From 6ef81d388d78ad417f6fc5d02ef61b54995c5335 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 25 Sep 2019 09:07:20 +0200 Subject: [PATCH] Remove EVP_CIPH_FLAG_DEFAULT_ASN1 from all provided implementations Since that flag has lost its relevance, don't use it any more. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10008) --- providers/common/ciphers/cipher_aes_wrp.c | 2 +- providers/common/ciphers/cipher_aes_xts.c | 5 +++-- .../common/include/internal/ciphers/cipher_aead.h | 10 ++++++---- .../common/include/internal/ciphers/cipher_tdes.h | 2 +- providers/default/ciphers/cipher_blowfish.c | 10 ++++++---- providers/default/ciphers/cipher_cast5.c | 10 ++++++---- providers/default/ciphers/cipher_seed.c | 11 ++++------- providers/default/ciphers/cipher_sm4.c | 13 +++++-------- providers/default/ciphers/cipher_tdes_wrap.c | 6 +++--- 9 files changed, 35 insertions(+), 34 deletions(-) diff --git a/providers/common/ciphers/cipher_aes_wrp.c b/providers/common/ciphers/cipher_aes_wrp.c index ae05aed540..70f387f515 100644 --- a/providers/common/ciphers/cipher_aes_wrp.c +++ b/providers/common/ciphers/cipher_aes_wrp.c @@ -18,7 +18,7 @@ /* TODO(3.0) Figure out what flags need to be passed */ #define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) + | EVP_CIPH_ALWAYS_CALL_INIT) typedef size_t (*aeswrap_fn)(void *key, const unsigned char *iv, unsigned char *out, const unsigned char *in, diff --git a/providers/common/ciphers/cipher_aes_xts.c b/providers/common/ciphers/cipher_aes_xts.c index 0d642368b3..f114793ba8 100644 --- a/providers/common/ciphers/cipher_aes_xts.c +++ b/providers/common/ciphers/cipher_aes_xts.c @@ -12,8 +12,9 @@ #include "internal/providercommonerr.h" /* TODO (3.0) Figure out what flags need to be set */ -#define AES_XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ +#define AES_XTS_FLAGS (EVP_CIPH_CUSTOM_IV \ + | EVP_CIPH_ALWAYS_CALL_INIT \ + | EVP_CIPH_CTRL_INIT \ | EVP_CIPH_CUSTOM_COPY) #define AES_XTS_IV_BITS 128 diff --git a/providers/common/include/internal/ciphers/cipher_aead.h b/providers/common/include/internal/ciphers/cipher_aead.h index 1ddba1c325..0b7d595b7d 100644 --- a/providers/common/include/internal/ciphers/cipher_aead.h +++ b/providers/common/include/internal/ciphers/cipher_aead.h @@ -10,10 +10,12 @@ #define UNINITIALISED_SIZET ((size_t)-1) /* TODO(3.0) Figure out what flags are really needed */ -#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ - | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ - | EVP_CIPH_CUSTOM_COPY) +#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER \ + | EVP_CIPH_CUSTOM_IV \ + | EVP_CIPH_FLAG_CUSTOM_CIPHER \ + | EVP_CIPH_ALWAYS_CALL_INIT \ + | EVP_CIPH_CTRL_INIT \ + | EVP_CIPH_CUSTOM_COPY) #define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ diff --git a/providers/common/include/internal/ciphers/cipher_tdes.h b/providers/common/include/internal/ciphers/cipher_tdes.h index 120201d1ad..7bb879fb4f 100644 --- a/providers/common/include/internal/ciphers/cipher_tdes.h +++ b/providers/common/include/internal/ciphers/cipher_tdes.h @@ -14,7 +14,7 @@ #define TDES_IVLEN 8 /* TODO(3.0) Figure out what flags need to be here */ -#define TDES_FLAGS (EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1) +#define TDES_FLAGS (EVP_CIPH_RAND_KEY) typedef struct prov_tdes_ctx_st { PROV_CIPHER_CTX base; /* Must be first */ diff --git a/providers/default/ciphers/cipher_blowfish.c b/providers/default/ciphers/cipher_blowfish.c index 9e2920df96..4730f1fd40 100644 --- a/providers/default/ciphers/cipher_blowfish.c +++ b/providers/default/ciphers/cipher_blowfish.c @@ -12,6 +12,8 @@ #include "cipher_blowfish.h" #include "internal/provider_algs.h" +#define BF_FLAGS (EVP_CIPH_VARIABLE_LENGTH) + static OSSL_OP_cipher_freectx_fn blowfish_freectx; static OSSL_OP_cipher_dupctx_fn blowfish_dupctx; @@ -37,10 +39,10 @@ static void *blowfish_dupctx(void *ctx) } /* bf_ecb_functions */ -IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ecb, ECB, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 0, block) +IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ecb, ECB, BF_FLAGS, 128, 64, 0, block) /* bf_cbc_functions */ -IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 64, block) +IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cbc, CBC, BF_FLAGS, 128, 64, 64, block) /* bf_ofb_functions */ -IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ofb64, OFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream) +IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ofb64, OFB, BF_FLAGS, 64, 8, 64, stream) /* bf_cfb_functions */ -IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cfb64, CFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream) +IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cfb64, CFB, BF_FLAGS, 64, 8, 64, stream) diff --git a/providers/default/ciphers/cipher_cast5.c b/providers/default/ciphers/cipher_cast5.c index 13d48ea091..eb79aad820 100644 --- a/providers/default/ciphers/cipher_cast5.c +++ b/providers/default/ciphers/cipher_cast5.c @@ -12,6 +12,8 @@ #include "cipher_cast.h" #include "internal/provider_algs.h" +#define CAST5_FLAGS (EVP_CIPH_VARIABLE_LENGTH) + static OSSL_OP_cipher_freectx_fn cast5_freectx; static OSSL_OP_cipher_dupctx_fn cast5_dupctx; @@ -37,10 +39,10 @@ static void *cast5_dupctx(void *ctx) } /* cast5128ecb_functions */ -IMPLEMENT_generic_cipher(cast5, CAST, ecb, ECB, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 0, block) +IMPLEMENT_generic_cipher(cast5, CAST, ecb, ECB, CAST5_FLAGS, 128, 64, 0, block) /* cast5128cbc_functions */ -IMPLEMENT_generic_cipher(cast5, CAST, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 64, block) +IMPLEMENT_generic_cipher(cast5, CAST, cbc, CBC, CAST5_FLAGS, 128, 64, 64, block) /* cast564ofb64_functions */ -IMPLEMENT_generic_cipher(cast5, CAST, ofb64, OFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream) +IMPLEMENT_generic_cipher(cast5, CAST, ofb64, OFB, CAST5_FLAGS, 64, 8, 64, stream) /* cast564cfb64_functions */ -IMPLEMENT_generic_cipher(cast5, CAST, cfb64, CFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream) +IMPLEMENT_generic_cipher(cast5, CAST, cfb64, CFB, CAST5_FLAGS, 64, 8, 64, stream) diff --git a/providers/default/ciphers/cipher_seed.c b/providers/default/ciphers/cipher_seed.c index 5dfa648c96..397671dd06 100644 --- a/providers/default/ciphers/cipher_seed.c +++ b/providers/default/ciphers/cipher_seed.c @@ -12,9 +12,6 @@ #include "cipher_seed.h" #include "internal/provider_algs.h" -/* TODO (3.0) Figure out what flags are required */ -#define SEED_FLAGS EVP_CIPH_FLAG_DEFAULT_ASN1 - static OSSL_OP_cipher_freectx_fn seed_freectx; static OSSL_OP_cipher_dupctx_fn seed_dupctx; @@ -40,10 +37,10 @@ static void *seed_dupctx(void *ctx) } /* seed128ecb_functions */ -IMPLEMENT_generic_cipher(seed, SEED, ecb, ECB, SEED_FLAGS, 128, 128, 0, block) +IMPLEMENT_generic_cipher(seed, SEED, ecb, ECB, 0, 128, 128, 0, block) /* seed128cbc_functions */ -IMPLEMENT_generic_cipher(seed, SEED, cbc, CBC, SEED_FLAGS, 128, 128, 128, block) +IMPLEMENT_generic_cipher(seed, SEED, cbc, CBC, 0, 128, 128, 128, block) /* seed128ofb128_functions */ -IMPLEMENT_generic_cipher(seed, SEED, ofb128, OFB, SEED_FLAGS, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(seed, SEED, ofb128, OFB, 0, 128, 8, 128, stream) /* seed128cfb128_functions */ -IMPLEMENT_generic_cipher(seed, SEED, cfb128, CFB, SEED_FLAGS, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(seed, SEED, cfb128, CFB, 0, 128, 8, 128, stream) diff --git a/providers/default/ciphers/cipher_sm4.c b/providers/default/ciphers/cipher_sm4.c index 8b7c3761ca..2c1e587863 100644 --- a/providers/default/ciphers/cipher_sm4.c +++ b/providers/default/ciphers/cipher_sm4.c @@ -12,9 +12,6 @@ #include "cipher_sm4.h" #include "internal/provider_algs.h" -/* TODO (3.0) Figure out what flags to pass */ -#define SM4_FLAGS EVP_CIPH_FLAG_DEFAULT_ASN1 - static OSSL_OP_cipher_freectx_fn sm4_freectx; static OSSL_OP_cipher_dupctx_fn sm4_dupctx; @@ -40,12 +37,12 @@ static void *sm4_dupctx(void *ctx) } /* sm4128ecb_functions */ -IMPLEMENT_generic_cipher(sm4, SM4, ecb, ECB, SM4_FLAGS, 128, 128, 0, block) +IMPLEMENT_generic_cipher(sm4, SM4, ecb, ECB, 0, 128, 128, 0, block) /* sm4128cbc_functions */ -IMPLEMENT_generic_cipher(sm4, SM4, cbc, CBC, SM4_FLAGS, 128, 128, 128, block) +IMPLEMENT_generic_cipher(sm4, SM4, cbc, CBC, 0, 128, 128, 128, block) /* sm4128ctr_functions */ -IMPLEMENT_generic_cipher(sm4, SM4, ctr, CTR, SM4_FLAGS, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(sm4, SM4, ctr, CTR, 0, 128, 8, 128, stream) /* sm4128ofb128_functions */ -IMPLEMENT_generic_cipher(sm4, SM4, ofb128, OFB, SM4_FLAGS, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(sm4, SM4, ofb128, OFB, 0, 128, 8, 128, stream) /* sm4128cfb128_functions */ -IMPLEMENT_generic_cipher(sm4, SM4, cfb128, CFB, SM4_FLAGS, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(sm4, SM4, cfb128, CFB, 0, 128, 8, 128, stream) diff --git a/providers/default/ciphers/cipher_tdes_wrap.c b/providers/default/ciphers/cipher_tdes_wrap.c index b48b3c9733..1ee0044489 100644 --- a/providers/default/ciphers/cipher_tdes_wrap.c +++ b/providers/default/ciphers/cipher_tdes_wrap.c @@ -15,9 +15,9 @@ #include "internal/providercommonerr.h" /* TODO (3.0) Figure out what flags are requred */ -#define TDES_WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV \ - | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_FLAG_DEFAULT_ASN1) +#define TDES_WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ + | EVP_CIPH_CUSTOM_IV \ + | EVP_CIPH_FLAG_CUSTOM_CIPHER) static OSSL_OP_cipher_update_fn tdes_wrap_update; -- 2.40.0