diff options
author | Adam Langley <agl@google.com> | 2015-03-24 18:25:20 -0700 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-03-24 18:28:00 -0700 |
commit | f40f42df67fffec64967b000e4fdad4b435611a5 (patch) | |
tree | 086deea6861fc4705bb472a41a0f3aa62c4c38da | |
parent | b051df5cb1e83aa9ffdfe28406b6d9e33321912a (diff) | |
download | external_boringssl-f40f42df67fffec64967b000e4fdad4b435611a5.zip external_boringssl-f40f42df67fffec64967b000e4fdad4b435611a5.tar.gz external_boringssl-f40f42df67fffec64967b000e4fdad4b435611a5.tar.bz2 |
Changes to work with OpenSSH and wpa_supplicant.
Change-Id: I19ed78acc67bd0ad8b905ce0ac628b39da8bb161
-rw-r--r-- | android_compat_hacks.c | 5 | ||||
-rw-r--r-- | android_compat_keywrap.c | 125 | ||||
-rw-r--r-- | sources.mk | 1 | ||||
-rw-r--r-- | src/crypto/cipher/internal.h | 36 | ||||
-rw-r--r-- | src/crypto/crypto.c | 8 | ||||
-rw-r--r-- | src/include/openssl/aes.h | 12 | ||||
-rw-r--r-- | src/include/openssl/cipher.h | 36 | ||||
-rw-r--r-- | src/include/openssl/crypto.h | 11 | ||||
-rw-r--r-- | src/include/openssl/opensslv.h | 2 | ||||
-rw-r--r-- | src/include/openssl/ssl.h | 4 | ||||
-rw-r--r-- | update_gypi_and_asm.py | 1 |
11 files changed, 204 insertions, 37 deletions
diff --git a/android_compat_hacks.c b/android_compat_hacks.c index ac6a344..08377c5 100644 --- a/android_compat_hacks.c +++ b/android_compat_hacks.c @@ -73,3 +73,8 @@ int SSL_set_session_ticket_ext_cb(SSL *s, void *cb, void *arg) { int SSL_set_session_secret_cb(SSL *s, void *cb, void *arg) { return 0; } + +int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method) { + /* This is only called when EAP-FAST is being used, which is not supported. */ + abort(); +} diff --git a/android_compat_keywrap.c b/android_compat_keywrap.c new file mode 100644 index 0000000..9ffe17d --- /dev/null +++ b/android_compat_keywrap.c @@ -0,0 +1,125 @@ +/* + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. + */ +/* ==================================================================== + * Copyright (c) 2008 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include <openssl/aes.h> +#include <openssl/mem.h> + +#include <string.h> +#include <stdlib.h> + +static const uint8_t default_iv[] = { + 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, +}; + +int AES_wrap_key(AES_KEY *key, const uint8_t *iv, uint8_t *out, + const uint8_t *in, unsigned int inlen) { + uint8_t *A, B[16], *R; + unsigned int i, j, t; + if ((inlen & 0x7) || (inlen < 8)) return -1; + A = B; + t = 1; + memcpy(out + 8, in, inlen); + if (!iv) iv = default_iv; + + memcpy(A, iv, 8); + + for (j = 0; j < 6; j++) { + R = out + 8; + for (i = 0; i < inlen; i += 8, t++, R += 8) { + memcpy(B + 8, R, 8); + AES_encrypt(B, B, key); + A[7] ^= (uint8_t)(t & 0xff); + if (t > 0xff) { + A[6] ^= (uint8_t)((t >> 8) & 0xff); + A[5] ^= (uint8_t)((t >> 16) & 0xff); + A[4] ^= (uint8_t)((t >> 24) & 0xff); + } + memcpy(R, B + 8, 8); + } + } + memcpy(out, A, 8); + return inlen + 8; +} + +int AES_unwrap_key(AES_KEY *key, const uint8_t *iv, uint8_t *out, + const uint8_t *in, unsigned int inlen) { + uint8_t *A, B[16], *R; + unsigned int i, j, t; + inlen -= 8; + if (inlen & 0x7) return -1; + if (inlen < 8) return -1; + A = B; + t = 6 * (inlen >> 3); + memcpy(A, in, 8); + memcpy(out, in + 8, inlen); + for (j = 0; j < 6; j++) { + R = out + inlen - 8; + for (i = 0; i < inlen; i += 8, t--, R -= 8) { + A[7] ^= (uint8_t)(t & 0xff); + if (t > 0xff) { + A[6] ^= (uint8_t)((t >> 8) & 0xff); + A[5] ^= (uint8_t)((t >> 16) & 0xff); + A[4] ^= (uint8_t)((t >> 24) & 0xff); + } + memcpy(B + 8, R, 8); + AES_decrypt(B, B, key); + memcpy(R, B + 8, 8); + } + } + if (!iv) iv = default_iv; + if (memcmp(A, iv, 8)) { + OPENSSL_cleanse(out, inlen); + return 0; + } + return inlen; +} @@ -2,6 +2,7 @@ crypto_sources := \ android_compat_hacks.c\ + android_compat_keywrap.c\ src/crypto/aes/aes.c\ src/crypto/aes/mode_wrappers.c\ src/crypto/asn1/a_bitstr.c\ diff --git a/src/crypto/cipher/internal.h b/src/crypto/cipher/internal.h index 2b8fb05..bc1e2de 100644 --- a/src/crypto/cipher/internal.h +++ b/src/crypto/cipher/internal.h @@ -66,42 +66,6 @@ extern "C" { #endif -struct evp_cipher_st { - /* type contains a NID identifing the cipher. (For example, NID_rc4.) */ - int nid; - - /* block_size contains the block size, in bytes, of the cipher, or 1 for a - * stream cipher. */ - unsigned block_size; - - /* key_len contains the key size, in bytes, for the cipher. If the cipher - * takes a variable key size then this contains the default size. */ - unsigned key_len; - - /* iv_len contains the IV size, in bytes, or zero if inapplicable. */ - unsigned iv_len; - - /* ctx_size contains the size, in bytes, of the per-key context for this - * cipher. */ - unsigned ctx_size; - - /* flags contains the OR of a number of flags. See |EVP_CIPH_*|. */ - uint32_t flags; - - /* app_data is a pointer to opaque, user data. */ - void *app_data; - - int (*init)(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv, - int enc); - - int (*cipher)(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, - size_t inl); - - int (*cleanup)(EVP_CIPHER_CTX *); - - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); -}; - /* EVP_CIPH_MODE_MASK contains the bits of |flags| that represent the mode. */ #define EVP_CIPH_MODE_MASK 0x3f diff --git a/src/crypto/crypto.c b/src/crypto/crypto.c index c463d5e..64e55f4 100644 --- a/src/crypto/crypto.c +++ b/src/crypto/crypto.c @@ -102,3 +102,11 @@ void CRYPTO_library_init(void) { do_library_init(); #endif } + +const char *SSLeay_version(int unused) { + return SSLeay(); +} + +const char *SSLeay(void) { + return "BoringSSL"; +} diff --git a/src/include/openssl/aes.h b/src/include/openssl/aes.h index 11d83bb..84cde41 100644 --- a/src/include/openssl/aes.h +++ b/src/include/openssl/aes.h @@ -139,6 +139,18 @@ OPENSSL_EXPORT void AES_cfb128_encrypt(const uint8_t *in, uint8_t *out, uint8_t *ivec, int *num, int enc); +/* Android compatibility section. + * + * These functions are declared, temporarily, for Android because + * wpa_supplicant will take a little time to sync with upstream. Outside of + * Android they'll have no definition. */ + +OPENSSL_EXPORT int AES_wrap_key(AES_KEY *key, const uint8_t *iv, uint8_t *out, + const uint8_t *in, unsigned in_len); +OPENSSL_EXPORT int AES_unwrap_key(AES_KEY *key, const uint8_t *iv, uint8_t *out, + const uint8_t *in, unsigned in_len); + + #if defined(__cplusplus) } /* extern C */ #endif diff --git a/src/include/openssl/cipher.h b/src/include/openssl/cipher.h index 0dfd97b..b614333 100644 --- a/src/include/openssl/cipher.h +++ b/src/include/openssl/cipher.h @@ -484,6 +484,42 @@ typedef struct evp_cipher_info_st { unsigned char iv[EVP_MAX_IV_LENGTH]; } EVP_CIPHER_INFO; +struct evp_cipher_st { + /* type contains a NID identifing the cipher. (For example, NID_rc4.) */ + int nid; + + /* block_size contains the block size, in bytes, of the cipher, or 1 for a + * stream cipher. */ + unsigned block_size; + + /* key_len contains the key size, in bytes, for the cipher. If the cipher + * takes a variable key size then this contains the default size. */ + unsigned key_len; + + /* iv_len contains the IV size, in bytes, or zero if inapplicable. */ + unsigned iv_len; + + /* ctx_size contains the size, in bytes, of the per-key context for this + * cipher. */ + unsigned ctx_size; + + /* flags contains the OR of a number of flags. See |EVP_CIPH_*|. */ + uint32_t flags; + + /* app_data is a pointer to opaque, user data. */ + void *app_data; + + int (*init)(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv, + int enc); + + int (*cipher)(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, + size_t inl); + + int (*cleanup)(EVP_CIPHER_CTX *); + + int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); +}; + /* Android compatibility section. * diff --git a/src/include/openssl/crypto.h b/src/include/openssl/crypto.h index 112431e..e58d5f0 100644 --- a/src/include/openssl/crypto.h +++ b/src/include/openssl/crypto.h @@ -32,6 +32,17 @@ extern "C" { * nothing and a static initializer is used instead. */ OPENSSL_EXPORT void CRYPTO_library_init(void); +#define OPENSSL_VERSION_TEXT "BoringSSL" + +#define SSLEAY_VERSION 0 + +/* SSLeay_version is a compatibility function that returns the string + * "BoringSSL". */ +OPENSSL_EXPORT const char *SSLeay_version(int unused); + +/* SSLeay is a compatibility function that returns the string "BoringSSL". */ +OPENSSL_EXPORT const char *SSLeay(void); + #if defined(__cplusplus) } /* extern C */ diff --git a/src/include/openssl/opensslv.h b/src/include/openssl/opensslv.h index c2b3fe7..a3555d4 100644 --- a/src/include/openssl/opensslv.h +++ b/src/include/openssl/opensslv.h @@ -15,4 +15,4 @@ /* This header is provided in order to make compiling against code that expects OpenSSL easier. */ -#include "base.h" +#include "crypto.h" diff --git a/src/include/openssl/ssl.h b/src/include/openssl/ssl.h index 649e38f..eb8cad0 100644 --- a/src/include/openssl/ssl.h +++ b/src/include/openssl/ssl.h @@ -155,6 +155,9 @@ /* Some code expected to get the threading functions by including ssl.h. */ #include <openssl/thread.h> +/* wpa_supplicant expects to get the version functions from ssl.h */ +#include <openssl/crypto.h> + #ifdef __cplusplus extern "C" { #endif @@ -2192,6 +2195,7 @@ OPENSSL_EXPORT int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len); OPENSSL_EXPORT int SSL_set_session_secret_cb(SSL *s, void *cb, void *arg); OPENSSL_EXPORT int SSL_set_session_ticket_ext_cb(SSL *s, void *cb, void *arg); +OPENSSL_EXPORT int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); #ifdef __cplusplus diff --git a/update_gypi_and_asm.py b/update_gypi_and_asm.py index 6ac8383..349a7e7 100644 --- a/update_gypi_and_asm.py +++ b/update_gypi_and_asm.py @@ -187,6 +187,7 @@ def main(): tool_cc_files = FindCFiles(os.path.join('src', 'tool'), NoTests) crypto_c_files.append('android_compat_hacks.c') + crypto_c_files.append('android_compat_keywrap.c') with open('sources.mk', 'w+') as makefile: makefile.write(FILE_HEADER) |