", "aria-128-ofb", NID_aria_128_ofb128, 9, &so[6791]}, + {"ARIA-128-CTR", "aria-128-ctr", NID_aria_128_ctr, 9, &so[6800]}, + {"ARIA-192-ECB", "aria-192-ecb", NID_aria_192_ecb, 9, &so[6809]}, + {"ARIA-192-CBC", "aria-192-cbc", NID_aria_192_cbc, 9, &so[6818]}, + {"ARIA-192-CFB", "aria-192-cfb", NID_aria_192_cfb128, 9, &so[6827]}, + {"ARIA-192-OFB", "aria-192-ofb", NID_aria_192_ofb128, 9, &so[6836]}, + {"ARIA-192-CTR", "aria-192-ctr", NID_aria_192_ctr, 9, &so[6845]}, + {"ARIA-256-ECB", "aria-256-ecb", NID_aria_256_ecb, 9, &so[6854]}, + {"ARIA-256-CBC", "aria-256-cbc", NID_aria_256_cbc, 9, &so[6863]}, + {"ARIA-256-CFB", "aria-256-cfb", NID_aria_256_cfb128, 9, &so[6872]}, + {"ARIA-256-OFB", "aria-256-ofb", NID_aria_256_ofb128, 9, &so[6881]}, + {"ARIA-256-CTR", "aria-256-ctr", NID_aria_256_ctr, 9, &so[6890]}, + {"ARIA-128-CFB1", "aria-128-cfb1", NID_aria_128_cfb1}, + {"ARIA-192-CFB1", "aria-192-cfb1", NID_aria_192_cfb1}, + {"ARIA-256-CFB1", "aria-256-cfb1", NID_aria_256_cfb1}, + {"ARIA-128-CFB8", "aria-128-cfb8", NID_aria_128_cfb8}, + {"ARIA-192-CFB8", "aria-192-cfb8", NID_aria_192_cfb8}, + {"ARIA-256-CFB8", "aria-256-cfb8", NID_aria_256_cfb8}, }; -#define NUM_SN 1056 +#define NUM_SN 1077 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2067,6 +2103,27 @@ static const unsigned int sn_objs[NUM_SN] = { 960, /* "AES-256-OCB" */ 428, /* "AES-256-OFB" */ 914, /* "AES-256-XTS" */ + 1066, /* "ARIA-128-CBC" */ + 1067, /* "ARIA-128-CFB" */ + 1080, /* "ARIA-128-CFB1" */ + 1083, /* "ARIA-128-CFB8" */ + 1069, /* "ARIA-128-CTR" */ + 1065, /* "ARIA-128-ECB" */ + 1068, /* "ARIA-128-OFB" */ + 1071, /* "ARIA-192-CBC" */ + 1072, /* "ARIA-192-CFB" */ + 1081, /* "ARIA-192-CFB1" */ + 1084, /* "ARIA-192-CFB8" */ + 1074, /* "ARIA-192-CTR" */ + 1070, /* "ARIA-192-ECB" */ + 1073, /* "ARIA-192-OFB" */ + 1076, /* "ARIA-256-CBC" */ + 1077, /* "ARIA-256-CFB" */ + 1082, /* "ARIA-256-CFB1" */ + 1085, /* "ARIA-256-CFB8" */ + 1079, /* "ARIA-256-CTR" */ + 1075, /* "ARIA-256-ECB" */ + 1078, /* "ARIA-256-OFB" */ 1064, /* "AuthANY" */ 1049, /* "AuthDSS" */ 1047, /* "AuthECDSA" */ @@ -3092,7 +3149,7 @@ static const unsigned int sn_objs[NUM_SN] = { 160, /* "x509Crl" */ }; -#define NUM_LN 1056 +#define NUM_LN 1077 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3311,6 +3368,27 @@ static const unsigned int ln_objs[NUM_LN] = { 428, /* "aes-256-ofb" */ 914, /* "aes-256-xts" */ 376, /* "algorithm" */ + 1066, /* "aria-128-cbc" */ + 1067, /* "aria-128-cfb" */ + 1080, /* "aria-128-cfb1" */ + 1083, /* "aria-128-cfb8" */ + 1069, /* "aria-128-ctr" */ + 1065, /* "aria-128-ecb" */ + 1068, /* "aria-128-ofb" */ + 1071, /* "aria-192-cbc" */ + 1072, /* "aria-192-cfb" */ + 1081, /* "aria-192-cfb1" */ + 1084, /* "aria-192-cfb8" */ + 1074, /* "aria-192-ctr" */ + 1070, /* "aria-192-ecb" */ + 1073, /* "aria-192-ofb" */ + 1076, /* "aria-256-cbc" */ + 1077, /* "aria-256-cfb" */ + 1082, /* "aria-256-cfb1" */ + 1085, /* "aria-256-cfb8" */ + 1079, /* "aria-256-ctr" */ + 1075, /* "aria-256-ecb" */ + 1078, /* "aria-256-ofb" */ 484, /* "associatedDomain" */ 485, /* "associatedName" */ 501, /* "audio" */ @@ -4152,7 +4230,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 956 +#define NUM_OBJ 971 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -4797,6 +4875,21 @@ static const unsigned int obj_objs[NUM_OBJ] = { 439, /* OBJ_pilotAttributeSyntax 0 9 2342 19200300 100 3 */ 440, /* OBJ_pilotObjectClass 0 9 2342 19200300 100 4 */ 441, /* OBJ_pilotGroups 0 9 2342 19200300 100 10 */ + 1065, /* OBJ_aria_128_ecb 1 2 410 200046 1 1 1 */ + 1066, /* OBJ_aria_128_cbc 1 2 410 200046 1 1 2 */ + 1067, /* OBJ_aria_128_cfb128 1 2 410 200046 1 1 3 */ + 