Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
3bbe2057
Commit
3bbe2057
authored
Mar 25, 2015
by
Sergei Golubchik
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
yassl support
parent
2f8d101f
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
72 additions
and
39 deletions
+72
-39
include/my_crypt.h
include/my_crypt.h
+9
-9
mysys_ssl/my_crypt.cc
mysys_ssl/my_crypt.cc
+63
-30
No files found.
include/my_crypt.h
View file @
3bbe2057
...
@@ -17,14 +17,15 @@
...
@@ -17,14 +17,15 @@
// TODO: Add Windows support
// TODO: Add Windows support
#ifndef MY
SYS_MY_CRYPT_H_
#ifndef MY
_CRYPT_INCLUDED
#define MY
SYS_MY_CRYPT_H_
#define MY
_CRYPT_INCLUDED
#include <my_aes.h>
#include <my_aes.h>
#if !defined(HAVE_YASSL) && defined(HAVE_OPENSSL)
C_MODE_START
C_MODE_START
#ifdef HAVE_EncryptAes128Ctr
Crypt_result
my_aes_encrypt_ctr
(
const
uchar
*
source
,
uint32
source_length
,
Crypt_result
my_aes_encrypt_ctr
(
const
uchar
*
source
,
uint32
source_length
,
uchar
*
dest
,
uint32
*
dest_length
,
uchar
*
dest
,
uint32
*
dest_length
,
const
unsigned
char
*
key
,
uint8
key_length
,
const
unsigned
char
*
key
,
uint8
key_length
,
...
@@ -37,6 +38,8 @@ Crypt_result my_aes_decrypt_ctr(const uchar* source, uint32 source_length,
...
@@ -37,6 +38,8 @@ Crypt_result my_aes_decrypt_ctr(const uchar* source, uint32 source_length,
const
unsigned
char
*
iv
,
uint8
iv_length
,
const
unsigned
char
*
iv
,
uint8
iv_length
,
uint
no_padding
);
uint
no_padding
);
#endif
Crypt_result
my_aes_encrypt_cbc
(
const
uchar
*
source
,
uint32
source_length
,
Crypt_result
my_aes_encrypt_cbc
(
const
uchar
*
source
,
uint32
source_length
,
uchar
*
dest
,
uint32
*
dest_length
,
uchar
*
dest
,
uint32
*
dest_length
,
const
unsigned
char
*
key
,
uint8
key_length
,
const
unsigned
char
*
key
,
uint8
key_length
,
...
@@ -60,12 +63,9 @@ Crypt_result my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
...
@@ -60,12 +63,9 @@ Crypt_result my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
const
unsigned
char
*
key
,
uint8
key_length
,
const
unsigned
char
*
key
,
uint8
key_length
,
const
unsigned
char
*
iv
,
uint8
iv_length
,
const
unsigned
char
*
iv
,
uint8
iv_length
,
uint
no_padding
);
uint
no_padding
);
C_MODE_END
#endif
/* !defined(HAVE_YASSL) && defined(HAVE_OPENSSL) */
C_MODE_START
Crypt_result
my_random_bytes
(
uchar
*
buf
,
int
num
);
Crypt_result
my_random_bytes
(
uchar
*
buf
,
int
num
);
C_MODE_END
C_MODE_END
#endif
/* MY
SYS_MY_CRYPT_H_
*/
#endif
/* MY
_CRYPT_INCLUDED
*/
mysys_ssl/my_crypt.cc
View file @
3bbe2057
...
@@ -15,49 +15,84 @@
...
@@ -15,49 +15,84 @@
along with this program; if not, write to the Free Software
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
/*
TODO: add support for YASSL
*/
#include <my_global.h>
#include <my_global.h>
#include <my_crypt.h>
#include <my_crypt.h>
#ifdef HAVE_EncryptAes128Ctr
// TODO
// different key lengths
#ifdef HAVE_YASSL
#include "aes.hpp"
typedef
TaoCrypt
::
CipherDir
Dir
;
static
const
Dir
CRYPT_ENCRYPT
=
TaoCrypt
::
ENCRYPTION
;
static
const
Dir
CRYPT_DECRYPT
=
TaoCrypt
::
DECRYPTION
;
typedef
TaoCrypt
::
Mode
CipherMode
;
static
inline
CipherMode
EVP_aes_128_ecb
()
{
return
TaoCrypt
::
ECB
;
}
static
inline
CipherMode
EVP_aes_128_cbc
()
{
return
TaoCrypt
::
CBC
;
}
typedef
TaoCrypt
::
byte
KeyByte
;
#else
#include <openssl/evp.h>
#include <openssl/evp.h>
#include <openssl/aes.h>
#include <openssl/aes.h>
static
const
int
CRYPT_ENCRYPT
=
1
;
typedef
int
Dir
;
static
const
int
CRYPT_DECRYPT
=
0
;
static
const
Dir
CRYPT_ENCRYPT
=
1
;
static
const
Dir
CRYPT_DECRYPT
=
0
;
C_MODE_START
typedef
const
EVP_CIPHER
*
CipherMode
;
struct
MyCTX
:
EVP_CIPHER_CTX
{
MyCTX
()
{
EVP_CIPHER_CTX_init
(
this
);
}
~
MyCTX
()
{
EVP_CIPHER_CTX_cleanup
(
this
);
}
};
typedef
uchar
KeyByte
;
#endif
static
int
do_crypt
(
const
EVP_CIPHER
*
cipher
,
int
encrypt
,
static
int
do_crypt
(
CipherMode
cipher
,
Dir
dir
,
const
uchar
*
source
,
uint32
source_length
,
const
uchar
*
source
,
uint32
source_length
,
uchar
*
dest
,
uint32
*
dest_length
,
uchar
*
dest
,
uint32
*
dest_length
,
const
uchar
*
key
,
uint8
key_length
,
const
KeyByte
*
key
,
uint8
key_length
,
const
uchar
*
iv
,
uint8
iv_length
,
int
no_padding
)
const
KeyByte
*
iv
,
uint8
iv_length
,
int
no_padding
)
{
{
int
res
=
AES_OPENSSL_ERROR
,
fin
;
int
tail
=
no_padding
?
source_length
%
MY_AES_BLOCK_SIZE
:
0
;
int
tail
=
no_padding
?
source_length
%
MY_AES_BLOCK_SIZE
:
0
;
DBUG_ASSERT
(
source_length
-
tail
>=
MY_AES_BLOCK_SIZE
);
#ifdef HAVE_YASSL
TaoCrypt
::
AES
ctx
(
dir
,
cipher
);
EVP_CIPHER_CTX
ctx
;
ctx
.
SetKey
(
key
,
key_length
);
EVP_CIPHER_CTX_init
(
&
ctx
);
if
(
iv
)
if
(
!
EVP_CipherInit_ex
(
&
ctx
,
cipher
,
NULL
,
key
,
iv
,
encrypt
))
{
goto
err
;
ctx
.
SetIV
(
iv
);
DBUG_ASSERT
(
TaoCrypt
::
AES
::
BLOCK_SIZE
==
iv_length
);
}
DBUG_ASSERT
(
TaoCrypt
::
AES
::
BLOCK_SIZE
==
MY_AES_BLOCK_SIZE
);
ctx
.
Process
(
dest
,
source
,
source_length
-
tail
);
*
dest_length
=
source_length
;
#else // HAVE_OPENSSL
int
fin
;
struct
MyCTX
ctx
;
if
(
!
EVP_CipherInit_ex
(
&
ctx
,
cipher
,
NULL
,
key
,
iv
,
dir
))
return
AES_OPENSSL_ERROR
;
EVP_CIPHER_CTX_set_padding
(
&
ctx
,
!
no_padding
);
EVP_CIPHER_CTX_set_padding
(
&
ctx
,
!
no_padding
);
DBUG_ASSERT
(
EVP_CIPHER_CTX_key_length
(
&
ctx
)
==
key_length
);
DBUG_ASSERT
(
EVP_CIPHER_CTX_key_length
(
&
ctx
)
==
key_length
);
DBUG_ASSERT
(
EVP_CIPHER_CTX_iv_length
(
&
ctx
)
==
iv_length
||
!
EVP_CIPHER_CTX_iv_length
(
&
ctx
)
);
DBUG_ASSERT
(
EVP_CIPHER_CTX_iv_length
(
&
ctx
)
==
iv_length
);
DBUG_ASSERT
(
EVP_CIPHER_CTX_block_size
(
&
ctx
)
==
MY_AES_BLOCK_SIZE
||
!
no_padding
);
DBUG_ASSERT
(
EVP_CIPHER_CTX_block_size
(
&
ctx
)
==
MY_AES_BLOCK_SIZE
||
!
no_padding
);
if
(
!
EVP_CipherUpdate
(
&
ctx
,
dest
,
(
int
*
)
dest_length
,
source
,
source_length
-
tail
))
if
(
!
EVP_CipherUpdate
(
&
ctx
,
dest
,
(
int
*
)
dest_length
,
source
,
source_length
-
tail
))
goto
err
;
return
AES_OPENSSL_ERROR
;
if
(
!
EVP_CipherFinal_ex
(
&
ctx
,
dest
+
*
dest_length
,
&
fin
))
if
(
!
EVP_CipherFinal_ex
(
&
ctx
,
dest
+
*
dest_length
,
&
fin
))
goto
err
;
return
AES_OPENSSL_ERROR
;
*
dest_length
+=
fin
;
*
dest_length
+=
fin
;
#endif
if
(
tail
)
if
(
tail
)
{
{
/*
/*
...
@@ -66,25 +101,24 @@ static int do_crypt(const EVP_CIPHER *cipher, int encrypt,
...
@@ -66,25 +101,24 @@ static int do_crypt(const EVP_CIPHER *cipher, int encrypt,
What we do here, we XOR the tail with the previous encrypted block.
What we do here, we XOR the tail with the previous encrypted block.
*/
*/
DBUG_ASSERT
(
source_length
-
tail
==
*
dest_length
);
DBUG_ASSERT
(
source_length
-
tail
>
MY_AES_BLOCK_SIZE
);
const
uchar
*
s
=
source
+
source_length
-
tail
;
const
uchar
*
s
=
source
+
source_length
-
tail
;
const
uchar
*
e
=
source
+
source_length
;
const
uchar
*
e
=
source
+
source_length
;
uchar
*
d
=
dest
+
source_length
-
tail
;
uchar
*
d
=
dest
+
source_length
-
tail
;
const
uchar
*
m
=
(
encrypt
?
d
:
s
)
-
MY_AES_BLOCK_SIZE
;
const
uchar
*
m
=
(
dir
==
CRYPT_ENCRYPT
?
d
:
s
)
-
MY_AES_BLOCK_SIZE
;
while
(
s
<
e
)
while
(
s
<
e
)
*
d
++
=
*
s
++
^
*
m
++
;
*
d
++
=
*
s
++
^
*
m
++
;
*
dest_length
=
source_length
;
*
dest_length
=
source_length
;
}
}
res
=
AES_OK
;
return
AES_OK
;
err:
EVP_CIPHER_CTX_cleanup
(
&
ctx
);
return
res
;
}
}
C_MODE_START
/* CTR is a stream cypher mode, it needs no special padding code */
/* CTR is a stream cypher mode, it needs no special padding code */
#ifdef HAVE_EncryptAes128Ctr
int
my_aes_encrypt_ctr
(
const
uchar
*
source
,
uint32
source_length
,
int
my_aes_encrypt_ctr
(
const
uchar
*
source
,
uint32
source_length
,
uchar
*
dest
,
uint32
*
dest_length
,
uchar
*
dest
,
uint32
*
dest_length
,
const
uchar
*
key
,
uint8
key_length
,
const
uchar
*
key
,
uint8
key_length
,
...
@@ -106,6 +140,7 @@ int my_aes_decrypt_ctr(const uchar* source, uint32 source_length,
...
@@ -106,6 +140,7 @@ int my_aes_decrypt_ctr(const uchar* source, uint32 source_length,
dest
,
dest_length
,
key
,
key_length
,
iv
,
iv_length
,
0
);
dest
,
dest_length
,
key
,
key_length
,
iv
,
iv_length
,
0
);
}
}
#endif
/* HAVE_EncryptAes128Ctr */
int
my_aes_encrypt_ecb
(
const
uchar
*
source
,
uint32
source_length
,
int
my_aes_encrypt_ecb
(
const
uchar
*
source
,
uint32
source_length
,
uchar
*
dest
,
uint32
*
dest_length
,
uchar
*
dest
,
uint32
*
dest_length
,
...
@@ -114,7 +149,7 @@ int my_aes_encrypt_ecb(const uchar* source, uint32 source_length,
...
@@ -114,7 +149,7 @@ int my_aes_encrypt_ecb(const uchar* source, uint32 source_length,
uint
no_padding
)
uint
no_padding
)
{
{
return
do_crypt
(
EVP_aes_128_ecb
(),
CRYPT_ENCRYPT
,
source
,
source_length
,
return
do_crypt
(
EVP_aes_128_ecb
(),
CRYPT_ENCRYPT
,
source
,
source_length
,
dest
,
dest_length
,
key
,
key_length
,
iv
,
iv_length
,
no_padding
);
dest
,
dest_length
,
key
,
key_length
,
0
,
0
,
no_padding
);
}
}
int
my_aes_decrypt_ecb
(
const
uchar
*
source
,
uint32
source_length
,
int
my_aes_decrypt_ecb
(
const
uchar
*
source
,
uint32
source_length
,
...
@@ -124,7 +159,7 @@ int my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
...
@@ -124,7 +159,7 @@ int my_aes_decrypt_ecb(const uchar* source, uint32 source_length,
uint
no_padding
)
uint
no_padding
)
{
{
return
do_crypt
(
EVP_aes_128_ecb
(),
CRYPT_DECRYPT
,
source
,
source_length
,
return
do_crypt
(
EVP_aes_128_ecb
(),
CRYPT_DECRYPT
,
source
,
source_length
,
dest
,
dest_length
,
key
,
key_length
,
iv
,
iv_length
,
no_padding
);
dest
,
dest_length
,
key
,
key_length
,
0
,
0
,
no_padding
);
}
}
int
my_aes_encrypt_cbc
(
const
uchar
*
source
,
uint32
source_length
,
int
my_aes_encrypt_cbc
(
const
uchar
*
source
,
uint32
source_length
,
...
@@ -149,8 +184,6 @@ int my_aes_decrypt_cbc(const uchar* source, uint32 source_length,
...
@@ -149,8 +184,6 @@ int my_aes_decrypt_cbc(const uchar* source, uint32 source_length,
C_MODE_END
C_MODE_END
#endif
/* HAVE_EncryptAes128Ctr */
#if defined(HAVE_YASSL)
#if defined(HAVE_YASSL)
#include <random.hpp>
#include <random.hpp>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment