Commit 3bbe2057 authored by Sergei Golubchik's avatar Sergei Golubchik

yassl support

parent 2f8d101f
...@@ -17,14 +17,15 @@ ...@@ -17,14 +17,15 @@
// TODO: Add Windows support // TODO: Add Windows support
#ifndef MYSYS_MY_CRYPT_H_ #ifndef MY_CRYPT_INCLUDED
#define MYSYS_MY_CRYPT_H_ #define MY_CRYPT_INCLUDED
#include <my_aes.h> #include <my_aes.h>
#if !defined(HAVE_YASSL) && defined(HAVE_OPENSSL)
C_MODE_START C_MODE_START
#ifdef HAVE_EncryptAes128Ctr
Crypt_result my_aes_encrypt_ctr(const uchar* source, uint32 source_length, Crypt_result my_aes_encrypt_ctr(const uchar* source, uint32 source_length,
uchar* dest, uint32* dest_length, uchar* dest, uint32* dest_length,
const unsigned char* key, uint8 key_length, const unsigned char* key, uint8 key_length,
...@@ -37,6 +38,8 @@ Crypt_result my_aes_decrypt_ctr(const uchar* source, uint32 source_length, ...@@ -37,6 +38,8 @@ Crypt_result my_aes_decrypt_ctr(const uchar* source, uint32 source_length,
const unsigned char* iv, uint8 iv_length, const unsigned char* iv, uint8 iv_length,
uint no_padding); uint no_padding);
#endif
Crypt_result my_aes_encrypt_cbc(const uchar* source, uint32 source_length, Crypt_result my_aes_encrypt_cbc(const uchar* source, uint32 source_length,
uchar* dest, uint32* dest_length, uchar* dest, uint32* dest_length,
const unsigned char* key, uint8 key_length, const unsigned char* key, uint8 key_length,
...@@ -60,12 +63,9 @@ Crypt_result my_aes_decrypt_ecb(const uchar* source, uint32 source_length, ...@@ -60,12 +63,9 @@ Crypt_result my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
const unsigned char* key, uint8 key_length, const unsigned char* key, uint8 key_length,
const unsigned char* iv, uint8 iv_length, const unsigned char* iv, uint8 iv_length,
uint no_padding); uint no_padding);
C_MODE_END
#endif /* !defined(HAVE_YASSL) && defined(HAVE_OPENSSL) */
C_MODE_START
Crypt_result my_random_bytes(uchar* buf, int num); Crypt_result my_random_bytes(uchar* buf, int num);
C_MODE_END C_MODE_END
#endif /* MYSYS_MY_CRYPT_H_ */ #endif /* MY_CRYPT_INCLUDED */
...@@ -15,49 +15,84 @@ ...@@ -15,49 +15,84 @@
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
/*
TODO: add support for YASSL
*/
#include <my_global.h> #include <my_global.h>
#include <my_crypt.h> #include <my_crypt.h>
#ifdef HAVE_EncryptAes128Ctr // TODO
// different key lengths
#ifdef HAVE_YASSL
#include "aes.hpp"
typedef TaoCrypt::CipherDir Dir;
static const Dir CRYPT_ENCRYPT = TaoCrypt::ENCRYPTION;
static const Dir CRYPT_DECRYPT = TaoCrypt::DECRYPTION;
typedef TaoCrypt::Mode CipherMode;
static inline CipherMode EVP_aes_128_ecb() { return TaoCrypt::ECB; }
static inline CipherMode EVP_aes_128_cbc() { return TaoCrypt::CBC; }
typedef TaoCrypt::byte KeyByte;
#else
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/aes.h> #include <openssl/aes.h>