1068, /* OBJ_aria_128_ofb128 1 2 410 200046 1 1 4 */ + 1069, /* OBJ_aria_128_ctr 1 2 410 200046 1 1 5 */ + 1070, /* OBJ_aria_192_ecb 1 2 410 200046 1 1 6 */ + 1071, /* OBJ_aria_192_cbc 1 2 410 200046 1 1 7 */ + 1072, /* OBJ_aria_192_cfb128 1 2 410 200046 1 1 8 */ + 1073, /* OBJ_aria_192_ofb128 1 2 410 200046 1 1 9 */ + 1074, /* OBJ_aria_192_ctr 1 2 410 200046 1 1 10 */ + 1075, /* OBJ_aria_256_ecb 1 2 410 200046 1 1 11 */ + 1076, /* OBJ_aria_256_cbc 1 2 410 200046 1 1 12 */ + 1077, /* OBJ_aria_256_cfb128 1 2 410 200046 1 1 13 */ + 1078, /* OBJ_aria_256_ofb128 1 2 410 200046 1 1 14 */ + 1079, /* OBJ_aria_256_ctr 1 2 410 200046 1 1 15 */ 997, /* OBJ_id_tc26_gost_3410_2012_512_paramSetTest 1 2 643 7 1 2 1 2 0 */ 998, /* OBJ_id_tc26_gost_3410_2012_512_paramSetA 1 2 643 7 1 2 1 2 1 */ 999, /* OBJ_id_tc26_gost_3410_2012_512_paramSetB 1 2 643 7 1 2 1 2 2 */ diff --git a/crypto/objects/obj_dat.pl b/crypto/objects/obj_dat.pl index 1cb3d1c9af..947cceed1d 100644 --- a/crypto/objects/obj_dat.pl +++ b/crypto/objects/obj_dat.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -154,7 +154,7 @@ print OUT <<'EOF'; * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 5ca5260fb1..270e7e51a6 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1062,3 +1062,24 @@ poly1305 1061 siphash 1062 kx_any 1063 auth_any 1064 +aria_128_ecb 1065 +aria_128_cbc 1066 +aria_128_cfb128 1067 +aria_128_ofb128 1068 +aria_128_ctr 1069 +aria_192_ecb 1070 +aria_192_cbc 1071 +aria_192_cfb128 1072 +aria_192_ofb128 1073 +aria_192_ctr 1074 +aria_256_ecb 1075 +aria_256_cbc 1076 +aria_256_cfb128 1077 +aria_256_ofb128 1078 +aria_256_ctr 1079 +aria_128_cfb1 1080 +aria_192_cfb1 1081 +aria_256_cfb1 1082 +aria_128_cfb8 1083 +aria_192_cfb8 1084 +aria_256_cfb8 1085 diff --git a/crypto/objects/objects.pl b/crypto/objects/objects.pl index 3b40277a23..6598b5e700 100644 --- a/crypto/objects/objects.pl +++ b/crypto/objects/objects.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -129,7 +129,7 @@ print OUT <<'EOF'; * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 0d189f8b4a..442b39caa3 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1363,6 +1363,41 @@ camellia 50 : CAMELLIA-256-CMAC : camellia-256-cmac : CAMELLIA-192-CFB8 : camellia-192-cfb8 : CAMELLIA-256-CFB8 : camellia-256-cfb8 +# Definitions for ARIA cipher + +!Alias aria 1 2 410 200046 1 1 +aria 1 : ARIA-128-ECB : aria-128-ecb +aria 2 : ARIA-128-CBC : aria-128-cbc +!Cname aria-128-cfb128 +aria 3 : ARIA-128-CFB : aria-128-cfb +!Cname aria-128-ofb128 +aria 4 : ARIA-128-OFB : aria-128-ofb +aria 5 : ARIA-128-CTR : aria-128-ctr + +aria 6 : ARIA-192-ECB : aria-192-ecb +aria 7 : ARIA-192-CBC : aria-192-cbc +!Cname aria-192-cfb128 +aria 8 : ARIA-192-CFB : aria-192-cfb +!Cname aria-192-ofb128 +aria 9 : ARIA-192-OFB : aria-192-ofb +aria 10 : ARIA-192-CTR : aria-192-ctr + +aria 11 : ARIA-256-ECB : aria-256-ecb +aria 12 : ARIA-256-CBC : aria-256-cbc +!Cname aria-256-cfb128 +aria 13 : ARIA-256-CFB : aria-256-cfb +!Cname aria-256-ofb128 +aria 14 : ARIA-256-OFB : aria-256-ofb +aria 15 : ARIA-256-CTR : aria-256-ctr + +# There are no OIDs for these ARIA modes... + : ARIA-128-CFB1 : aria-128-cfb1 + : ARIA-192-CFB1 : aria-192-cfb1 + : ARIA-256-CFB1 : aria-256-cfb1 + : ARIA-128-CFB8 : aria-128-cfb8 + : ARIA-192-CFB8 : aria-192-cfb8 + : ARIA-256-CFB8 : aria-256-cfb8 + # Definitions for SEED cipher - ECB, CBC, OFB mode member-body 410 200004 : KISA : kisa diff --git a/doc/man1/ciphers.pod b/doc/man1/ciphers.pod index aa8ace2a03..ecd5f9521a 100644 --- a/doc/man1/ciphers.pod +++ b/doc/man1/ciphers.pod @@ -296,6 +296,11 @@ ciphersuites are only supported in TLS v1.2. B references CCM cipher suites