[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-285-g3ca180b
by Werner Koch
cvs at cvs.gnupg.org
Tue Oct 1 22:35:20 CEST 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 3ca180b25e8df252fc16f802cfdc27496e307830 (commit)
via 4153fa859816e799e506055321a22e6450aacdcc (commit)
from 738177ec0eae05069ec61bc4f724a69d4e052e42 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3ca180b25e8df252fc16f802cfdc27496e307830
Author: Werner Koch <wk at gnupg.org>
Date: Tue Oct 1 22:00:50 2013 +0200
cipher: Simplify the cipher dispatcher cipher.c.
* src/gcrypt-module.h (gcry_cipher_spec_t): Move to ...
* src/cipher-proto.h (gcry_cipher_spec_t): here. Merge with
cipher_extra_spec_t. Add fields ALGO and FLAGS. Set these fields in
all cipher modules.
* cipher/cipher.c: Change most code to replace the former module
system by a simpler system to gain information about the algorithms.
(disable_pubkey_algo): Simplified. Not anymore thread-safe, though.
* cipher/md.c (_gcry_md_selftest): Use correct structure. Not a real
problem because both define the same function as their first field.
* cipher/pubkey.c (_gcry_pk_selftest): Take care of the disabled flag.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/cipher/arcfour.c b/cipher/arcfour.c
index 6ef07fb..dc32b07 100644
--- a/cipher/arcfour.c
+++ b/cipher/arcfour.c
@@ -150,6 +150,7 @@ selftest(void)
gcry_cipher_spec_t _gcry_cipher_spec_arcfour =
{
+ GCRY_CIPHER_ARCFOUR, {0, 0},
"ARCFOUR", NULL, NULL, 1, 128, sizeof (ARCFOUR_context),
arcfour_setkey, NULL, NULL, encrypt_stream, encrypt_stream,
};
diff --git a/cipher/blowfish.c b/cipher/blowfish.c
index 61042ed..2f739c8 100644
--- a/cipher/blowfish.c
+++ b/cipher/blowfish.c
@@ -960,6 +960,7 @@ bf_setkey (void *context, const byte *key, unsigned keylen)
gcry_cipher_spec_t _gcry_cipher_spec_blowfish =
{
+ GCRY_CIPHER_BLOWFISH, {0, 0},
"BLOWFISH", NULL, NULL, BLOWFISH_BLOCKSIZE, 128,
sizeof (BLOWFISH_context),
bf_setkey, encrypt_block, decrypt_block
diff --git a/cipher/camellia-glue.c b/cipher/camellia-glue.c
index 2842c3b..29cb7a5 100644
--- a/cipher/camellia-glue.c
+++ b/cipher/camellia-glue.c
@@ -691,18 +691,21 @@ static gcry_cipher_oid_spec_t camellia256_oids[] =
gcry_cipher_spec_t _gcry_cipher_spec_camellia128 =
{
+ GCRY_CIPHER_CAMELLIA128, {0, 0},
"CAMELLIA128",NULL,camellia128_oids,CAMELLIA_BLOCK_SIZE,128,
sizeof(CAMELLIA_context),camellia_setkey,camellia_encrypt,camellia_decrypt
};
gcry_cipher_spec_t _gcry_cipher_spec_camellia192 =
{
+ GCRY_CIPHER_CAMELLIA192, {0, 0},
"CAMELLIA192",NULL,camellia192_oids,CAMELLIA_BLOCK_SIZE,192,
sizeof(CAMELLIA_context),camellia_setkey,camellia_encrypt,camellia_decrypt
};
gcry_cipher_spec_t _gcry_cipher_spec_camellia256 =
{
+ GCRY_CIPHER_CAMELLIA256, {0, 0},
"CAMELLIA256",NULL,camellia256_oids,CAMELLIA_BLOCK_SIZE,256,
sizeof(CAMELLIA_context),camellia_setkey,camellia_encrypt,camellia_decrypt
};
diff --git a/cipher/cast5.c b/cipher/cast5.c
index ae6b509..92d9af8 100644
--- a/cipher/cast5.c
+++ b/cipher/cast5.c
@@ -983,6 +983,7 @@ cast_setkey (void *context, const byte *key, unsigned keylen )
gcry_cipher_spec_t _gcry_cipher_spec_cast5 =
{
+ GCRY_CIPHER_CAST5, {0, 0},
"CAST5", NULL, NULL, CAST5_BLOCKSIZE, 128, sizeof (CAST5_context),
cast_setkey, encrypt_block, decrypt_block
};
diff --git a/cipher/cipher-aeswrap.c b/cipher/cipher-aeswrap.c
index 931dec1..03b0ea7 100644
--- a/cipher/cipher-aeswrap.c
+++ b/cipher/cipher-aeswrap.c
@@ -48,7 +48,7 @@ _gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c,
#error Invalid block size
#endif
/* We require a cipher with a 128 bit block length. */
- if (c->cipher->blocksize != 16)
+ if (c->spec->blocksize != 16)
return GPG_ERR_INV_LENGTH;
/* The output buffer must be able to hold the input data plus one
@@ -90,7 +90,7 @@ _gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c,
/* B := AES_k( A | R[i] ) */
memcpy (b, a, 8);
memcpy (b+8, r+i*8, 8);
- nburn = c->cipher->encrypt (&c->context.c, b, b);
+ nburn = c->spec->encrypt (&c->context.c, b, b);
burn = nburn > burn ? nburn : burn;
/* t := t + 1 */
for (x = 7; x >= 0; x--)
@@ -130,7 +130,7 @@ _gcry_cipher_aeswrap_decrypt (gcry_cipher_hd_t c,
#error Invalid block size
#endif
/* We require a cipher with a 128 bit block length. */
- if (c->cipher->blocksize != 16)
+ if (c->spec->blocksize != 16)
return GPG_ERR_INV_LENGTH;
/* The output buffer must be able to hold the input data minus one
@@ -173,7 +173,7 @@ _gcry_cipher_aeswrap_decrypt (gcry_cipher_hd_t c,
/* B := AES_k^1( (A ^ t)| R[i] ) */
buf_xor(b, a, t, 8);
memcpy (b+8, r+(i-1)*8, 8);
- nburn = c->cipher->decrypt (&c->context.c, b, b);
+ nburn = c->spec->decrypt (&c->context.c, b, b);
burn = nburn > burn ? nburn : burn;
/* t := t - 1 */
for (x = 7; x >= 0; x--)
diff --git a/cipher/cipher-cbc.c b/cipher/cipher-cbc.c
index 55a1c74..523f5a6 100644
--- a/cipher/cipher-cbc.c
+++ b/cipher/cipher-cbc.c
@@ -40,15 +40,15 @@ _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c,
unsigned int n;
unsigned char *ivp;
int i;
- size_t blocksize = c->cipher->blocksize;
+ size_t blocksize = c->spec->blocksize;
unsigned nblocks = inbuflen / blocksize;
unsigned int burn, nburn;
if (outbuflen < ((c->flags & GCRY_CIPHER_CBC_MAC)? blocksize : inbuflen))
return GPG_ERR_BUFFER_TOO_SHORT;
- if ((inbuflen % c->cipher->blocksize)
- && !(inbuflen > c->cipher->blocksize
+ if ((inbuflen % c->spec->blocksize)
+ && !(inbuflen > c->spec->blocksize
&& (c->flags & GCRY_CIPHER_CBC_CTS)))
return GPG_ERR_INV_LENGTH;
@@ -73,7 +73,7 @@ _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c,
for (n=0; n < nblocks; n++ )
{
buf_xor(outbuf, inbuf, c->u_iv.iv, blocksize);
- nburn = c->cipher->encrypt ( &c->context.c, outbuf, outbuf );
+ nburn = c->spec->encrypt ( &c->context.c, outbuf, outbuf );
burn = nburn > burn ? nburn : burn;
memcpy (c->u_iv.iv, outbuf, blocksize );
inbuf += blocksize;
@@ -104,7 +104,7 @@ _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c,
for (; i < blocksize; i++)
outbuf[i] = 0 ^ *ivp++;
- nburn = c->cipher->encrypt (&c->context.c, outbuf, outbuf);
+ nburn = c->spec->encrypt (&c->context.c, outbuf, outbuf);
burn = nburn > burn ? nburn : burn;
memcpy (c->u_iv.iv, outbuf, blocksize);
}
@@ -123,15 +123,15 @@ _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c,
{
unsigned int n;
int i;
- size_t blocksize = c->cipher->blocksize;
+ size_t blocksize = c->spec->blocksize;
unsigned int nblocks = inbuflen / blocksize;
unsigned int burn, nburn;
if (outbuflen < inbuflen)
return GPG_ERR_BUFFER_TOO_SHORT;
- if ((inbuflen % c->cipher->blocksize)
- && !(inbuflen > c->cipher->blocksize
+ if ((inbuflen % c->spec->blocksize)
+ && !(inbuflen > c->spec->blocksize
&& (c->flags & GCRY_CIPHER_CBC_CTS)))
return GPG_ERR_INV_LENGTH;
@@ -159,12 +159,12 @@ _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c,
* save the original ciphertext block. We use LASTIV for
* this here because it is not used otherwise. */
memcpy (c->lastiv, inbuf, blocksize);
- nburn = c->cipher->decrypt ( &c->context.c, outbuf, inbuf );
+ nburn = c->spec->decrypt ( &c->context.c, outbuf, inbuf );
burn = nburn > burn ? nburn : burn;
buf_xor(outbuf, outbuf, c->u_iv.iv, blocksize);
memcpy(c->u_iv.iv, c->lastiv, blocksize );
- inbuf += c->cipher->blocksize;
- outbuf += c->cipher->blocksize;
+ inbuf += c->spec->blocksize;
+ outbuf += c->spec->blocksize;
}
}
@@ -180,14 +180,14 @@ _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c,
memcpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */
memcpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */
- nburn = c->cipher->decrypt ( &c->context.c, outbuf, inbuf );
+ nburn = c->spec->decrypt ( &c->context.c, outbuf, inbuf );
burn = nburn > burn ? nburn : burn;
buf_xor(outbuf, outbuf, c->u_iv.iv, restbytes);
memcpy(outbuf + blocksize, outbuf, restbytes);
for(i=restbytes; i < blocksize; i++)
c->u_iv.iv[i] = outbuf[i];
- nburn = c->cipher->decrypt (&c->context.c, outbuf, c->u_iv.iv);
+ nburn = c->spec->decrypt (&c->context.c, outbuf, c->u_iv.iv);
burn = nburn > burn ? nburn : burn;
buf_xor(outbuf, outbuf, c->lastiv, blocksize);
/* c->lastiv is now really lastlastiv, does this matter? */
diff --git a/cipher/cipher-cfb.c b/cipher/cipher-cfb.c
index f772280..244f5fd 100644
--- a/cipher/cipher-cfb.c
+++ b/cipher/cipher-cfb.c
@@ -37,7 +37,7 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c,
const unsigned char *inbuf, unsigned int inbuflen)
{
unsigned char *ivp;
- size_t blocksize = c->cipher->blocksize;
+ size_t blocksize = c->spec->blocksize;
size_t blocksize_x_2 = blocksize + blocksize;
unsigned int burn, nburn;
@@ -48,7 +48,7 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c,
{
/* Short enough to be encoded by the remaining XOR mask. */
/* XOR the input with the IV and store input into IV. */
- ivp = c->u_iv.iv + c->cipher->blocksize - c->unused;
+ ivp = c->u_iv.iv + c->spec->blocksize - c->unused;
buf_xor_2dst(outbuf, ivp, inbuf, inbuflen);
c->unused -= inbuflen;
return 0;
@@ -83,7 +83,7 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c,
while ( inbuflen >= blocksize_x_2 )
{
/* Encrypt the IV. */
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
/* XOR the input with the IV and store input into IV. */
buf_xor_2dst(outbuf, c->u_iv.iv, inbuf, blocksize);
@@ -97,7 +97,7 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c,
{
/* Save the current IV and then encrypt the IV. */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
/* XOR the input with the IV and store input into IV */
buf_xor_2dst(outbuf, c->u_iv.iv, inbuf, blocksize);
@@ -109,7 +109,7 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c,
{
/* Save the current IV and then encrypt the IV. */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
c->unused = blocksize;
/* Apply the XOR. */
@@ -133,7 +133,7 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c,
const unsigned char *inbuf, unsigned int inbuflen)
{
unsigned char *ivp;
- size_t blocksize = c->cipher->blocksize;
+ size_t blocksize = c->spec->blocksize;
size_t blocksize_x_2 = blocksize + blocksize;
unsigned int burn, nburn;
@@ -179,7 +179,7 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c,
while (inbuflen >= blocksize_x_2 )
{
/* Encrypt the IV. */
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
/* XOR the input with the IV and store input into IV. */
buf_xor_n_copy(outbuf, c->u_iv.iv, inbuf, blocksize);
@@ -193,7 +193,7 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c,
{
/* Save the current IV and then encrypt the IV. */
memcpy ( c->lastiv, c->u_iv.iv, blocksize);
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
/* XOR the input with the IV and store input into IV */
buf_xor_n_copy(outbuf, c->u_iv.iv, inbuf, blocksize);
@@ -206,7 +206,7 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c,
{
/* Save the current IV and then encrypt the IV. */
memcpy ( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
c->unused = blocksize;
/* Apply the XOR. */
diff --git a/cipher/cipher-ctr.c b/cipher/cipher-ctr.c
index ff1742c..fbc898f 100644
--- a/cipher/cipher-ctr.c
+++ b/cipher/cipher-ctr.c
@@ -38,7 +38,7 @@ _gcry_cipher_ctr_encrypt (gcry_cipher_hd_t c,
{
unsigned int n;
int i;
- unsigned int blocksize = c->cipher->blocksize;
+ unsigned int blocksize = c->spec->blocksize;
unsigned int nblocks;
unsigned int burn, nburn;
@@ -77,7 +77,7 @@ _gcry_cipher_ctr_encrypt (gcry_cipher_hd_t c,
unsigned char tmp[MAX_BLOCKSIZE];
do {
- nburn = c->cipher->encrypt (&c->context.c, tmp, c->u_ctr.ctr);
+ nburn = c->spec->encrypt (&c->context.c, tmp, c->u_ctr.ctr);
burn = nburn > burn ? nburn : burn;
for (i = blocksize; i > 0; i--)
diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h
index 025bf2e..cabcd1f 100644
--- a/cipher/cipher-internal.h
+++ b/cipher/cipher-internal.h
@@ -60,8 +60,7 @@ struct gcry_cipher_handle
int magic;
size_t actual_handle_size; /* Allocated size of this handle. */
size_t handle_offset; /* Offset to the malloced block. */
- gcry_cipher_spec_t *cipher;
- cipher_extra_spec_t *extraspec;
+ gcry_cipher_spec_t *spec;
gcry_module_t module;
/* The algorithm id. This is a hack required because the module
diff --git a/cipher/cipher-ofb.c b/cipher/cipher-ofb.c
index 3fb9b0d..3d9d54c 100644
--- a/cipher/cipher-ofb.c
+++ b/cipher/cipher-ofb.c
@@ -37,7 +37,7 @@ _gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c,
const unsigned char *inbuf, unsigned int inbuflen)
{
unsigned char *ivp;
- size_t blocksize = c->cipher->blocksize;
+ size_t blocksize = c->spec->blocksize;
unsigned int burn, nburn;
if (outbuflen < inbuflen)
@@ -47,7 +47,7 @@ _gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c,
{
/* Short enough to be encoded by the remaining XOR mask. */
/* XOR the input with the IV */
- ivp = c->u_iv.iv + c->cipher->blocksize - c->unused;
+ ivp = c->u_iv.iv + c->spec->blocksize - c->unused;
buf_xor(outbuf, ivp, inbuf, inbuflen);
c->unused -= inbuflen;
return 0;
@@ -70,7 +70,7 @@ _gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c,
{
/* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
buf_xor(outbuf, c->u_iv.iv, inbuf, blocksize);
outbuf += blocksize;
@@ -80,7 +80,7 @@ _gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c,
if ( inbuflen )
{ /* process the remaining bytes */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
c->unused = blocksize;
c->unused -= inbuflen;
@@ -103,7 +103,7 @@ _gcry_cipher_ofb_decrypt (gcry_cipher_hd_t c,
const unsigned char *inbuf, unsigned int inbuflen)
{
unsigned char *ivp;
- size_t blocksize = c->cipher->blocksize;
+ size_t blocksize = c->spec->blocksize;
unsigned int burn, nburn;
if (outbuflen < inbuflen)
@@ -135,7 +135,7 @@ _gcry_cipher_ofb_decrypt (gcry_cipher_hd_t c,
{
/* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
buf_xor(outbuf, c->u_iv.iv, inbuf, blocksize);
outbuf += blocksize;
@@ -146,7 +146,7 @@ _gcry_cipher_ofb_decrypt (gcry_cipher_hd_t c,
{ /* Process the remaining bytes. */
/* Encrypt the IV (and save the current one). */
memcpy( c->lastiv, c->u_iv.iv, blocksize );
- nburn = c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
+ nburn = c->spec->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv );
burn = nburn > burn ? nburn : burn;
c->unused = blocksize;
c->unused -= inbuflen;
diff --git a/cipher/cipher.c b/cipher/cipher.c
index 23cb99c..ca61375 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -1,6 +1,7 @@
/* cipher.c - cipher dispatcher
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* 2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc.
+ * Copyright (C) 2013 g10 Code GmbH
*
* This file is part of Libgcrypt.
*
@@ -29,355 +30,168 @@
#include "ath.h"
#include "./cipher-internal.h"
-/* A dummy extraspec so that we do not need to tests the extraspec
- field from the module specification against NULL and instead
- directly test the respective fields of extraspecs. */
-static cipher_extra_spec_t dummy_extra_spec;
/* This is the list of the default ciphers, which are included in
libgcrypt. */
-static struct cipher_table_entry
-{
- gcry_cipher_spec_t *cipher;
- cipher_extra_spec_t *extraspec;
- unsigned int algorithm;
- int fips_allowed;
-} cipher_table[] =
+static gcry_cipher_spec_t *cipher_list[] =
{
#if USE_BLOWFISH
- { &_gcry_cipher_spec_blowfish,
- &dummy_extra_spec, GCRY_CIPHER_BLOWFISH },
+ &_gcry_cipher_spec_blowfish,
#endif
#if USE_DES
- { &_gcry_cipher_spec_des,
- &dummy_extra_spec, GCRY_CIPHER_DES },
- { &_gcry_cipher_spec_tripledes,
- &_gcry_cipher_extraspec_tripledes, GCRY_CIPHER_3DES, 1 },
+ &_gcry_cipher_spec_des,
+ &_gcry_cipher_spec_tripledes,
#endif
#if USE_ARCFOUR
- { &_gcry_cipher_spec_arcfour,
- &dummy_extra_spec, GCRY_CIPHER_ARCFOUR },
+ &_gcry_cipher_spec_arcfour,
#endif
#if USE_CAST5
- { &_gcry_cipher_spec_cast5,
- &dummy_extra_spec, GCRY_CIPHER_CAST5 },
+ &_gcry_cipher_spec_cast5,
#endif
#if USE_AES
- { &_gcry_cipher_spec_aes,
- &_gcry_cipher_extraspec_aes, GCRY_CIPHER_AES, 1 },
- { &_gcry_cipher_spec_aes192,
- &_gcry_cipher_extraspec_aes192, GCRY_CIPHER_AES192, 1 },
- { &_gcry_cipher_spec_aes256,
- &_gcry_cipher_extraspec_aes256, GCRY_CIPHER_AES256, 1 },
+ &_gcry_cipher_spec_aes,
+ &_gcry_cipher_spec_aes192,
+ &_gcry_cipher_spec_aes256,
#endif
#if USE_TWOFISH
- { &_gcry_cipher_spec_twofish,
- &dummy_extra_spec, GCRY_CIPHER_TWOFISH },
- { &_gcry_cipher_spec_twofish128,
- &dummy_extra_spec, GCRY_CIPHER_TWOFISH128 },
+ &_gcry_cipher_spec_twofish,
+ &_gcry_cipher_spec_twofish128,
#endif
#if USE_SERPENT
- { &_gcry_cipher_spec_serpent128,
- &dummy_extra_spec, GCRY_CIPHER_SERPENT128 },
- { &_gcry_cipher_spec_serpent192,
- &dummy_extra_spec, GCRY_CIPHER_SERPENT192 },
- { &_gcry_cipher_spec_serpent256,
- &dummy_extra_spec, GCRY_CIPHER_SERPENT256 },
+ &_gcry_cipher_spec_serpent128,
+ &_gcry_cipher_spec_serpent192,
+ &_gcry_cipher_spec_serpent256,
#endif
#if USE_RFC2268
- { &_gcry_cipher_spec_rfc2268_40,
- &dummy_extra_spec, GCRY_CIPHER_RFC2268_40 },
- { &_gcry_cipher_spec_rfc2268_128,
- &dummy_extra_spec, GCRY_CIPHER_RFC2268_128 },
+ &_gcry_cipher_spec_rfc2268_40,
+ &_gcry_cipher_spec_rfc2268_128,
#endif
#if USE_SEED
- { &_gcry_cipher_spec_seed,
- &dummy_extra_spec, GCRY_CIPHER_SEED },
+ &_gcry_cipher_spec_seed,
#endif
#if USE_CAMELLIA
- { &_gcry_cipher_spec_camellia128,
- &dummy_extra_spec, GCRY_CIPHER_CAMELLIA128 },
- { &_gcry_cipher_spec_camellia192,
- &dummy_extra_spec, GCRY_CIPHER_CAMELLIA192 },
- { &_gcry_cipher_spec_camellia256,
- &dummy_extra_spec, GCRY_CIPHER_CAMELLIA256 },
+ &_gcry_cipher_spec_camellia128,
+ &_gcry_cipher_spec_camellia192,
+ &_gcry_cipher_spec_camellia256,
#endif
#ifdef USE_IDEA
- { &_gcry_cipher_spec_idea,
- &dummy_extra_spec, GCRY_CIPHER_IDEA },
+ &_gcry_cipher_spec_idea,
#endif
#if USE_SALSA20
- { &_gcry_cipher_spec_salsa20,
- &_gcry_cipher_extraspec_salsa20, GCRY_CIPHER_SALSA20 },
- { &_gcry_cipher_spec_salsa20r12,
- &_gcry_cipher_extraspec_salsa20, GCRY_CIPHER_SALSA20R12 },
+ &_gcry_cipher_spec_salsa20,
+ &_gcry_cipher_spec_salsa20r12,
#endif
#if USE_GOST28147
- { &_gcry_cipher_spec_gost28147,
- &dummy_extra_spec, GCRY_CIPHER_GOST28147 },
+ &_gcry_cipher_spec_gost28147,
#endif
- { NULL }
+ NULL
};
-/* List of registered ciphers. */
-static gcry_module_t ciphers_registered;
-
-/* This is the lock protecting CIPHERS_REGISTERED. It is initialized
- by _gcry_cipher_init. */
-static ath_mutex_t ciphers_registered_lock;
-
-/* Flag to check whether the default ciphers have already been
- registered. */
-static int default_ciphers_registered;
-
-/* Convenient macro for registering the default ciphers. */
-#define REGISTER_DEFAULT_CIPHERS \
- do \
- { \
- ath_mutex_lock (&ciphers_registered_lock); \
- if (! default_ciphers_registered) \
- { \
- cipher_register_default (); \
- default_ciphers_registered = 1; \
- } \
- ath_mutex_unlock (&ciphers_registered_lock); \
- } \
- while (0)
-/* These dummy functions are used in case a cipher implementation
- refuses to provide it's own functions. */
-
-static gcry_err_code_t
-dummy_setkey (void *c, const unsigned char *key, unsigned int keylen)
+static int
+map_algo (int algo)
{
- (void)c;
- (void)key;
- (void)keylen;
- return GPG_ERR_NO_ERROR;
+ return algo;
}
-static unsigned int
-dummy_encrypt_block (void *c,
- unsigned char *outbuf, const unsigned char *inbuf)
-{
- (void)c;
- (void)outbuf;
- (void)inbuf;
- BUG();
- return 0;
-}
-static unsigned int
-dummy_decrypt_block (void *c,
- unsigned char *outbuf, const unsigned char *inbuf)
+/* Return the spec structure for the cipher algorithm ALGO. For
+ an unknown algorithm NULL is returned. */
+static gcry_cipher_spec_t *
+spec_from_algo (int algo)
{
- (void)c;
- (void)outbuf;
- (void)inbuf;
- BUG();
- return 0;
-}
+ int idx;
+ gcry_cipher_spec_t *spec;
-static void
-dummy_encrypt_stream (void *c,
- unsigned char *outbuf, const unsigned char *inbuf,
- unsigned int n)
-{
- (void)c;
- (void)outbuf;
- (void)inbuf;
- (void)n;
- BUG();
-}
+ algo = map_algo (algo);
-static void
-dummy_decrypt_stream (void *c,
- unsigned char *outbuf, const unsigned char *inbuf,
- unsigned int n)
-{
- (void)c;
- (void)outbuf;
- (void)inbuf;
- (void)n;
- BUG();
+ for (idx = 0; (spec = cipher_list[idx]); idx++)
+ if (algo == spec->algo)
+ return spec;
+ return NULL;
}
-
-/* Internal function. Register all the ciphers included in
- CIPHER_TABLE. Note, that this function gets only used by the macro
- REGISTER_DEFAULT_CIPHERS which protects it using a mutex. */
-static void
-cipher_register_default (void)
+
+/* Lookup a cipher's spec by its name. */
+static gcry_cipher_spec_t *
+spec_from_name (const char *name)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
- int i;
+ gcry_cipher_spec_t *spec;
+ int idx;
+ const char **aliases;
- for (i = 0; !err && cipher_table[i].cipher; i++)
+ for (idx=0; (spec = cipher_list[idx]); idx++)
{
- if (! cipher_table[i].cipher->setkey)
- cipher_table[i].cipher->setkey = dummy_setkey;
- if (! cipher_table[i].cipher->encrypt)
- cipher_table[i].cipher->encrypt = dummy_encrypt_block;
- if (! cipher_table[i].cipher->decrypt)
- cipher_table[i].cipher->decrypt = dummy_decrypt_block;
- if (! cipher_table[i].cipher->stencrypt)
- cipher_table[i].cipher->stencrypt = dummy_encrypt_stream;
- if (! cipher_table[i].cipher->stdecrypt)
- cipher_table[i].cipher->stdecrypt = dummy_decrypt_stream;
-
- if ( fips_mode () && !cipher_table[i].fips_allowed )
- continue;
-
- err = _gcry_module_add (&ciphers_registered,
- cipher_table[i].algorithm,
- (void *) cipher_table[i].cipher,
- (void *) cipher_table[i].extraspec,
- NULL);
+ if (!stricmp (name, spec->name))
+ return spec;
+ if (spec->aliases)
+ {
+ for (aliases = spec->aliases; *aliases; aliases++)
+ if (!stricmp (name, *aliases))
+ return spec;
+ }
}
- if (err)
- BUG ();
+ return NULL;
}
-/* Internal callback function. Used via _gcry_module_lookup. */
-static int
-gcry_cipher_lookup_func_name (void *spec, void *data)
-{
- gcry_cipher_spec_t *cipher = (gcry_cipher_spec_t *) spec;
- char *name = (char *) data;
- const char **aliases = cipher->aliases;
- int i, ret = ! stricmp (name, cipher->name);
-
- if (aliases)
- for (i = 0; aliases[i] && (! ret); i++)
- ret = ! stricmp (name, aliases[i]);
-
- return ret;
-}
-/* Internal callback function. Used via _gcry_module_lookup. */
-static int
-gcry_cipher_lookup_func_oid (void *spec, void *data)
-{
- gcry_cipher_spec_t *cipher = (gcry_cipher_spec_t *) spec;
- char *oid = (char *) data;
- gcry_cipher_oid_spec_t *oid_specs = cipher->oids;
- int ret = 0, i;
-
- if (oid_specs)
- for (i = 0; oid_specs[i].oid && (! ret); i++)
- if (! stricmp (oid, oid_specs[i].oid))
- ret = 1;
-
- return ret;
-}
-
-/* Internal function. Lookup a cipher entry by it's name. */
-static gcry_module_t
-gcry_cipher_lookup_name (const char *name)
-{
- gcry_module_t cipher;
-
- cipher = _gcry_module_lookup (ciphers_registered, (void *) name,
- gcry_cipher_lookup_func_name);
-
- return cipher;
-}
-
-/* Internal function. Lookup a cipher entry by it's oid. */
-static gcry_module_t
-gcry_cipher_lookup_oid (const char *oid)
-{
- gcry_module_t cipher;
-
- cipher = _gcry_module_lookup (ciphers_registered, (void *) oid,
- gcry_cipher_lookup_func_oid);
-
- return cipher;
-}
-
-/* Register a new cipher module whose specification can be found in
- CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID
- and a pointer representhing this module is stored in MODULE. */
-gcry_error_t
-_gcry_cipher_register (gcry_cipher_spec_t *cipher,
- cipher_extra_spec_t *extraspec,
- int *algorithm_id,
- gcry_module_t *module)
+/* Lookup a cipher's spec by its OID. */
+static gcry_cipher_spec_t *
+spec_from_oid (const char *oid)
{
- gcry_err_code_t err = 0;
- gcry_module_t mod;
-
- /* We do not support module loading in fips mode. */
- if (fips_mode ())
- return gpg_error (GPG_ERR_NOT_SUPPORTED);
-
- ath_mutex_lock (&ciphers_registered_lock);
- err = _gcry_module_add (&ciphers_registered, 0,
- (void *)cipher,
- (void *)(extraspec? extraspec : &dummy_extra_spec),
- &mod);
- ath_mutex_unlock (&ciphers_registered_lock);
+ gcry_cipher_spec_t *spec;
+ gcry_cipher_oid_spec_t *oid_specs;
+ int idx, j;
- if (! err)
+ for (idx=0; (spec = cipher_list[idx]); idx++)
{
- *module = mod;
- *algorithm_id = mod->mod_id;
+ oid_specs = spec->oids;
+ if (oid_specs)
+ {
+ for (j = 0; oid_specs[j].oid; j++)
+ if (!stricmp (oid, oid_specs[j].oid))
+ return spec;
+ }
}
- return gcry_error (err);
+ return NULL;
}
-/* Unregister the cipher identified by MODULE, which must have been
- registered with gcry_cipher_register. */
-void
-_gcry_cipher_unregister (gcry_module_t module)
-{
- ath_mutex_lock (&ciphers_registered_lock);
- _gcry_module_release (module);
- ath_mutex_unlock (&ciphers_registered_lock);
-}
-/* Locate the OID in the oid table and return the index or -1 when not
- found. An opitonal "oid." or "OID." prefix in OID is ignored, the
- OID is expected to be in standard IETF dotted notation. The
- internal algorithm number is returned in ALGORITHM unless it
- ispassed as NULL. A pointer to the specification of the module
- implementing this algorithm is return in OID_SPEC unless passed as
- NULL.*/
-static int
-search_oid (const char *oid, int *algorithm, gcry_cipher_oid_spec_t *oid_spec)
+/* Locate the OID in the oid table and return the spec or NULL if not
+ found. An optional "oid." or "OID." prefix in OID is ignored, the
+ OID is expected to be in standard IETF dotted notation. A pointer
+ to the OID specification of the module implementing this algorithm
+ is return in OID_SPEC unless passed as NULL.*/
+static gcry_cipher_spec_t *
+search_oid (const char *oid, gcry_cipher_oid_spec_t *oid_spec)
{
- gcry_module_t module;
- int ret = 0;
+ gcry_cipher_spec_t *spec;
+ int i;
if (oid && ((! strncmp (oid, "oid.", 4))
|| (! strncmp (oid, "OID.", 4))))
oid += 4;
- module = gcry_cipher_lookup_oid (oid);
- if (module)
+ spec = spec_from_oid (oid);
+ if (spec && spec->oids)
{
- gcry_cipher_spec_t *cipher = module->spec;
- int i;
-
- for (i = 0; cipher->oids[i].oid && !ret; i++)
- if (! stricmp (oid, cipher->oids[i].oid))
+ for (i = 0; spec->oids[i].oid; i++)
+ if (!stricmp (oid, spec->oids[i].oid))
{
- if (algorithm)
- *algorithm = module->mod_id;
if (oid_spec)
- *oid_spec = cipher->oids[i];
- ret = 1;
+ *oid_spec = spec->oids[i];
+ return spec;
}
- _gcry_module_release (module);
}
- return ret;
+ return NULL;
}
+
/* Map STRING to the cipher algorithm identifier. Returns the
algorithm ID of the cipher for the given name or 0 if the name is
not known. It is valid to pass NULL for STRING which results in a
@@ -385,34 +199,24 @@ search_oid (const char *oid, int *algorithm, gcry_cipher_oid_spec_t *oid_spec)
int
gcry_cipher_map_name (const char *string)
{
- gcry_module_t cipher;
- int ret, algorithm = 0;
+ gcry_cipher_spec_t *spec;
- if (! string)
+ if (!string)
return 0;
- REGISTER_DEFAULT_CIPHERS;
-
/* If the string starts with a digit (optionally prefixed with
either "OID." or "oid."), we first look into our table of ASN.1
object identifiers to figure out the algorithm */
- ath_mutex_lock (&ciphers_registered_lock);
-
- ret = search_oid (string, &algorithm, NULL);
- if (! ret)
- {
- cipher = gcry_cipher_lookup_name (string);
- if (cipher)
- {
- algorithm = cipher->mod_id;
- _gcry_module_release (cipher);
- }
- }
+ spec = search_oid (string, NULL);
+ if (spec)
+ return spec->algo;
- ath_mutex_unlock (&ciphers_registered_lock);
+ spec = spec_from_name (string);
+ if (spec)
+ return spec->algo;
- return algorithm;
+ return 0;
}
@@ -423,78 +227,46 @@ gcry_cipher_map_name (const char *string)
int
gcry_cipher_mode_from_oid (const char *string)
{
+ gcry_cipher_spec_t *spec;
gcry_cipher_oid_spec_t oid_spec;
- int ret = 0, mode = 0;
if (!string)
return 0;
- ath_mutex_lock (&ciphers_registered_lock);
- ret = search_oid (string, NULL, &oid_spec);
- if (ret)
- mode = oid_spec.mode;
- ath_mutex_unlock (&ciphers_registered_lock);
+ spec = search_oid (string, &oid_spec);
+ if (spec)
+ return oid_spec.mode;
- return mode;
+ return 0;
}
-/* Map the cipher algorithm whose ID is contained in ALGORITHM to a
- string representation of the algorithm name. For unknown algorithm
- IDs this function returns "?". */
-static const char *
-cipher_algo_to_string (int algorithm)
-{
- gcry_module_t cipher;
- const char *name;
-
- REGISTER_DEFAULT_CIPHERS;
-
- ath_mutex_lock (&ciphers_registered_lock);
- cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
- if (cipher)
- {
- name = ((gcry_cipher_spec_t *) cipher->spec)->name;
- _gcry_module_release (cipher);
- }
- else
- name = "?";
- ath_mutex_unlock (&ciphers_registered_lock);
-
- return name;
-}
-
/* Map the cipher algorithm identifier ALGORITHM to a string
representing this algorithm. This string is the default name as
- used by Libgcrypt. An pointer to an empty string is returned for
- an unknown algorithm. NULL is never returned. */
+ used by Libgcrypt. A "?" is returned for an unknown algorithm.
+ NULL is never returned. */
const char *
gcry_cipher_algo_name (int algorithm)
{
- return cipher_algo_to_string (algorithm);
+ gcry_cipher_spec_t *spec;
+
+ spec = spec_from_algo (algorithm);
+ return spec? spec->name : "?";
}
/* Flag the cipher algorithm with the identifier ALGORITHM as
disabled. There is no error return, the function does nothing for
- unknown algorithms. Disabled algorithms are vitually not available
- in Libgcrypt. */
+ unknown algorithms. Disabled algorithms are virtually not
+ available in Libgcrypt. This is not thread safe and should thus be
+ called early. */
static void
-disable_cipher_algo (int algorithm)
+disable_cipher_algo (int algo)
{
- gcry_module_t cipher;
-
- REGISTER_DEFAULT_CIPHERS;
+ gcry_cipher_spec_t *spec = spec_from_algo (algo);
- ath_mutex_lock (&ciphers_registered_lock);
- cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
- if (cipher)
- {
- if (! (cipher->flags & FLAG_MODULE_DISABLED))
- cipher->flags |= FLAG_MODULE_DISABLED;
- _gcry_module_release (cipher);
- }
- ath_mutex_unlock (&ciphers_registered_lock);
+ if (spec)
+ spec->flags.disabled = 1;
}
@@ -504,24 +276,13 @@ disable_cipher_algo (int algorithm)
static gcry_err_code_t
check_cipher_algo (int algorithm)
{
- gcry_err_code_t err = GPG_ERR_NO_ERROR;
- gcry_module_t cipher;
-
- REGISTER_DEFAULT_CIPHERS;
+ gcry_cipher_spec_t *spec;
- ath_mutex_lock (&ciphers_registered_lock);
- cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
- if (cipher)
- {
- if (cipher->flags & FLAG_MODULE_DISABLED)
- err = GPG_ERR_CIPHER_ALGO;
- _gcry_module_release (cipher);
- }
- else
- err = GPG_ERR_CIPHER_ALGO;
- ath_mutex_unlock (&ciphers_registered_lock);
+ spec = spec_from_algo (algorithm);
+ if (spec && !spec->flags.disabled)
+ return 0;
- return err;
+ return GPG_ERR_CIPHER_ALGO;
}
@@ -530,45 +291,36 @@ check_cipher_algo (int algorithm)
static unsigned int
cipher_get_keylen (int algorithm)
{
- gcry_module_t cipher;
+ gcry_cipher_spec_t *spec;
unsigned len = 0;
- REGISTER_DEFAULT_CIPHERS;
-
- ath_mutex_lock (&ciphers_registered_lock);
- cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
- if (cipher)
+ spec = spec_from_algo (algorithm);
+ if (spec)
{
- len = ((gcry_cipher_spec_t *) cipher->spec)->keylen;
+ len = spec->keylen;
if (!len)
log_bug ("cipher %d w/o key length\n", algorithm);
- _gcry_module_release (cipher);
}
- ath_mutex_unlock (&ciphers_registered_lock);
return len;
}
+
/* Return the block length of the cipher algorithm with the identifier
ALGORITHM. This function return 0 for an invalid algorithm. */
static unsigned int
cipher_get_blocksize (int algorithm)
{
- gcry_module_t cipher;
+ gcry_cipher_spec_t *spec;
unsigned len = 0;
- REGISTER_DEFAULT_CIPHERS;
-
- ath_mutex_lock (&ciphers_registered_lock);
- cipher = _gcry_module_lookup_id (ciphers_registered, algorithm);
- if (cipher)
+ spec = spec_from_algo (algorithm);
+ if (spec)
{
- len = ((gcry_cipher_spec_t *) cipher->spec)->blocksize;
- if (! len)
- log_bug ("cipher %d w/o blocksize\n", algorithm);
- _gcry_module_release (cipher);
+ len = spec->blocksize;
+ if (!len)
+ log_bug ("cipher %d w/o blocksize\n", algorithm);
}
- ath_mutex_unlock (&ciphers_registered_lock);
return len;
}
@@ -593,40 +345,21 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
int algo, int mode, unsigned int flags)
{
int secure = (flags & GCRY_CIPHER_SECURE);
- gcry_cipher_spec_t *cipher = NULL;
- cipher_extra_spec_t *extraspec = NULL;
- gcry_module_t module = NULL;
+ gcry_cipher_spec_t *spec;
gcry_cipher_hd_t h = NULL;
- gcry_err_code_t err = 0;
+ gcry_err_code_t err;
/* If the application missed to call the random poll function, we do
it here to ensure that it is used once in a while. */
_gcry_fast_random_poll ();
- REGISTER_DEFAULT_CIPHERS;
-
- /* Fetch the according module and check whether the cipher is marked
- available for use. */
- ath_mutex_lock (&ciphers_registered_lock);
- module = _gcry_module_lookup_id (ciphers_registered, algo);
- if (module)
- {
- /* Found module. */
-
- if (module->flags & FLAG_MODULE_DISABLED)
- {
- /* Not available for use. */
- err = GPG_ERR_CIPHER_ALGO;
- }
- else
- {
- cipher = (gcry_cipher_spec_t *) module->spec;
- extraspec = module->extraspec;
- }
- }
- else
+ spec = spec_from_algo (algo);
+ if (!spec)
+ err = GPG_ERR_CIPHER_ALGO;
+ else if (spec->flags.disabled)
err = GPG_ERR_CIPHER_ALGO;
- ath_mutex_unlock (&ciphers_registered_lock);
+ else
+ err = 0;
/* check flags */
if ((! err)
@@ -648,14 +381,12 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
case GCRY_CIPHER_MODE_OFB:
case GCRY_CIPHER_MODE_CTR:
case GCRY_CIPHER_MODE_AESWRAP:
- if ((cipher->encrypt == dummy_encrypt_block)
- || (cipher->decrypt == dummy_decrypt_block))
+ if (!spec->encrypt || !spec->decrypt)
err = GPG_ERR_INV_CIPHER_MODE;
break;
case GCRY_CIPHER_MODE_STREAM:
- if ((cipher->stencrypt == dummy_encrypt_stream)
- || (cipher->stdecrypt == dummy_decrypt_stream))
+ if (!spec->stencrypt || !spec->stdecrypt)
err = GPG_ERR_INV_CIPHER_MODE;
break;
@@ -674,13 +405,12 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
/* Perform selftest here and mark this with a flag in cipher_table?
No, we should not do this as it takes too long. Further it does
not make sense to exclude algorithms with failing selftests at
- runtime: If a selftest fails there is something seriously wrong
- with the system and thus we better die immediately. */
+ runtime: If a selftest fails there is something seriously wrong with the system and thus we better die immediately. */
if (! err)
{
size_t size = (sizeof (*h)
- + 2 * cipher->contextsize
+ + 2 * spec->contextsize
- sizeof (cipher_context_alignment_t)
#ifdef NEED_16BYTE_ALIGNED_CONTEXT
+ 15 /* Space for leading alignment gap. */
@@ -711,9 +441,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
h->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
h->actual_handle_size = size - off;
h->handle_offset = off;
- h->cipher = cipher;
- h->extraspec = extraspec;
- h->module = module;
+ h->spec = spec;
h->algo = algo;
h->mode = mode;
h->flags = flags;
@@ -781,17 +509,6 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
/* Done. */
- if (err)
- {
- if (module)
- {
- /* Release module. */
- ath_mutex_lock (&ciphers_registered_lock);
- _gcry_module_release (module);
- ath_mutex_unlock (&ciphers_registered_lock);
- }
- }
-
*handle = err ? NULL : h;
return gcry_error (err);
@@ -815,11 +532,6 @@ gcry_cipher_close (gcry_cipher_hd_t h)
else
h->magic = 0;
- /* Release module. */
- ath_mutex_lock (&ciphers_registered_lock);
- _gcry_module_release (h->module);
- ath_mutex_unlock (&ciphers_registered_lock);
-
/* We always want to wipe out the memory even when the context has
been allocated in secure memory. The user might have disabled
secure memory or is using his own implementation which does not
@@ -840,13 +552,13 @@ cipher_setkey (gcry_cipher_hd_t c, byte *key, unsigned int keylen)
{
gcry_err_code_t ret;
- ret = (*c->cipher->setkey) (&c->context.c, key, keylen);
+ ret = c->spec->setkey (&c->context.c, key, keylen);
if (!ret)
{
/* Duplicate initial context. */
- memcpy ((void *) ((char *) &c->context.c + c->cipher->contextsize),
+ memcpy ((void *) ((char *) &c->context.c + c->spec->contextsize),
(void *) &c->context.c,
- c->cipher->contextsize);
+ c->spec->contextsize);
c->marks.key = 1;
}
else
@@ -863,23 +575,23 @@ cipher_setiv (gcry_cipher_hd_t c, const byte *iv, unsigned ivlen)
{
/* If the cipher has its own IV handler, we use only this one. This
is currently used for stream ciphers requiring a nonce. */
- if (c->extraspec && c->extraspec->setiv)
+ if (c->spec->setiv)
{
- c->extraspec->setiv (&c->context.c, iv, ivlen);
+ c->spec->setiv (&c->context.c, iv, ivlen);
return;
}
- memset (c->u_iv.iv, 0, c->cipher->blocksize);
+ memset (c->u_iv.iv, 0, c->spec->blocksize);
if (iv)
{
- if (ivlen != c->cipher->blocksize)
+ if (ivlen != c->spec->blocksize)
{
log_info ("WARNING: cipher_setiv: ivlen=%u blklen=%u\n",
- ivlen, (unsigned int)c->cipher->blocksize);
+ ivlen, (unsigned int)c->spec->blocksize);
fips_signal_error ("IV length does not match blocklength");
}
- if (ivlen > c->cipher->blocksize)
- ivlen = c->cipher->blocksize;
+ if (ivlen > c->spec->blocksize)
+ ivlen = c->spec->blocksize;
memcpy (c->u_iv.iv, iv, ivlen);
c->marks.iv = 1;
}
@@ -895,12 +607,12 @@ static void
cipher_reset (gcry_cipher_hd_t c)
{
memcpy (&c->context.c,
- (char *) &c->context.c + c->cipher->contextsize,
- c->cipher->contextsize);
+ (char *) &c->context.c + c->spec->contextsize,
+ c->spec->contextsize);
memset (&c->marks, 0, sizeof c->marks);
- memset (c->u_iv.iv, 0, c->cipher->blocksize);
- memset (c->lastiv, 0, c->cipher->blocksize);
- memset (c->u_ctr.ctr, 0, c->cipher->blocksize);
+ memset (c->u_iv.iv, 0, c->spec->blocksize);
+ memset (c->lastiv, 0, c->spec->blocksize);
+ memset (c->u_ctr.ctr, 0, c->spec->blocksize);
}
@@ -910,7 +622,7 @@ do_ecb_encrypt (gcry_cipher_hd_t c,
unsigned char *outbuf, unsigned int outbuflen,
const unsigned char *inbuf, unsigned int inbuflen)
{
- unsigned int blocksize = c->cipher->blocksize;
+ unsigned int blocksize = c->spec->blocksize;
unsigned int n, nblocks;
unsigned int burn, nburn;
@@ -919,12 +631,12 @@ do_ecb_encrypt (gcry_cipher_hd_t c,
if ((inbuflen % blocksize))
return GPG_ERR_INV_LENGTH;
- nblocks = inbuflen / c->cipher->blocksize;
+ nblocks = inbuflen / c->spec->blocksize;
burn = 0;
for (n=0; n < nblocks; n++ )
{
- nburn = c->cipher->encrypt (&c->context.c, outbuf, (byte*)/*arggg*/inbuf);
+ nburn = c->spec->encrypt (&c->context.c, outbuf, (byte*)/*arggg*/inbuf);
burn = nburn > burn ? nburn : burn;
inbuf += blocksize;
outbuf += blocksize;
@@ -941,7 +653,7 @@ do_ecb_decrypt (gcry_cipher_hd_t c,
unsigned char *outbuf, unsigned int outbuflen,
const unsigned char *inbuf, unsigned int inbuflen)
{
- unsigned int blocksize = c->cipher->blocksize;
+ unsigned int blocksize = c->spec->blocksize;
unsigned int n, nblocks;
unsigned int burn, nburn;
@@ -950,12 +662,12 @@ do_ecb_decrypt (gcry_cipher_hd_t c,
if ((inbuflen % blocksize))
return GPG_ERR_INV_LENGTH;
- nblocks = inbuflen / c->cipher->blocksize;
+ nblocks = inbuflen / c->spec->blocksize;
burn = 0;
for (n=0; n < nblocks; n++ )
{
- nburn = c->cipher->decrypt (&c->context.c, outbuf, (byte*)/*arggg*/inbuf);
+ nburn = c->spec->decrypt (&c->context.c, outbuf, (byte*)/*arggg*/inbuf);
burn = nburn > burn ? nburn : burn;
inbuf += blocksize;
outbuf += blocksize;
@@ -1007,8 +719,8 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
break;
case GCRY_CIPHER_MODE_STREAM:
- c->cipher->stencrypt (&c->context.c,
- outbuf, (byte*)/*arggg*/inbuf, inbuflen);
+ c->spec->stencrypt (&c->context.c,
+ outbuf, (byte*)/*arggg*/inbuf, inbuflen);
rc = 0;
break;
@@ -1100,8 +812,8 @@ cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen,
break;
case GCRY_CIPHER_MODE_STREAM:
- c->cipher->stdecrypt (&c->context.c,
- outbuf, (byte*)/*arggg*/inbuf, inbuflen);
+ c->spec->stdecrypt (&c->context.c,
+ outbuf, (byte*)/*arggg*/inbuf, inbuflen);
rc = 0;
break;
@@ -1155,9 +867,9 @@ cipher_sync (gcry_cipher_hd_t c)
if ((c->flags & GCRY_CIPHER_ENABLE_SYNC) && c->unused)
{
memmove (c->u_iv.iv + c->unused,
- c->u_iv.iv, c->cipher->blocksize - c->unused);
+ c->u_iv.iv, c->spec->blocksize - c->unused);
memcpy (c->u_iv.iv,
- c->lastiv + c->cipher->blocksize - c->unused, c->unused);
+ c->lastiv + c->spec->blocksize - c->unused, c->unused);
c->unused = 0;
}
}
@@ -1183,14 +895,14 @@ _gcry_cipher_setiv (gcry_cipher_hd_t hd, const void *iv, size_t ivlen)
gpg_error_t
_gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen)
{
- if (ctr && ctrlen == hd->cipher->blocksize)
+ if (ctr && ctrlen == hd->spec->blocksize)
{
- memcpy (hd->u_ctr.ctr, ctr, hd->cipher->blocksize);
+ memcpy (hd->u_ctr.ctr, ctr, hd->spec->blocksize);
hd->unused = 0;
}
else if (!ctr || !ctrlen)
{
- memset (hd->u_ctr.ctr, 0, hd->cipher->blocksize);
+ memset (hd->u_ctr.ctr, 0, hd->spec->blocksize);
hd->unused = 0;
}
else
@@ -1255,8 +967,8 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
break;
case 61: /* Disable weak key detection (private). */
- if (h->extraspec->set_extra_info)
- rc = h->extraspec->set_extra_info
+ if (h->spec->set_extra_info)
+ rc = h->spec->set_extra_info
(&h->context.c, CIPHER_INFO_NO_WEAK_KEY, NULL, 0);
else
rc = GPG_ERR_NOT_SUPPORTED;
@@ -1268,7 +980,7 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
1 byte Actual length of the block in bytes.
n byte The block.
If the provided buffer is too short, an error is returned. */
- if (buflen < (1 + h->cipher->blocksize))
+ if (buflen < (1 + h->spec->blocksize))
rc = GPG_ERR_TOO_SHORT;
else
{
@@ -1277,10 +989,10 @@ gcry_cipher_ctl( gcry_cipher_hd_t h, int cmd, void *buffer, size_t buflen)
int n = h->unused;
if (!n)
- n = h->cipher->blocksize;
- gcry_assert (n <= h->cipher->blocksize);
+ n = h->spec->blocksize;
+ gcry_assert (n <= h->spec->blocksize);
*dst++ = n;
- ivp = h->u_iv.iv + h->cipher->blocksize - n;
+ ivp = h->u_iv.iv + h->spec->blocksize - n;
while (n--)
*dst++ = *ivp++;
}
@@ -1434,15 +1146,7 @@ gcry_cipher_get_algo_blklen (int algo)
gcry_err_code_t
_gcry_cipher_init (void)
{
- gcry_err_code_t err;
-
- err = ath_mutex_init (&ciphers_registered_lock);
- if (err)
- return gpg_err_code_from_errno (err);
-
- REGISTER_DEFAULT_CIPHERS;
-
- return err;
+ return 0;
}
@@ -1451,34 +1155,21 @@ _gcry_cipher_init (void)
gpg_error_t
_gcry_cipher_selftest (int algo, int extended, selftest_report_func_t report)
{
- gcry_module_t module = NULL;
- cipher_extra_spec_t *extraspec = NULL;
gcry_err_code_t ec = 0;
+ gcry_cipher_spec_t *spec;
- REGISTER_DEFAULT_CIPHERS;
-
- ath_mutex_lock (&ciphers_registered_lock);
- module = _gcry_module_lookup_id (ciphers_registered, algo);
- if (module && !(module->flags & FLAG_MODULE_DISABLED))
- extraspec = module->extraspec;
- ath_mutex_unlock (&ciphers_registered_lock);
- if (extraspec && extraspec->selftest)
- ec = extraspec->selftest (algo, extended, report);
+ spec = spec_from_algo (algo);
+ if (spec && !spec->flags.disabled && spec->selftest)
+ ec = spec->selftest (algo, extended, report);
else
{
ec = GPG_ERR_CIPHER_ALGO;
if (report)
report ("cipher", algo, "module",
- module && !(module->flags & FLAG_MODULE_DISABLED)?
+ (spec && !spec->flags.disabled)?
"no selftest available" :
- module? "algorithm disabled" : "algorithm not found");
+ spec? "algorithm disabled" : "algorithm not found");
}
- if (module)
- {
- ath_mutex_lock (&ciphers_registered_lock);
- _gcry_module_release (module);
- ath_mutex_unlock (&ciphers_registered_lock);
- }
return gpg_error (ec);
}
diff --git a/cipher/des.c b/cipher/des.c
index f1550d1..3464d53 100644
--- a/cipher/des.c
+++ b/cipher/des.c
@@ -1168,6 +1168,7 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
gcry_cipher_spec_t _gcry_cipher_spec_des =
{
+ GCRY_CIPHER_DES, {0, 0},
"DES", NULL, NULL, 8, 64, sizeof (struct _des_ctx),
do_des_setkey, do_des_encrypt, do_des_decrypt
};
@@ -1184,12 +1185,10 @@ static gcry_cipher_oid_spec_t oids_tripledes[] =
gcry_cipher_spec_t _gcry_cipher_spec_tripledes =
{
+ GCRY_CIPHER_3DES, {0, 1},
"3DES", NULL, oids_tripledes, 8, 192, sizeof (struct _tripledes_ctx),
- do_tripledes_setkey, do_tripledes_encrypt, do_tripledes_decrypt
- };
-
-cipher_extra_spec_t _gcry_cipher_extraspec_tripledes =
- {
+ do_tripledes_setkey, do_tripledes_encrypt, do_tripledes_decrypt,
+ NULL, NULL,
run_selftests,
do_tripledes_set_extra_info
};
diff --git a/cipher/gost28147.c b/cipher/gost28147.c
index c669148..2bda868 100644
--- a/cipher/gost28147.c
+++ b/cipher/gost28147.c
@@ -227,6 +227,7 @@ gost_decrypt_block (void *c, byte *outbuf, const byte *inbuf)
gcry_cipher_spec_t _gcry_cipher_spec_gost28147 =
{
+ GCRY_CIPHER_GOST28147, {0, 0},
"GOST28147", NULL, NULL, 8, 256,
sizeof (GOST28147_context),
gost_setkey,
diff --git a/cipher/idea.c b/cipher/idea.c
index 6e81e84..7d91a9a 100644
--- a/cipher/idea.c
+++ b/cipher/idea.c
@@ -371,8 +371,9 @@ static struct {
gcry_cipher_spec_t _gcry_cipher_spec_idea =
-{
+ {
+ GCRY_CIPHER_IDEA, {0, 0},
"IDEA", NULL, NULL, IDEA_BLOCKSIZE, 128,
sizeof (IDEA_context),
idea_setkey, idea_encrypt, idea_decrypt
-};
+ };
diff --git a/cipher/md.c b/cipher/md.c
index 280c5d5..c65eb70 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -1414,7 +1414,7 @@ gpg_error_t
_gcry_md_selftest (int algo, int extended, selftest_report_func_t report)
{
gcry_module_t module = NULL;
- cipher_extra_spec_t *extraspec = NULL;
+ md_extra_spec_t *extraspec = NULL;
gcry_err_code_t ec = 0;
REGISTER_DEFAULT_DIGESTS;
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index 4738c29..1628467 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -2356,7 +2356,7 @@ _gcry_pk_selftest (int algo, int extended, selftest_report_func_t report)
algo = map_algo (algo);
spec = spec_from_algo (algo);
- if (spec && spec->selftest)
+ if (spec && !spec->flags.disabled && spec->selftest)
ec = spec->selftest (algo, extended, report);
else
{
diff --git a/cipher/rfc2268.c b/cipher/rfc2268.c
index da0b9f4..aed8cad 100644
--- a/cipher/rfc2268.c
+++ b/cipher/rfc2268.c
@@ -358,14 +358,18 @@ static gcry_cipher_oid_spec_t oids_rfc2268_128[] =
{ NULL }
};
-gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_40 = {
- "RFC2268_40", NULL, oids_rfc2268_40,
- RFC2268_BLOCKSIZE, 40, sizeof(RFC2268_context),
- do_setkey, encrypt_block, decrypt_block
-};
+gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_40 =
+ {
+ GCRY_CIPHER_RFC2268_40, {0, 0},
+ "RFC2268_40", NULL, oids_rfc2268_40,
+ RFC2268_BLOCKSIZE, 40, sizeof(RFC2268_context),
+ do_setkey, encrypt_block, decrypt_block
+ };
-gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_128 = {
- "RFC2268_128", NULL, oids_rfc2268_128,
- RFC2268_BLOCKSIZE, 128, sizeof(RFC2268_context),
- do_setkey, encrypt_block, decrypt_block
-};
+gcry_cipher_spec_t _gcry_cipher_spec_rfc2268_128 =
+ {
+ GCRY_CIPHER_RFC2268_128, {0, 0},
+ "RFC2268_128", NULL, oids_rfc2268_128,
+ RFC2268_BLOCKSIZE, 128, sizeof(RFC2268_context),
+ do_setkey, encrypt_block, decrypt_block
+ };
diff --git a/cipher/rijndael.c b/cipher/rijndael.c
index 190d0f9..85c1a41 100644
--- a/cipher/rijndael.c
+++ b/cipher/rijndael.c
@@ -2557,14 +2557,15 @@ static gcry_cipher_oid_spec_t rijndael_oids[] =
gcry_cipher_spec_t _gcry_cipher_spec_aes =
{
- "AES", rijndael_names, rijndael_oids, 16, 128, sizeof (RIJNDAEL_context),
- rijndael_setkey, rijndael_encrypt, rijndael_decrypt
- };
-cipher_extra_spec_t _gcry_cipher_extraspec_aes =
- {
+ GCRY_CIPHER_AES, {0, 1},
+ "AES", rijndael_names, rijndael_oids, 16, 128,
+ sizeof (RIJNDAEL_context),
+ rijndael_setkey, rijndael_encrypt, rijndael_decrypt,
+ NULL, NULL,
run_selftests
};
+
static const char *rijndael192_names[] =
{
"RIJNDAEL192",
@@ -2583,14 +2584,15 @@ static gcry_cipher_oid_spec_t rijndael192_oids[] =
gcry_cipher_spec_t _gcry_cipher_spec_aes192 =
{
- "AES192", rijndael192_names, rijndael192_oids, 16, 192, sizeof (RIJNDAEL_context),
- rijndael_setkey, rijndael_encrypt, rijndael_decrypt
- };
-cipher_extra_spec_t _gcry_cipher_extraspec_aes192 =
- {
+ GCRY_CIPHER_AES192, {0, 1},
+ "AES192", rijndael192_names, rijndael192_oids, 16, 192,
+ sizeof (RIJNDAEL_context),
+ rijndael_setkey, rijndael_encrypt, rijndael_decrypt,
+ NULL, NULL,
run_selftests
};
+
static const char *rijndael256_names[] =
{
"RIJNDAEL256",
@@ -2609,12 +2611,10 @@ static gcry_cipher_oid_spec_t rijndael256_oids[] =
gcry_cipher_spec_t _gcry_cipher_spec_aes256 =
{
+ GCRY_CIPHER_AES256, {0, 1},
"AES256", rijndael256_names, rijndael256_oids, 16, 256,
sizeof (RIJNDAEL_context),
- rijndael_setkey, rijndael_encrypt, rijndael_decrypt
- };
-
-cipher_extra_spec_t _gcry_cipher_extraspec_aes256 =
- {
+ rijndael_setkey, rijndael_encrypt, rijndael_decrypt,
+ NULL, NULL,
run_selftests
};
diff --git a/cipher/salsa20.c b/cipher/salsa20.c
index 88f5372..6189bca 100644
--- a/cipher/salsa20.c
+++ b/cipher/salsa20.c
@@ -373,6 +373,8 @@ selftest (void)
gcry_cipher_spec_t _gcry_cipher_spec_salsa20 =
{
+ GCRY_CIPHER_SALSA20,
+ {0, 0}, /* flags */
"SALSA20", /* name */
NULL, /* aliases */
NULL, /* oids */
@@ -383,11 +385,16 @@ gcry_cipher_spec_t _gcry_cipher_spec_salsa20 =
NULL,
NULL,
salsa20_encrypt_stream,
- salsa20_encrypt_stream
+ salsa20_encrypt_stream,
+ NULL,
+ NULL,
+ salsa20_setiv
};
gcry_cipher_spec_t _gcry_cipher_spec_salsa20r12 =
{
+ GCRY_CIPHER_SALSA20R12,
+ {0, 0}, /* flags */
"SALSA20R12", /* name */
NULL, /* aliases */
NULL, /* oids */
@@ -398,11 +405,7 @@ gcry_cipher_spec_t _gcry_cipher_spec_salsa20r12 =
NULL,
NULL,
salsa20r12_encrypt_stream,
- salsa20r12_encrypt_stream
- };
-
-cipher_extra_spec_t _gcry_cipher_extraspec_salsa20 =
- {
+ salsa20r12_encrypt_stream,
NULL,
NULL,
salsa20_setiv
diff --git a/cipher/seed.c b/cipher/seed.c
index 474ccba..9f87c05 100644
--- a/cipher/seed.c
+++ b/cipher/seed.c
@@ -470,6 +470,7 @@ static gcry_cipher_oid_spec_t seed_oids[] =
gcry_cipher_spec_t _gcry_cipher_spec_seed =
{
+ GCRY_CIPHER_SEED, {0, 0},
"SEED", NULL, seed_oids, 16, 128, sizeof (SEED_context),
seed_setkey, seed_encrypt, seed_decrypt,
};
diff --git a/cipher/serpent.c b/cipher/serpent.c
index 4720b9c..c0898dc 100644
--- a/cipher/serpent.c
+++ b/cipher/serpent.c
@@ -1192,6 +1192,7 @@ static const char *cipher_spec_serpent128_aliases[] =
gcry_cipher_spec_t _gcry_cipher_spec_serpent128 =
{
+ GCRY_CIPHER_SERPENT128, {0, 0},
"SERPENT128", cipher_spec_serpent128_aliases, NULL, 16, 128,
sizeof (serpent_context_t),
serpent_setkey, serpent_encrypt, serpent_decrypt
@@ -1199,6 +1200,7 @@ gcry_cipher_spec_t _gcry_cipher_spec_serpent128 =
gcry_cipher_spec_t _gcry_cipher_spec_serpent192 =
{
+ GCRY_CIPHER_SERPENT192, {0, 0},
"SERPENT192", NULL, NULL, 16, 192,
sizeof (serpent_context_t),
serpent_setkey, serpent_encrypt, serpent_decrypt
@@ -1206,6 +1208,7 @@ gcry_cipher_spec_t _gcry_cipher_spec_serpent192 =
gcry_cipher_spec_t _gcry_cipher_spec_serpent256 =
{
+ GCRY_CIPHER_SERPENT256, {0, 0},
"SERPENT256", NULL, NULL, 16, 256,
sizeof (serpent_context_t),
serpent_setkey, serpent_encrypt, serpent_decrypt
diff --git a/cipher/twofish.c b/cipher/twofish.c
index 17b3aa3..993ad0f 100644
--- a/cipher/twofish.c
+++ b/cipher/twofish.c
@@ -1306,12 +1306,14 @@ main()
gcry_cipher_spec_t _gcry_cipher_spec_twofish =
{
+ GCRY_CIPHER_TWOFISH, {0, 0},
"TWOFISH", NULL, NULL, 16, 256, sizeof (TWOFISH_context),
twofish_setkey, twofish_encrypt, twofish_decrypt
};
gcry_cipher_spec_t _gcry_cipher_spec_twofish128 =
{
+ GCRY_CIPHER_TWOFISH128, {0, 0},
"TWOFISH128", NULL, NULL, 16, 128, sizeof (TWOFISH_context),
twofish_setkey, twofish_encrypt, twofish_decrypt
};
diff --git a/src/cipher-proto.h b/src/cipher-proto.h
index 5b152b5..62bc8b9 100644
--- a/src/cipher-proto.h
+++ b/src/cipher-proto.h
@@ -149,6 +149,39 @@ typedef struct gcry_pk_spec
+/*
+ *
+ * Symmetric cipher related definitions.
+ *
+ */
+
+/* Type for the cipher_setkey function. */
+typedef gcry_err_code_t (*gcry_cipher_setkey_t) (void *c,
+ const unsigned char *key,
+ unsigned keylen);
+
+/* Type for the cipher_encrypt function. */
+typedef unsigned int (*gcry_cipher_encrypt_t) (void *c,
+ unsigned char *outbuf,
+ const unsigned char *inbuf);
+
+/* Type for the cipher_decrypt function. */
+typedef unsigned int (*gcry_cipher_decrypt_t) (void *c,
+ unsigned char *outbuf,
+ const unsigned char *inbuf);
+
+/* Type for the cipher_stencrypt function. */
+typedef void (*gcry_cipher_stencrypt_t) (void *c,
+ unsigned char *outbuf,
+ const unsigned char *inbuf,
+ unsigned int n);
+
+/* Type for the cipher_stdecrypt function. */
+typedef void (*gcry_cipher_stdecrypt_t) (void *c,
+ unsigned char *outbuf,
+ const unsigned char *inbuf,
+ unsigned int n);
+
/* The type used to convey additional information to a cipher. */
typedef gpg_err_code_t (*cipher_set_extra_info_t)
(void *c, int what, const void *buffer, size_t buflen);
@@ -157,15 +190,45 @@ typedef gpg_err_code_t (*cipher_set_extra_info_t)
typedef void (*cipher_setiv_func_t)(void *c,
const byte *iv, unsigned int ivlen);
-/* Extra module specification structures. These are used for internal
- modules which provide more functions than available through the
- public algorithm register APIs. */
-typedef struct cipher_extra_spec
+/* A structure to map OIDs to encryption modes. */
+typedef struct gcry_cipher_oid_spec
{
+ const char *oid;
+ int mode;
+} gcry_cipher_oid_spec_t;
+
+
+/* Module specification structure for ciphers. */
+typedef struct gcry_cipher_spec
+{
+ int algo;
+ struct {
+ unsigned int disabled:1;
+ unsigned int fips:1;
+ } flags;
+ const char *name;
+ const char **aliases;
+ gcry_cipher_oid_spec_t *oids;
+ size_t blocksize;
+ size_t keylen;
+ size_t contextsize;
+ gcry_cipher_setkey_t setkey;
+ gcry_cipher_encrypt_t encrypt;
+ gcry_cipher_decrypt_t decrypt;
+ gcry_cipher_stencrypt_t stencrypt;
+ gcry_cipher_stdecrypt_t stdecrypt;
selftest_func_t selftest;
cipher_set_extra_info_t set_extra_info;
cipher_setiv_func_t setiv;
-} cipher_extra_spec_t;
+} gcry_cipher_spec_t;
+
+
+
+/*
+ *
+ * Message digest related definitions.
+ *
+ */
typedef struct md_extra_spec
{
@@ -174,11 +237,8 @@ typedef struct md_extra_spec
+
/* The private register functions. */
-gcry_error_t _gcry_cipher_register (gcry_cipher_spec_t *cipher,
- cipher_extra_spec_t *extraspec,
- int *algorithm_id,
- gcry_module_t *module);
gcry_error_t _gcry_md_register (gcry_md_spec_t *cipher,
md_extra_spec_t *extraspec,
unsigned int *algorithm_id,
diff --git a/src/cipher.h b/src/cipher.h
index 70b46fe..d080e72 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -204,12 +204,6 @@ extern gcry_cipher_spec_t _gcry_cipher_spec_salsa20;
extern gcry_cipher_spec_t _gcry_cipher_spec_salsa20r12;
extern gcry_cipher_spec_t _gcry_cipher_spec_gost28147;
-extern cipher_extra_spec_t _gcry_cipher_extraspec_tripledes;
-extern cipher_extra_spec_t _gcry_cipher_extraspec_aes;
-extern cipher_extra_spec_t _gcry_cipher_extraspec_aes192;
-extern cipher_extra_spec_t _gcry_cipher_extraspec_aes256;
-extern cipher_extra_spec_t _gcry_cipher_extraspec_salsa20;
-
/* Declarations for the digest specifications. */
extern gcry_md_spec_t _gcry_digest_spec_crc32;
extern gcry_md_spec_t _gcry_digest_spec_crc32_rfc1510;
diff --git a/src/gcrypt-module.h b/src/gcrypt-module.h
index 9fcb8ab..621a3a4 100644
--- a/src/gcrypt-module.h
+++ b/src/gcrypt-module.h
@@ -44,59 +44,6 @@ extern "C" {
/* This type represents a `module'. */
typedef struct gcry_module *gcry_module_t;
-/* Check that the library fulfills the version requirement. */
-
-/* Type for the cipher_setkey function. */
-typedef gcry_err_code_t (*gcry_cipher_setkey_t) (void *c,
- const unsigned char *key,
- unsigned keylen);
-
-/* Type for the cipher_encrypt function. */
-typedef unsigned int (*gcry_cipher_encrypt_t) (void *c,
- unsigned char *outbuf,
- const unsigned char *inbuf);
-
-/* Type for the cipher_decrypt function. */
-typedef unsigned int (*gcry_cipher_decrypt_t) (void *c,
- unsigned char *outbuf,
- const unsigned char *inbuf);
-
-/* Type for the cipher_stencrypt function. */
-typedef void (*gcry_cipher_stencrypt_t) (void *c,
- unsigned char *outbuf,
- const unsigned char *inbuf,
- unsigned int n);
-
-/* Type for the cipher_stdecrypt function. */
-typedef void (*gcry_cipher_stdecrypt_t) (void *c,
- unsigned char *outbuf,
- const unsigned char *inbuf,
- unsigned int n);
-
-typedef struct gcry_cipher_oid_spec
-{
- const char *oid;
- int mode;
-} gcry_cipher_oid_spec_t;
-
-/* Module specification structure for ciphers. */
-typedef struct gcry_cipher_spec
-{
- const char *name;
- const char **aliases;
- gcry_cipher_oid_spec_t *oids;
- size_t blocksize;
- size_t keylen;
- size_t contextsize;
- gcry_cipher_setkey_t setkey;
- gcry_cipher_encrypt_t encrypt;
- gcry_cipher_decrypt_t decrypt;
- gcry_cipher_stencrypt_t stencrypt;
- gcry_cipher_stdecrypt_t stdecrypt;
-} gcry_cipher_spec_t;
-
-
-/* ********************** */
/* ********************** */
commit 4153fa859816e799e506055321a22e6450aacdcc
Author: Werner Koch <wk at gnupg.org>
Date: Tue Oct 1 17:47:27 2013 +0200
mpi: Fix gcry_mpi_neg.
* mpi/mpiutil.c (_gcry_mpi_neg): Copy U to W.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c
index c9e6b31..a82a8e7 100644
--- a/mpi/mpiutil.c
+++ b/mpi/mpiutil.c
@@ -373,7 +373,9 @@ _gcry_mpi_is_neg (gcry_mpi_t a)
void
_gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u)
{
- if (mpi_is_immutable (w))
+ if (w != u)
+ mpi_set (w, u);
+ else if (mpi_is_immutable (w))
{
mpi_immutable_failed ();
return;
-----------------------------------------------------------------------
Summary of changes:
cipher/arcfour.c | 1 +
cipher/blowfish.c | 1 +
cipher/camellia-glue.c | 3 +
cipher/cast5.c | 1 +
cipher/cipher-aeswrap.c | 8 +-
cipher/cipher-cbc.c | 26 +-
cipher/cipher-cfb.c | 18 +-
cipher/cipher-ctr.c | 4 +-
cipher/cipher-internal.h | 3 +-
cipher/cipher-ofb.c | 14 +-
cipher/cipher.c | 685 +++++++++++++---------------------------------
cipher/des.c | 9 +-
cipher/gost28147.c | 1 +
cipher/idea.c | 5 +-
cipher/md.c | 2 +-
cipher/pubkey.c | 2 +-
cipher/rfc2268.c | 24 +-
cipher/rijndael.c | 30 +-
cipher/salsa20.c | 15 +-
cipher/seed.c | 1 +
cipher/serpent.c | 3 +
cipher/twofish.c | 2 +
mpi/mpiutil.c | 4 +-
src/cipher-proto.h | 78 +++++-
src/cipher.h | 6 -
src/gcrypt-module.h | 53 ----
26 files changed, 356 insertions(+), 643 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list