summaryrefslogtreecommitdiff
path: root/lib/libcrypto
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2023-04-25 17:54:11 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2023-04-25 17:54:11 +0000
commit8339b78b0566086eb964e9d9a63f8ac4f1db87ff (patch)
tree821fddd5a60dd4c9592f22d0ab01ba6dd81fb99e /lib/libcrypto
parent994a9942e41709ac2924bc72c421faf7526975d1 (diff)
Remove CTS mode
ok jsing
Diffstat (limited to 'lib/libcrypto')
-rw-r--r--lib/libcrypto/Makefile3
-rw-r--r--lib/libcrypto/modes/cts128.c267
-rw-r--r--lib/libcrypto/modes/modes.h30
3 files changed, 2 insertions, 298 deletions
diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile
index a993755d24e..057eb9cc541 100644
--- a/lib/libcrypto/Makefile
+++ b/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.111 2023/04/25 17:42:07 tb Exp $
+# $OpenBSD: Makefile,v 1.112 2023/04/25 17:54:10 tb Exp $
LIB= crypto
LIBREBUILD=y
@@ -513,7 +513,6 @@ SRCS+= cbc128.c
SRCS+= ccm128.c
SRCS+= cfb128.c
SRCS+= ctr128.c
-#SRCS+= cts128.c
SRCS+= gcm128.c
SRCS+= ofb128.c
SRCS+= xts128.c
diff --git a/lib/libcrypto/modes/cts128.c b/lib/libcrypto/modes/cts128.c
deleted file mode 100644
index ec81dd24334..00000000000
--- a/lib/libcrypto/modes/cts128.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* $OpenBSD: cts128.c,v 1.6 2022/11/26 16:08:53 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
- */
-
-#include <openssl/crypto.h>
-#include "modes_local.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-# define NDEBUG
-# endif
-#endif
-
-/*
- * Trouble with Ciphertext Stealing, CTS, mode is that there is no
- * common official specification, but couple of cipher/application
- * specific ones: RFC2040 and RFC3962. Then there is 'Proposal to
- * Extend CBC Mode By "Ciphertext Stealing"' at NIST site, which
- * deviates from mentioned RFCs. Most notably it allows input to be
- * of block length and it doesn't flip the order of the last two
- * blocks. CTS is being discussed even in ECB context, but it's not
- * adopted for any known application. This implementation provides
- * two interfaces: one compliant with above mentioned RFCs and one
- * compliant with the NIST proposal, both extending CBC mode.
- */
-
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block)
-{ size_t residue, n;
-
- if (len <= 16) return 0;
-
- if ((residue=len%16) == 0) residue = 16;
-
- len -= residue;
-
- CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
-
- in += len;
- out += len;
-
- for (n=0; n<residue; ++n)
- ivec[n] ^= in[n];
- (*block)(ivec,ivec,key);
- memcpy(out,out-16,residue);
- memcpy(out-16,ivec,16);
-
- return len+residue;
-}
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block)
-{ size_t residue, n;
-
- if (len < 16) return 0;
-
- residue=len%16;
-
- len -= residue;
-
- CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
-
- if (residue==0) return len;
-
- in += len;
- out += len;
-
- for (n=0; n<residue; ++n)
- ivec[n] ^= in[n];
- (*block)(ivec,ivec,key);
- memcpy(out-16+residue,ivec,16);
-
- return len+residue;
-}
-
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc)
-{ size_t residue;
- union { size_t align; unsigned char c[16]; } tmp;
-
- if (len <= 16) return 0;
-
- if ((residue=len%16) == 0) residue = 16;
-
- len -= residue;
-
- (*cbc)(in,out,len,key,ivec,1);
-
- in += len;
- out += len;
-
- memset(tmp.c,0,sizeof(tmp));
- memcpy(tmp.c,in,residue);
- memcpy(out,out-16,residue);
- (*cbc)(tmp.c,out-16,16,key,ivec,1);
- return len+residue;
-}
-
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc)
-{ size_t residue;
- union { size_t align; unsigned char c[16]; } tmp;
-
- if (len < 16) return 0;
-
- residue=len%16;
-
- len -= residue;
-
- (*cbc)(in,out,len,key,ivec,1);
-
- if (residue==0) return len;
-
- in += len;
- out += len;
-
- memset(tmp.c,0,sizeof(tmp));
- memcpy(tmp.c,in,residue);
- (*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
- return len+residue;
-}
-
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block)
-{ size_t residue, n;
- union { size_t align; unsigned char c[32]; } tmp;
-
- if (len<=16) return 0;
-
- if ((residue=len%16) == 0) residue = 16;
-
- len -= 16+residue;
-
- if (len) {
- CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
- in += len;
- out += len;
- }
-
- (*block)(in,tmp.c+16,key);
-
- memcpy(tmp.c,tmp.c+16,16);
- memcpy(tmp.c,in+16,residue);
- (*block)(tmp.c,tmp.c,key);
-
- for(n=0; n<16; ++n) {
- unsigned char c = in[n];
- out[n] = tmp.c[n] ^ ivec[n];
- ivec[n] = c;
- }
- for(residue+=16; n<residue; ++n)
- out[n] = tmp.c[n] ^ in[n];
-
- return 16+len+residue;
-}
-
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block)
-{ size_t residue, n;
- union { size_t align; unsigned char c[32]; } tmp;
-
- if (len<16) return 0;
-
- residue=len%16;
-
- if (residue==0) {
- CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
- return len;
- }
-
- len -= 16+residue;
-
- if (len) {
- CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
- in += len;
- out += len;
- }
-
- (*block)(in+residue,tmp.c+16,key);
-
- memcpy(tmp.c,tmp.c+16,16);
- memcpy(tmp.c,in,residue);
- (*block)(tmp.c,tmp.c,key);
-
- for(n=0; n<16; ++n) {
- unsigned char c = in[n];
- out[n] = tmp.c[n] ^ ivec[n];
- ivec[n] = in[n+residue];
- tmp.c[n] = c;
- }
- for(residue+=16; n<residue; ++n)
- out[n] = tmp.c[n] ^ tmp.c[n-16];
-
- return 16+len+residue;
-}
-
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc)
-{ size_t residue;
- union { size_t align; unsigned char c[32]; } tmp;
-
- if (len<=16) return 0;
-
- if ((residue=len%16) == 0) residue = 16;
-
- len -= 16+residue;
-
- if (len) {
- (*cbc)(in,out,len,key,ivec,0);
- in += len;
- out += len;
- }
-
- memset(tmp.c,0,sizeof(tmp));
- /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
- (*cbc)(in,tmp.c,16,key,tmp.c+16,0);
-
- memcpy(tmp.c,in+16,residue);
- (*cbc)(tmp.c,tmp.c,32,key,ivec,0);
- memcpy(out,tmp.c,16+residue);
- return 16+len+residue;
-}
-
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc)
-{ size_t residue;
- union { size_t align; unsigned char c[32]; } tmp;
-
- if (len<16) return 0;
-
- residue=len%16;
-
- if (residue==0) {
- (*cbc)(in,out,len,key,ivec,0);
- return len;
- }
-
- len -= 16+residue;
-
- if (len) {
- (*cbc)(in,out,len,key,ivec,0);
- in += len;
- out += len;
- }
-
- memset(tmp.c,0,sizeof(tmp));
- /* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
- (*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
-
- memcpy(tmp.c,in,residue);
- (*cbc)(tmp.c,tmp.c,32,key,ivec,0);
- memcpy(out,tmp.c,16+residue);
- return 16+len+residue;
-}
diff --git a/lib/libcrypto/modes/modes.h b/lib/libcrypto/modes/modes.h
index 3c9557ebeb4..44d8326b5b7 100644
--- a/lib/libcrypto/modes/modes.h
+++ b/lib/libcrypto/modes/modes.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: modes.h,v 1.4 2023/04/16 08:14:34 tb Exp $ */
+/* $OpenBSD: modes.h,v 1.5 2023/04/25 17:54:10 tb Exp $ */
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
@@ -63,34 +63,6 @@ void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
unsigned char ivec[16], int *num,
int enc, block128_f block);
-#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block);
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block);
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block);
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], block128_f block);
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
- size_t len, const void *key,
- unsigned char ivec[16], cbc128_f cbc);
-#endif
-
typedef struct gcm128_context GCM128_CONTEXT;
GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);