using both 16 and 8 octet Integrity Check Value (ICV) while B only references 8 octet ICV. +=item B, B, B + +cipher suites using 128 bit ARIA, 256 bit ARIA or either 128 or 256 bit +ARIA. + =item B, B, B cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit @@ -579,6 +584,21 @@ Note: these ciphers can also be used in SSL v3. ECDHE_ECDSA_WITH_AES_128_CCM_8 ECDHE-ECDSA-AES128-CCM8 ECDHE_ECDSA_WITH_AES_256_CCM_8 ECDHE-ECDSA-AES256-CCM8 +=head2 ARIA ciphersuites from RFC6209, extending TLS v1.2 + + TLS_RSA_WITH_ARIA_128_CBC_SHA256 ARIA128-CBC-SHA256 + TLS_RSA_WITH_ARIA_256_CBC_SHA384 ARIA256-CBC-SHA384 + TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 DHE-DSS-ARIA128-CBC-SHA256 + TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 DHE-DSS-ARIA256-CBC-SHA384 + TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 DHE-RSA-ARIA128-CBC-SHA256 + TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 DHE-RSA-ARIA256-CBC-SHA384 + TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 DH-anon-ARIA128-CBC-SHA256 + TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 DH-anon-ARIA256-CBC-SHA384 + TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 ECDHE-ECDSA-ARIA128-CBC-SHA256 + TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 ECDHE-ECDSA-ARIA256-CBC-SHA384 + TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 ECDHE-RSA-ARIA128-CBC-SHA256 + TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 ECDHE-RSA-ARIA256-CBC-SHA384 + =head2 Camellia HMAC-Based ciphersuites from RFC6367, extending TLS v1.2 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 ECDHE-ECDSA-CAMELLIA128-SHA256 @@ -733,7 +753,7 @@ The B<-V> option for the B command was added in OpenSSL 1.0.0. =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/dsa.pod b/doc/man1/dsa.pod index 0e4f508fab..b85298773e 100644 --- a/doc/man1/dsa.pod +++ b/doc/man1/dsa.pod @@ -17,6 +17,9 @@ B B [B<-aes128>] [B<-aes192>] [B<-aes256>] +[B<-aria128>] +[B<-aria192>] +[B<-aria256>] [B<-camellia128>] [B<-camellia192>] [B<-camellia256>] @@ -85,7 +88,7 @@ filename. the output file password source. For more information about the format of B see the B section in L. -=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> +=item B<-aes128|-aes192|-aes256|-aria128|-aria192|-aria256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. @@ -168,7 +171,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/gendsa.pod b/doc/man1/gendsa.pod index 4fd1714792..a148b208d4 100644 --- a/doc/man1/gendsa.pod +++ b/doc/man1/gendsa.pod @@ -12,6 +12,9 @@ B B [B<-aes128>] [B<-aes192>] [B<-aes256>] +[B<-aria128>] +[B<-aria192>] +[B<-aria256>] [B<-camellia128>] [B<-camellia192>] [B<-camellia256>] @@ -40,7 +43,7 @@ Print out a usage message. Output the key to the specified file. If this argument is not specified then standard output is used. -=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> +=item B<-aes128|-aes192|-aes256|-aria128|-aria192|-aria256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> These options encrypt the private key with specified cipher before outputting it. A pass phrase is prompted for. @@ -81,7 +84,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/genrsa.pod b/doc/man1/genrsa.pod index 38e83f7261..153602ad56 100644 --- a/doc/man1/genrsa.pod +++ b/doc/man1/genrsa.pod @@ -13,6 +13,9 @@ B B [B<-aes128>] [B<-aes192>] [B<-aes256>] +[B<-aria128>] +[B<-aria192>] +[B<-aria256>] [B<-camellia128>] [B<-camellia192>] [B<-camellia256>] @@ -47,7 +50,7 @@ standard output is used. the output file password source. For more information about the format of B see the B section in L. -=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> +=item B<-aes128|-aes192|-aes256|-aria128|-aria192|-aria256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> These options encrypt the private key with specified cipher before outputting it. If none of these options is @@ -105,7 +108,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/pkcs12.pod b/doc/man1/pkcs12.pod index 3dea46cdcf..82e64daacf 100644 --- a/doc/man1/pkcs12.pod +++ b/doc/man1/pkcs12.pod @@ -23,7 +23,7 @@ B B [B<-cacerts>] [B<-nokeys>] [B<-info>] -[B<-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -camellia128 | -camellia192 | -camellia256 | -nodes>] +[B<-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -aria128 | -aria192 | -aria256 | -camellia128 | -camellia192 | -camellia256 | -nodes>] [B<-noiter>] [B<-maciter | -nomaciter | -nomac>] [B<-twopass>] @@ -132,6 +132,10 @@ use IDEA to encrypt private keys before outputting. use AES to encrypt private keys before outputting. +=item B<-aria128>, B<-aria192>, B<-aria256> + +use ARIA to encrypt private keys before outputting. + =item B<-camellia128>, B<-camellia192>, B<-camellia256> use Camellia to encrypt private keys before outputting. @@ -368,7 +372,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man1/rsa.pod b/doc/man1/rsa.pod index 8e9943fe58..22c3e330f2 100644 --- a/doc/man1/rsa.pod +++ b/doc/man1/rsa.pod @@ -17,6 +17,9 @@ B B [B<-aes128>] [B<-aes192>] [B<-aes256>] +[B<-aria128>] +[B<-aria192>] +[B<-aria256>] [B<-camellia128>] [B<-camellia192>] [B<-camellia256>] @@ -86,7 +89,7 @@ filename. the output file password source. For more information about the format of B see the B section in L. -=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> +=item B<-aes128|-aes192|-aes256|-aria128|-aria192|-aria256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea> These options encrypt the private key with the specified cipher before outputting it. A pass phrase is prompted for. @@ -206,7 +209,7 @@ L =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/evp.h b/include/openssl/evp.h index f34f30ecf7..a8284e38a5 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -818,6 +818,32 @@ const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void); +# ifndef OPENSSL_NO_ARIA +const EVP_CIPHER *EVP_aria_128_ecb(void); +const EVP_CIPHER *EVP_aria_128_cbc(void); +const EVP_CIPHER *EVP_aria_128_cfb1(void); +const EVP_CIPHER *EVP_aria_128_cfb8(void); +const EVP_CIPHER *EVP_aria_128_cfb128(void); +# define EVP_aria_128_cfb EVP_aria_128_cfb128 +const EVP_CIPHER *EVP_aria_128_ctr(void); +const EVP_CIPHER *EVP_aria_128_ofb(void); +const EVP_CIPHER *EVP_aria_192_ecb(void); +const EVP_CIPHER *EVP_aria_192_cbc(void); +const EVP_CIPHER *EVP_aria_192_cfb1(void); +const EVP_CIPHER *EVP_aria_192_cfb8(void); +const EVP_CIPHER *EVP_aria_192_cfb128(void); +# define EVP_aria_192_cfb EVP_aria_192_cfb128 +const EVP_CIPHER *EVP_aria_192_ctr(void); +const EVP_CIPHER *EVP_aria_192_ofb(void); +const EVP_CIPHER *EVP_aria_256_ecb(void); +const EVP_CIPHER *EVP_aria_256_cbc(void); +const EVP_CIPHER *EVP_aria_256_cfb1(void); +const EVP_CIPHER *EVP_aria_256_cfb8(void); +const EVP_CIPHER *EVP_aria_256_cfb128(void); +# define EVP_aria_256_cfb EVP_aria_256_cfb128 +const EVP_CIPHER *EVP_aria_256_ctr(void); +const EVP_CIPHER *EVP_aria_256_ofb(void); +# endif # ifndef OPENSSL_NO_CAMELLIA const EVP_CIPHER *EVP_camellia_128_ecb(void); const EVP_CIPHER *EVP_camellia_128_cbc(void); @@ -1490,6 +1516,7 @@ int ERR_load_EVP_strings(void); # define EVP_F_AES_T4_INIT_KEY 178 # define EVP_F_AES_WRAP_CIPHER 170 # define EVP_F_ALG_MODULE_INIT 177 +# define EVP_F_ARIA_INIT_KEY 185 # define EVP_F_CAMELLIA_INIT_KEY 159 # define