static const int CRYPT_ENCRYPT = 1; typedef int Dir;
static const int CRYPT_DECRYPT = 0; static const Dir CRYPT_ENCRYPT = 1;
static const Dir CRYPT_DECRYPT = 0;
C_MODE_START typedef const EVP_CIPHER *CipherMode;
struct MyCTX : EVP_CIPHER_CTX {
MyCTX() { EVP_CIPHER_CTX_init(this); }
~MyCTX() { EVP_CIPHER_CTX_cleanup(this); }
};
typedef uchar KeyByte;
#endif
static int do_crypt(const EVP_CIPHER *cipher, int encrypt, static int do_crypt(CipherMode cipher, Dir dir,
const uchar* source, uint32 source_length, const uchar* source, uint32 source_length,
uchar* dest, uint32* dest_length, uchar* dest, uint32* dest_length,
const uchar* key, uint8 key_length, const KeyByte *key, uint8 key_length,
const uchar* iv, uint8 iv_length, int no_padding) const KeyByte *iv, uint8 iv_length, int no_padding)
{ {
int res= AES_OPENSSL_ERROR, fin;
int tail= no_padding ? source_length % MY_AES_BLOCK_SIZE : 0; int tail= no_padding ? source_length % MY_AES_BLOCK_SIZE : 0;
DBUG_ASSERT(source_length - tail >= MY_AES_BLOCK_SIZE);
#ifdef HAVE_YASSL
TaoCrypt::AES ctx(dir, cipher);
EVP_CIPHER_CTX ctx; ctx.SetKey(key, key_length);
EVP_CIPHER_CTX_init(&ctx); if (iv)
if (!EVP_CipherInit_ex(&ctx, cipher, NULL, key, iv, encrypt)) {
goto err; ctx.SetIV(iv);
DBUG_ASSERT(TaoCrypt::AES::BLOCK_SIZE == iv_length);
}
DBUG_ASSERT(TaoCrypt::AES::BLOCK_SIZE == MY_AES_BLOCK_SIZE);
ctx.Process(dest, source, source_length - tail);
*dest_length= source_length;
#else // HAVE_OPENSSL
int fin;
struct MyCTX ctx;
if (!EVP_CipherInit_ex(&ctx, cipher, NULL, key, iv, dir))
return AES_OPENSSL_ERROR;
EVP_CIPHER_CTX_set_padding(&ctx, !no_padding); EVP_CIPHER_CTX_set_padding(&ctx, !no_padding);
DBUG_ASSERT(EVP_CIPHER_CTX_key_length(&ctx) == key_length); DBUG_ASSERT(EVP_CIPHER_CTX_key_length(&ctx) == key_length);
DBUG_ASSERT(EVP_CIPHER_CTX_iv_length(&ctx) == iv_length || !EVP_CIPHER_CTX_iv_length(&ctx)); DBUG_ASSERT(EVP_CIPHER_CTX_iv_length(&ctx) == iv_length);
DBUG_ASSERT(EVP_CIPHER_CTX_block_size(&ctx) == MY_AES_BLOCK_SIZE || !no_padding); DBUG_ASSERT(EVP_CIPHER_CTX_block_size(&ctx) == MY_AES_BLOCK_SIZE || !no_padding);
if (!EVP_CipherUpdate(&ctx, dest, (int*)dest_length, source, source_length - tail)) if (!EVP_CipherUpdate(&ctx, dest, (int*)dest_length, source, source_length - tail))
goto err; return AES_OPENSSL_ERROR;
if (!EVP_CipherFinal_ex(&ctx, dest + *dest_length, &fin)) if (!EVP_CipherFinal_ex(&ctx, dest + *dest_length, &fin))
goto err; return AES_OPENSSL_ERROR;
*dest_length += fin; *dest_length += fin;
#endif
if (tail) if (tail)
{ {
/* /*
...@@ -66,25 +101,24 @@ static int do_crypt(const EVP_CIPHER *cipher, int encrypt, ...@@ -66,25 +101,24 @@ static int do_crypt(const EVP_CIPHER *cipher, int encrypt,
What we do here, we XOR the tail with the previous encrypted block. What we do here, we XOR the tail with the previous encrypted block.
*/ */
DBUG_ASSERT(source_length - tail == *dest_length);
DBUG_ASSERT(source_length - tail > MY_AES_BLOCK_SIZE);
const uchar *s= source + source_length - tail; const uchar *s= source + source_length - tail;
const uchar *e= source + source_length; const uchar *e= source + source_length;
uchar *d= dest + source_length - tail; uchar *d= dest + source_length - tail;
const uchar *m= (encrypt ? d : s) - MY_AES_BLOCK_SIZE; const uchar *m= (dir == CRYPT_ENCRYPT ? d : s) - MY_AES_BLOCK_SIZE;
while (s < e) while (s < e)
*d++ = *s++ ^ *m++; *d++ = *s++ ^ *m++;
*dest_length= source_length; *dest_length= source_length;
} }
res= AES_OK; return AES_OK;
err:
EVP_CIPHER_CTX_cleanup(&ctx);
return res;
} }
C_MODE_START
/* CTR is a stream cypher mode, it needs no special padding code */ /* CTR is a stream cypher mode, it needs no special padding code */
#ifdef HAVE_EncryptAes128Ctr
int my_aes_encrypt_ctr(const uchar* source, uint32 source_length, int my_aes_encrypt_ctr(const uchar* source, uint32 source_length,
uchar* dest, uint32* dest_length, uchar* dest, uint32* dest_length,
const uchar* key, uint8 key_length, const uchar* key, uint8 key_length,
...@@ -106,6 +140,7 @@ int my_aes_decrypt_ctr(const uchar* source, uint32 source_length, ...@@ -106,6 +140,7 @@ int my_aes_decrypt_ctr(const uchar* source, uint32 source_length,
dest, dest_length, key, key_length, iv, iv_length, 0); dest, dest_length, key, key_length, iv, iv_length, 0);
} }
#endif /* HAVE_EncryptAes128Ctr */
int my_aes_encrypt_ecb(const uchar* source, uint32 source_length, int my_aes_encrypt_ecb(const uchar* source, uint32 source_length,
uchar* dest, uint32* dest_length, uchar* dest, uint32* dest_length,
...@@ -114,7 +149,7 @@ int my_aes_encrypt_ecb(const uchar* source, uint32 source_length, ...@@ -114,7 +149,7 @@ int my_aes_encrypt_ecb(const uchar* source, uint32 source_length,
uint no_padding) uint no_padding)
{ {
return do_crypt(EVP_aes_128_ecb(), CRYPT_ENCRYPT, source, source_length, return do_crypt(EVP_aes_128_ecb(), CRYPT_ENCRYPT, source, source_length,
dest, dest_length, key, key_length, iv, iv_length, no_padding); dest, dest_length, key, key_length, 0, 0, no_padding);
} }
int my_aes_decrypt_ecb(const uchar* source, uint32 source_length, int my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
...@@ -124,7 +159,7 @@ int my_aes_decrypt_ecb(const uchar* source, uint32 source_length, ...@@ -124,7 +159,7 @@ int my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
uint no_padding) uint no_padding)
{ {
return do_crypt(EVP_aes_128_ecb(), CRYPT_DECRYPT, source, source_length, return do_crypt(EVP_aes_128_ecb(), CRYPT_DECRYPT, source, source_length,
dest, dest_length, key, key_length, iv, iv_length, no_padding); dest, dest_length, key, key_length, 0, 0, no_padding);
} }
int my_aes_encrypt_cbc(const uchar* source, uint32 source_length, int my_aes_encrypt_cbc(const uchar* source, uint32 source_length,
...@@ -149,8 +184,6 @@ int my_aes_decrypt_cbc(const uchar* source, uint32 source_length, ...@@ -149,8 +184,6 @@ int my_aes_decrypt_cbc(const uchar* source, uint32 source_length,
C_MODE_END C_MODE_END
#endif /* HAVE_EncryptAes128Ctr */
#if defined(HAVE_YASSL) #if defined(HAVE_YASSL)
#include <random.hpp> #include <random.hpp>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment