diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2003-08-28 14:43:36 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2003-08-28 14:43:36 +0000 |
| commit | ba917f6f40f567ab13d325271ce182f112393681 (patch) | |
| tree | ff02cd602822369616ed1b6f74392b7265a037d5 /sbin/isakmpd/crypto.h | |
| parent | b300592d218ec0e85df79884a4d7d7653ce7e3a9 (diff) | |
support AES in phase 1, too. switch to OpenSSL EVP interface;
with Hans-Joerg.Hoexer at yerbouti.franken.de; ok ho@
Diffstat (limited to 'sbin/isakmpd/crypto.h')
| -rw-r--r-- | sbin/isakmpd/crypto.h | 75 |
1 files changed, 10 insertions, 65 deletions
diff --git a/sbin/isakmpd/crypto.h b/sbin/isakmpd/crypto.h index 760e8c6cb71..6cce31f19e7 100644 --- a/sbin/isakmpd/crypto.h +++ b/sbin/isakmpd/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.8 2003/06/03 14:28:16 ho Exp $ */ +/* $OpenBSD: crypto.h,v 1.9 2003/08/28 14:43:35 markus Exp $ */ /* $EOM: crypto.h,v 1.12 2000/10/15 21:56:41 niklas Exp $ */ /* @@ -32,56 +32,7 @@ #ifndef _CRYPTO_H_ #define _CRYPTO_H_ -#if defined (__APPLE__) - -#include <openssl/des.h> -#ifdef USE_BLOWFISH -#include <openssl/blowfish.h> -#endif -#ifdef USE_CAST -#include <openssl/cast.h> -#endif - -#else - -#include <des.h> -#ifdef USE_BLOWFISH -#include <blf.h> -#endif -#ifdef USE_CAST -#include <cast.h> -#endif - -#endif /* __APPLE__ */ - -#define USE_32BIT -#if defined (USE_64BIT) - -#define XOR64(x,y) *(u_int64_t *)(x) ^= *(u_int64_t *)(y); -#define SET64(x,y) *(u_int64_t *)(x) = *(u_int64_t *)(y); - -#elif defined (USE_32BIT) - -#define XOR64(x,y) *(u_int32_t *)(x) ^= *(u_int32_t *)(y); \ - *(u_int32_t *)((u_int8_t *)(x) + 4) ^= *(u_int32_t *)((u_int8_t *)(y) + 4); -#define SET64(x,y) *(u_int32_t *)(x) = *(u_int32_t *)(y); \ - *(u_int32_t *)((u_int8_t *)(x) + 4) = *(u_int32_t *)((u_int8_t *)(y) + 4); - -#else - -#define XOR8(x,y,i) (x)[i] ^= (y)[i]; -#define XOR64(x,y) XOR8(x,y,0); XOR8(x,y,1); XOR8(x,y,2); XOR8(x,y,3); \ - XOR8(x,y,4); XOR8(x,y,5); XOR8(x,y,6); XOR8(x,y,7); -#define SET8(x,y,i) (x)[i] = (y)[i]; -#define SET64(x,y) SET8(x,y,0); SET8(x,y,1); SET8(x,y,2); SET8(x,y,3); \ - SET8(x,y,4); SET8(x,y,5); SET8(x,y,6); SET8(x,y,7); - -#endif /* USE_64BIT */ - -#define SET_32BIT_BIG(x,y) (x)[3]= (y); (x)[2]= (y) >> 8; \ - (x)[1] = (y) >> 16; (x)[0]= (y) >> 24; -#define GET_32BIT_BIG(x) (u_int32_t)(x)[3] | ((u_int32_t)(x)[2] << 8) | \ - ((u_int32_t)(x)[1] << 16)| ((u_int32_t)(x)[0] << 24); +#include <openssl/evp.h> /* * This is standard for all block ciphers we use at the moment. @@ -90,7 +41,7 @@ */ #define BLOCKSIZE 8 -#define MAXBLK BLOCKSIZE +#define MAXBLK (2*BLOCKSIZE) struct keystate { struct crypto_xf *xf; /* Back pointer */ @@ -100,20 +51,13 @@ struct keystate { u_int8_t iv[MAXBLK]; /* Next IV to use */ u_int8_t iv2[MAXBLK]; u_int8_t *riv, *liv; - union { - des_key_schedule desks[3]; -#ifdef USE_BLOWFISH - blf_ctx blfks; -#endif -#ifdef USE_CAST - cast_key castks; -#endif - } keydata; + struct { + EVP_CIPHER_CTX enc, dec; + } evp; }; -#define ks_des keydata.desks -#define ks_blf keydata.blfks -#define ks_cast keydata.castks +#define ks_evpenc evp.enc +#define ks_evpdec evp.dec /* * Information about the cryptotransform. @@ -130,7 +74,8 @@ enum transform { BLOWFISH_CBC=3, RC5_R16_B64_CBC=4, /* Licensed, DONT use */ TRIPLEDES_CBC=5, /* This is a SHOULD */ - CAST_CBC=6 + CAST_CBC=6, + AES_CBC=7 }; enum cryptoerr { |