EVP_F_CHACHA20_POLY1305_CTRL 182 # define EVP_F_CMLL_T4_INIT_KEY 179 @@ -1558,6 +1585,7 @@ int ERR_load_EVP_strings(void); /* Reason codes. */ # define EVP_R_AES_KEY_SETUP_FAILED 143 +# define EVP_R_ARIA_KEY_SETUP_FAILED 176 # define EVP_R_BAD_DECRYPT 100 # define EVP_R_BUFFER_TOO_SMALL 155 # define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 2e317adad9..d9c45dee01 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at @@ -4259,6 +4259,107 @@ #define LN_camellia_256_cfb8 "camellia-256-cfb8" #define NID_camellia_256_cfb8 765 +#define OBJ_aria 1L,2L,410L,200046L,1L,1L + +#define SN_aria_128_ecb "ARIA-128-ECB" +#define LN_aria_128_ecb "aria-128-ecb" +#define NID_aria_128_ecb 1065 +#define OBJ_aria_128_ecb OBJ_aria,1L + +#define SN_aria_128_cbc "ARIA-128-CBC" +#define LN_aria_128_cbc "aria-128-cbc" +#define NID_aria_128_cbc 1066 +#define OBJ_aria_128_cbc OBJ_aria,2L + +#define SN_aria_128_cfb128 "ARIA-128-CFB" +#define LN_aria_128_cfb128 "aria-128-cfb" +#define NID_aria_128_cfb128 1067 +#define OBJ_aria_128_cfb128 OBJ_aria,3L + +#define SN_aria_128_ofb128 "ARIA-128-OFB" +#define LN_aria_128_ofb128 "aria-128-ofb" +#define NID_aria_128_ofb128 1068 +#define OBJ_aria_128_ofb128 OBJ_aria,4L + +#define SN_aria_128_ctr "ARIA-128-CTR" +#define LN_aria_128_ctr "aria-128-ctr" +#define NID_aria_128_ctr 1069 +#define OBJ_aria_128_ctr OBJ_aria,5L + +#define SN_aria_192_ecb "ARIA-192-ECB" +#define LN_aria_192_ecb "aria-192-ecb" +#define NID_aria_192_ecb 1070 +#define OBJ_aria_192_ecb OBJ_aria,6L + +#define SN_aria_192_cbc "ARIA-192-CBC" +#define LN_aria_192_cbc "aria-192-cbc" +#define NID_aria_192_cbc 1071 +#define OBJ_aria_192_cbc OBJ_aria,7L + +#define SN_aria_192_cfb128 "ARIA-192-CFB" +#define LN_aria_192_cfb128 "aria-192-cfb" +#define NID_aria_192_cfb128 1072 +#define OBJ_aria_192_cfb128 OBJ_aria,8L + +#define SN_aria_192_ofb128 "ARIA-192-OFB" +#define LN_aria_192_ofb128 "aria-192-ofb" +#define NID_aria_192_ofb128 1073 +#define OBJ_aria_192_ofb128 OBJ_aria,9L + +#define SN_aria_192_ctr "ARIA-192-CTR" +#define LN_aria_192_ctr "aria-192-ctr" +#define NID_aria_192_ctr 1074 +#define OBJ_aria_192_ctr OBJ_aria,10L + +#define SN_aria_256_ecb "ARIA-256-ECB" +#define LN_aria_256_ecb "aria-256-ecb" +#define NID_aria_256_ecb 1075 +#define OBJ_aria_256_ecb OBJ_aria,11L + +#define SN_aria_256_cbc "ARIA-256-CBC" +#define LN_aria_256_cbc "aria-256-cbc" +#define NID_aria_256_cbc 1076 +#define OBJ_aria_256_cbc OBJ_aria,12L + +#define SN_aria_256_cfb128 "ARIA-256-CFB" +#define LN_aria_256_cfb128 "aria-256-cfb" +#define NID_aria_256_cfb128 1077 +#define OBJ_aria_256_cfb128 OBJ_aria,13L + +#define SN_aria_256_ofb128 "ARIA-256-OFB" +#define LN_aria_256_ofb128 "aria-256-ofb" +#define NID_aria_256_ofb128 1078 +#define OBJ_aria_256_ofb128 OBJ_aria,14L + +#define SN_aria_256_ctr "ARIA-256-CTR" +#define LN_aria_256_ctr "aria-256-ctr" +#define NID_aria_256_ctr 1079 +#define OBJ_aria_256_ctr OBJ_aria,15L + +#define SN_aria_128_cfb1 "ARIA-128-CFB1" +#define LN_aria_128_cfb1 "aria-128-cfb1" +#define NID_aria_128_cfb1 1080 + +#define SN_aria_192_cfb1 "ARIA-192-CFB1" +#define LN_aria_192_cfb1 "aria-192-cfb1" +#define NID_aria_192_cfb1 1081 + +#define SN_aria_256_cfb1 "ARIA-256-CFB1" +#define LN_aria_256_cfb1 "aria-256-cfb1" +#define NID_aria_256_cfb1 1082 + +#define SN_aria_128_cfb8 "ARIA-128-CFB8" +#define LN_aria_128_cfb8 "aria-128-cfb8" +#define NID_aria_128_cfb8 1083 + +#define SN_aria_192_cfb8 "ARIA-192-CFB8" +#define LN_aria_192_cfb8 "aria-192-cfb8" +#define NID_aria_192_cfb8 1084 + +#define SN_aria_256_cfb8 "ARIA-256-CFB8" +#define LN_aria_256_cfb8 "aria-256-cfb8" +#define NID_aria_256_cfb8 1085 + #define SN_kisa "KISA" #define LN_kisa "kisa" #define NID_kisa 773 diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 93da3dc19c..2d2395c5c1 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -101,10 +101,7 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { {SSL_CHACHA20POLY1305, NID_chacha20_poly1305}, }; -static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = { - NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, - NULL, NULL -}; +static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]; #define SSL_COMP_NULL_IDX 0 #define SSL_COMP_ZLIB_IDX 1 diff --git a/test/evptests.txt b/test/evptests.txt index 5c5eb24e20..a320828cc2 100644 --- a/test/evptests.txt +++ b/test/evptests.txt @@ -1604,6 +1604,130 @@ Operation = ENCRYPT Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D + +# ARIA test vectors from RFC5794 +Cipher = ARIA-128-ECB +Key = 000102030405060708090a0b0c0d0e0f +Plaintext = 00112233445566778899aabbccddeeff +Ciphertext = d718fbd6ab644c739da95f3be6451778 + +Cipher = ARIA-192-ECB +Key = 000102030405060708090a0b0c0d0e0f1011121314151617 +Plaintext = 00112233445566778899aabbccddeeff +Ciphertext = 26449c1805dbe7aa25a468ce263a9e79 + +Cipher = ARIA-256-ECB +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f +Plaintext = 00112233445566778899aabbccddeeff +Ciphertext = f92bd7c79fb72e2f2b8f80c1972d24fc + +# Additional ARIA mode vectors from http://210.104.33.10/ARIA/doc/ARIA-testvector-e.pdf +Cipher = ARIA-128-ECB +Key = 00112233445566778899aabbccddeeff +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = c6ecd08e22c30abdb215cf74e2075e6e29ccaac63448708d331b2f816c51b17d9e133d1528dbf0af5787c7f3a3f5c2bf6b6f345907a3055612ce072ff54de7d788424da6e8ccfe8172b391be499354165665ba7864917000a6eeb2ecb4a698edfc7887e7f556377614ab0a282293e6d884dbb84206cdb16ed1754e77a1f243fd086953f752cc1e46c7c794ae85537dcaec8dd721f55c93b6edfe2adea43873e8 + +Cipher = ARIA-128-CBC +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 49d61860b14909109cef0d22a9268134fadf9fb23151e9645fba75018bdb1538b53334634bbf7d4cd4b5377033060c155fe3948ca75de1031e1d85619e0ad61eb419a866b3c2dbfd10a4ed18b22149f75897f0b8668b0c1c542c687778835fb7cd46e45f85eaa7072437dd9fa6793d6f8d4ccefc4eb1ac641ac1bd30b18c6d64c49bca137eb21c2e04da62712ca2b4f540c57112c38791852cfac7a5d19ed83a + +Cipher = ARIA-128-CFB +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 3720e53ba7d615383406b09f0a05a200c07c21e6370f413a5d132500a68285017c61b434c7b7ca9685a51071861e4d4bb873b599b479e2d573dddeafba89f812ac6a9e44d554078eb3be94839db4b33da3f59c063123a7ef6f20e10579fa4fd239100ca73b52d4fcafeadee73f139f78f9b7614c2b3b9dbe010f87db06a89a9435f79ce8121431371f4e87b984e0230c22a6dacb32fc42dcc6accef33285bf11 + +Cipher = ARIA-128-CFB8 +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 373c8f6a965599ec785cc8f8149f6c81b632ccb8e0c6eb6a9707ae52c59257a41f94701c1096933127a90195ed0c8e98690547572423bb45c3d70e4a18ee56b967c10e000ba4df5fba7c404134a343d8375d04b151d161ef83417fe1748447d30a6723c406733df7d18aa39a20752d2381942e244811bb97f72eae446b1815aa690cd1b1adcbd007c0088ecdc91cb2e2caf0e11e72459878137eea64ac62a9a1 + +Cipher = ARIA-128-OFB +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 3720e53ba7d615383406b09f0a05a2000063063f0560083483faeb041c8adecef30cf80cefb002a0d280759168ec01db3d49f61aced260bd43eec0a2731730eec6fa4f2304319cf8ccac2d7be7833e4f8ae6ce967012c1c6badc5d28e7e4144f6bf5cebe01253ee202afce4bc61f28dec069a6f16f6c8a7dd2afae44148f6ff4d0029d5c607b5fa6b8c8a6301cde5c7033565cd0b8f0974ab490b236197ba04a + +Cipher = ARIA-128-CTR +Key = 00112233445566778899aabbccddeeff +IV = 00000000000000000000000000000000 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = ac5d7de805a0bf1c57c854501af60fa11497e2a34519dea1569e91e5b5ccae2ff3bfa1bf975f4571f48be191613546c3911163c085f871f0e7ae5f2a085b81851c2a3ddf20ecb8fa51901aec8ee4ba32a35dab67bb72cd9140ad188a967ac0fbbdfa94ea6cce47dcf8525ab5a814cfeb2bb60ee2b126e2d9d847c1a9e96f9019e3e6a7fe40d3829afb73db1cc245646addb62d9b907baaafbe46a73dbc131d3d + +Cipher = ARIA-192-ECB +Key = 00112233445566778899aabbccddeeff0011223344556677 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 8d1470625f59ebacb0e55b534b3e462b5f23d33bff78f46c3c15911f4a21809aaccad80b4bda915aa9dae6bcebe06a6c83f77fd5391acfe61de2f646b5d447edbfd5bb49b12fbb9145b227895a757b2af1f7188734863d7b8b6ede5a5b2f06a0a233c8523d2db778fb31b0e311f32700152f33861e9d040c83b5eb40cd88ea49975709dc629365a189f78a3ec40345fc6a5a307a8f9a4413091e007eca5645a0 + +Cipher = ARIA-192-CBC +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = afe6cf23974b533c672a826264ea785f4e4f7f780dc7f3f1e0962b80902386d514e9c3e77259de92dd1102ffab086c1ea52a71260db5920a83295c25320e421147ca45d532f327b856ea947cd2196ae2e040826548b4c891b0ed0ca6e714dbc4631998d548110d666b3d54c2a091955c6f05beb4f62309368696c9791fc4c551564a2637f194346ec45fbca6c72a5b4612e208d531d6c34cc5c64eac6bd0cf8c + +Cipher = ARIA-192-CFB +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 4171f7192bf4495494d2736129640f5c4d87a9a213664c9448477c6ecc2013598d9766952dd8c3868f17e36ef66fd84bfa45d1593d2d6ee3ea2115047d710d4fb66187caa3a315b3c8ea2d313962edcfe5a3e2028d5ba9a09fd5c65c19d3440e477f0cab0628ec6902c73ee02f1afee9f80115be7b9df82d1e28228e28581a20560e195cbb9e2b327bf56fd2d0ae5502e42c13e9b4015d4da42dc859252e7da4 + +Cipher = ARIA-192-CFB8 +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 411d3b4f57f705aa4d13c46e2cf426af7c8c916ed7923d889f0047bbf11471b6d54f8757ef519339105be3cb69babb976a57d5631fc23cc3051fe9d36e8b8e27a2b2c0c4d31928ccbf30ea8239b46ba1b77f6198e7ecd2ce27b35958148e826f06aaf385bd30362ff141583e7c1d8924d44d36a1133094074631e18adafa9d2e55de98f6895c89d4266ebd33f3d4be5153a96fa12132ece2e81e66e55baa7ade + +Cipher = ARIA-192-OFB +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 4171f7192bf4495494d2736129640f5cc224d26d364b5a06ddde13d0f1e74faa846de354c63cda77469d1a2d425c47ff41734c71b3fa1fcdc11e0b2de22bfeed54898e233df652c75ae136e61de6524e62b3f806fb2e8e616eb410a1b9500537e327ffb04f19f7f82fde2b122100261f81b82723bf936be7beaaf3067d1c036001f1ade71422268d274d7dc6c6ae1970b27a5f2c2f39c1d241fe8cac5ccd74e9 + +Cipher = ARIA-192-CTR +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 00000000000000000000000000000000 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 08625ca8fe569c19ba7af3760a6ed1cef4d199263e999dde14082dbba7560b79a4c6b456b8707dce751f9854f18893dfdb3f4e5afa539733e6f1e70b98ba37891f8f81e95df8efc26c7ce043504cb18958b865e4e316cd2aa1c97f31bf23dc046ef326b95a692a191ba0f2a41c5fe9ae070f236ff7078e703b42666caafbdd20bad74ac4c20c0f46c7ca24c151716575c947da16c90cfe1bf217a41cfebe7531 + +Cipher = ARIA-256-ECB +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 58a875e6044ad7fffa4f58420f7f442d8e191016f28e79aefc01e204773280d7018e5f7a938ec30711719953bae86542cd7ebc752474c1a5f6eaaace2a7e29462ee7dfa5afdb84177ead95ccd4b4bb6e1ed17b9534cff0a5fc2941429cfee2ee49c7adbeb7e9d1b0d2a8531d942079596a27ed79f5b1dd13ecd604b07a48885a3afa0627a0e4e60a3c703af292f1baa77b702f16c54aa74bc727ea95c7468b00 + +Cipher = ARIA-256-CBC +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 523a8a806ae621f155fdd28dbc34e1ab7b9b42432ad8b2efb96e23b13f0a6e52f36185d50ad002c5f601bee5493f118b243ee2e313642bffc3902e7b2efd9a12fa682edd2d23c8b9c5f043c18b17c1ec4b5867918270fbec1027c19ed6af833da5d620994668ca22f599791d292dd6273b2959082aafb7a996167cce1eec5f0cfd15f610d87e2dda9ba68ce1260ca54b222491418374294e7909b1e8551cd8de + +Cipher = ARIA-256-CFB +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be + +Cipher = ARIA-256-CFB8 +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 26baa33651e1f66434fec88ef27fd2b9a79e246dd89a3ffa00e8bdb37155433e6c24bd0b87d9a85baa9f485ccb984f5ec24d6a3ef5e3c81396177f039cf580dfdb55d6e1c47a28921dfe369e12fd357b289ad3a5544e1c1bd616d454db9c5f91f603373f29d5b2ed1b4b51de80f28537bbd43d5e3b5dd071dc91153cbbe732dfc325821b06ed8acaae656dcf2da9f13e4f29db671476f1e644ff06d9b67d6bd4 + +Cipher = ARIA-256-OFB +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 26834705b0f2c0e2588d4a7f0900963584c256815c4292b59f8d3f966a75b52345b4f5f98c785d3f368a8d5ff89b7f950ceab3cd63773c2621d652b8ef98b4196afb2c2b30496bc5b7d9e7f9084f9d855f63a511751c8909e7a6deadbe0a67a4fb89383ca5d209c6f66f793fc471195c476fb9c1eab2ac91e680e454b4f3ed9a67fb52f09c29b965b23cfa6f3f6bbb2a86c6cdbaa2857bf2486f543231892a52 + +Cipher = ARIA-256-CTR +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 00000000000000000000000000000000 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 30026c329666141721178b99c0a1f1b2f06940253f7b3089e2a30ea86aa3c88f5940f05ad7ee41d71347bb7261e348f18360473fdf7d4e7723bffb4411cc13f6cdd89f3bc7b9c768145022c7a74f14d7c305cd012a10f16050c23f1ae5c23f45998d13fbaa041e51619577e0772764896a5d4516d8ffceb3bf7e05f613edd9a60cdcedaff9cfcaf4e00d445a54334f73ab2cad944e51d266548e61c6eb0aa1cd + + # SEED test vectors from RFC4269 Cipher = SEED-ECB Key = 00000000000000000000000000000000 diff --git a/util/libcrypto.num b/util/libcrypto.num index d876ed4666..79dddd1ac0 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4231,3 +4231,24 @@ X509_VERIFY_PARAM_get_time 4181 1_1_0d EXIST::FUNCTION: EVP_PKEY_get0_poly1305 4182 1_1_1 EXIST::FUNCTION:POLY1305 DH_check_params 4183 1_1_0d EXIST::FUNCTION:DH EVP_PKEY_get0_siphash 4184 1_1_1 EXIST::FUNCTION:SIPHASH +EVP_aria_256_ofb 4185 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_256_cfb128 4186 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_cfb1 4187 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_ecb 4188 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_cfb128 4189 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_ecb 4190 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_cbc 4191 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_ofb 4192 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_cbc 4193 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_cfb1 4194 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_cfb8 4195 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_256_cfb1 4196 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_cfb8 4197 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_256_cfb8 4198 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_256_cbc 4199 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_ofb 4200 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_cfb128 4201 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_256_ecb 4202 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_256_ctr 4203 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_128_ctr 4204 1_1_1 EXIST::FUNCTION:ARIA +EVP_aria_192_ctr 4205 1_1_1 EXIST::FUNCTION:ARIA diff --git a/util/mkdef.pl b/util/mkdef.pl index 99f5c9d011..d82c849290 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -80,7 +80,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", "SHA256", "SHA512", "RMD160", "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M", - "HMAC", "AES", "CAMELLIA", "SEED", "GOST", + "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SCRYPT", "CHACHA", "POLY1305", "BLAKE2", "SIPHASH", # EC_NISTP_64_GCC_128