diff options
| author | Pauli <paul.dale@oracle.com> | 2018-01-17 13:20:22 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2018-01-24 07:09:46 +1000 |
| commit | 4bed94f0c11ef63587c6b2edb03c3c438e221604 (patch) | |
| tree | 750293d626b103e4a8f503fc41f291388b15ecce /crypto | |
| parent | 3bf0c3fe31d5339524dae671064cc5fe9e4bda38 (diff) | |
| download | openssl-new-4bed94f0c11ef63587c6b2edb03c3c438e221604.tar.gz | |
SHA512/224 and SHA512/256
Support added for these two digests, available only via the EVP interface.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5093)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/evp/c_alld.c | 4 | ||||
| -rw-r--r-- | crypto/evp/m_sha1.c | 51 | ||||
| -rw-r--r-- | crypto/include/internal/sha.h | 19 | ||||
| -rw-r--r-- | crypto/objects/obj_dat.h | 20 | ||||
| -rw-r--r-- | crypto/objects/obj_mac.num | 2 | ||||
| -rw-r--r-- | crypto/objects/objects.txt | 2 | ||||
| -rw-r--r-- | crypto/sha/sha512.c | 79 |
7 files changed, 169 insertions, 8 deletions
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c index 257d405ba7..1267531a7d 100644 --- a/crypto/evp/c_alld.c +++ b/crypto/evp/c_alld.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -39,6 +39,8 @@ void openssl_add_all_digests_int(void) EVP_add_digest(EVP_sha256()); EVP_add_digest(EVP_sha384()); EVP_add_digest(EVP_sha512()); + EVP_add_digest(EVP_sha512_224()); + EVP_add_digest(EVP_sha512_256()); #ifndef OPENSSL_NO_WHIRLPOOL EVP_add_digest(EVP_whirlpool()); #endif diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index 0fa184b310..d73e412b8d 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -15,6 +15,7 @@ #include <openssl/sha.h> #include <openssl/rsa.h> #include "internal/evp_int.h" +#include "internal/sha.h" static int init(EVP_MD_CTX *ctx) { @@ -173,6 +174,16 @@ const EVP_MD *EVP_sha256(void) return &sha256_md; } +static int init512_224(EVP_MD_CTX *ctx) +{ + return sha512_224_init(EVP_MD_CTX_md_data(ctx)); +} + +static int init512_256(EVP_MD_CTX *ctx) +{ + return sha512_256_init(EVP_MD_CTX_md_data(ctx)); +} + static int init384(EVP_MD_CTX *ctx) { return SHA384_Init(EVP_MD_CTX_md_data(ctx)); @@ -194,6 +205,44 @@ static int final512(EVP_MD_CTX *ctx, unsigned char *md) return SHA512_Final(md, EVP_MD_CTX_md_data(ctx)); } +static const EVP_MD sha512_224_md = { + NID_sha512_224, + NID_sha512_224WithRSAEncryption, + SHA224_DIGEST_LENGTH, + EVP_MD_FLAG_DIGALGID_ABSENT, + init512_224, + update512, + final512, + NULL, + NULL, + SHA512_CBLOCK, + sizeof(EVP_MD *) + sizeof(SHA512_CTX), +}; + +const EVP_MD *EVP_sha512_224(void) +{ + return &sha512_224_md; +} + +static const EVP_MD sha512_256_md = { + NID_sha512_256, + NID_sha512_256WithRSAEncryption, + SHA256_DIGEST_LENGTH, + EVP_MD_FLAG_DIGALGID_ABSENT, + init512_256, + update512, + final512, + NULL, + NULL, + SHA512_CBLOCK, + sizeof(EVP_MD *) + sizeof(SHA512_CTX), +}; + +const EVP_MD *EVP_sha512_256(void) +{ + return &sha512_256_md; +} + static const EVP_MD sha384_md = { NID_sha384, NID_sha384WithRSAEncryption, diff --git a/crypto/include/internal/sha.h b/crypto/include/internal/sha.h new file mode 100644 index 0000000000..458a75e89d --- /dev/null +++ b/crypto/include/internal/sha.h @@ -0,0 +1,19 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_INTERNAL_SHA_H +# define HEADER_INTERNAL_SHA_H + +# include <openssl/opensslconf.h> + +int sha512_224_init(SHA512_CTX *); +int sha512_256_init(SHA512_CTX *); + +#endif diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 535d315037..772445385c 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[7324] = { +static const unsigned char so[7342] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1030,9 +1030,11 @@ static const unsigned char so[7324] = { 0x2A,0x81,0x1C,0xCF,0x55,0x01, /* [ 7301] OBJ_sm_scheme */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x11, /* [ 7307] OBJ_sm3 */ 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x78, /* [ 7315] OBJ_sm3WithRSAEncryption */ + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0F, /* [ 7323] OBJ_sha512_224WithRSAEncryption */ + 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x10, /* [ 7332] OBJ_sha512_256WithRSAEncryption */ }; -#define NUM_NID 1145 +#define NUM_NID 1147 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2179,9 +2181,11 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"sm-scheme", "sm-scheme", NID_sm_scheme, 6, &so[7301]}, {"SM3", "sm3", NID_sm3, 8, &so[7307]}, {"RSA-SM3", "sm3WithRSAEncryption", NID_sm3WithRSAEncryption, 8, &so[7315]}, + {"RSA-SHA512/224", "sha512-224WithRSAEncryption", NID_sha512_224WithRSAEncryption, 9, &so[7323]}, + {"RSA-SHA512/256", "sha512-256WithRSAEncryption", NID_sha512_256WithRSAEncryption, 9, &so[7332]}, }; -#define NUM_SN 1136 +#define NUM_SN 1138 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2422,6 +2426,8 @@ static const unsigned int sn_objs[NUM_SN] = { 668, /* "RSA-SHA256" */ 669, /* "RSA-SHA384" */ 670, /* "RSA-SHA512" */ + 1145, /* "RSA-SHA512/224" */ + 1146, /* "RSA-SHA512/256" */ 1144, /* "RSA-SM3" */ 919, /* "RSAES-OAEP" */ 912, /* "RSASSA-PSS" */ @@ -3321,7 +3327,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1093, /* "x509ExtAdmission" */ }; -#define NUM_LN 1136 +#define NUM_LN 1138 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -4395,7 +4401,9 @@ static const unsigned int ln_objs[NUM_LN] = { 669, /* "sha384WithRSAEncryption" */ 674, /* "sha512" */ 1094, /* "sha512-224" */ + 1145, /* "sha512-224WithRSAEncryption" */ 1095, /* "sha512-256" */ + 1146, /* "sha512-256WithRSAEncryption" */ 670, /* "sha512WithRSAEncryption" */ 42, /* "shaWithRSAEncryption" */ 1100, /* "shake128" */ @@ -4461,7 +4469,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1025 +#define NUM_OBJ 1027 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5170,6 +5178,8 @@ static const unsigned int obj_objs[NUM_OBJ] = { 669, /* OBJ_sha384WithRSAEncryption 1 2 840 113549 1 1 12 */ 670, /* OBJ_sha512WithRSAEncryption 1 2 840 113549 1 1 13 */ 671, /* OBJ_sha224WithRSAEncryption 1 2 840 113549 1 1 14 */ + 1145, /* OBJ_sha512_224WithRSAEncryption 1 2 840 113549 1 1 15 */ + 1146, /* OBJ_sha512_256WithRSAEncryption 1 2 840 113549 1 1 16 */ 28, /* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */ 9, /* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */ 10, /* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 83641c451e..bef6050a19 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1142,3 +1142,5 @@ oscca 1141 sm_scheme 1142 sm3 1143 sm3WithRSAEncryption 1144 +sha512_224WithRSAEncryption 1145 +sha512_256WithRSAEncryption 1146 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 87c2683291..74550be2df 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -178,6 +178,8 @@ pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption +pkcs1 15 : RSA-SHA512/224 : sha512-224WithRSAEncryption +pkcs1 16 : RSA-SHA512/256 : sha512-256WithRSAEncryption pkcs 3 : pkcs3 pkcs3 1 : : dhKeyAgreement diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c index bb7cc5efb8..50b65ee811 100644 --- a/crypto/sha/sha512.c +++ b/crypto/sha/sha512.c @@ -1,5 +1,5 @@ /* - * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2004-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -50,6 +50,7 @@ #include <openssl/opensslv.h> #include "internal/cryptlib.h" +#include "internal/sha.h" #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \ @@ -59,6 +60,42 @@ # define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA #endif +int sha512_224_init(SHA512_CTX *c) +{ + c->h[0] = U64(0x8c3d37c819544da2); + c->h[1] = U64(0x73e1996689dcd4d6); + c->h[2] = U64(0x1dfab7ae32ff9c82); + c->h[3] = U64(0x679dd514582f9fcf); + c->h[4] = U64(0x0f6d2b697bd44da8); + c->h[5] = U64(0x77e36f7304c48942); + c->h[6] = U64(0x3f9d85a86a1d36c8); + c->h[7] = U64(0x1112e6ad91d692a1); + + c->Nl = 0; + c->Nh = 0; + c->num = 0; + c->md_len = SHA224_DIGEST_LENGTH; + return 1; +} + +int sha512_256_init(SHA512_CTX *c) +{ + c->h[0] = U64(0x22312194fc2bf72c); + c->h[1] = U64(0x9f555fa3c84c64c2); + c->h[2] = U64(0x2393b86b6f53b151); + c->h[3] = U64(0x963877195940eabd); + c->h[4] = U64(0x96283ee2a88effe3); + c->h[5] = U64(0xbe5e1e2553863992); + c->h[6] = U64(0x2b0199fc2c85b8aa); + c->h[7] = U64(0x0eb72ddc81c52ca2); + + c->Nl = 0; + c->Nh = 0; + c->num = 0; + c->md_len = SHA256_DIGEST_LENGTH; + return 1; +} + int SHA384_Init(SHA512_CTX *c) { c->h[0] = U64(0xcbbb9d5dc1059ed8); @@ -143,6 +180,46 @@ int SHA512_Final(unsigned char *md, SHA512_CTX *c) switch (c->md_len) { /* Let compiler decide if it's appropriate to unroll... */ + case SHA224_DIGEST_LENGTH: + for (n = 0; n < SHA224_DIGEST_LENGTH / 8; n++) { + SHA_LONG64 t = c->h[n]; + + *(md++) = (unsigned char)(t >> 56); + *(md++) = (unsigned char)(t >> 48); + *(md++) = (unsigned char)(t >> 40); + *(md++) = (unsigned char)(t >> 32); + *(md++) = (unsigned char)(t >> 24); + *(md++) = (unsigned char)(t >> 16); + *(md++) = (unsigned char)(t >> 8); + *(md++) = (unsigned char)(t); + } + /* + * For 224 bits, there are four bytes left over that have to be + * processed separately. + */ + { + SHA_LONG64 t = c->h[SHA224_DIGEST_LENGTH / 8]; + + *(md++) = (unsigned char)(t >> 56); + *(md++) = (unsigned char)(t >> 48); + *(md++) = (unsigned char)(t >> 40); + *(md++) = (unsigned char)(t >> 32); + } + break; + case SHA256_DIGEST_LENGTH: + for (n = 0; n < SHA256_DIGEST_LENGTH / 8; n++) { + SHA_LONG64 t = c->h[n]; + + *(md++) = (unsigned char)(t >> 56); + *(md++) = (unsigned char)(t >> 48); + *(md++) = (unsigned char)(t >> 40); + *(md++) = (unsigned char)(t >> 32); + *(md++) = (unsigned char)(t >> 24); + *(md++) = (unsigned char)(t >> 16); + *(md++) = (unsigned char)(t >> 8); + *(md++) = (unsigned char)(t); + } + break; case SHA384_DIGEST_LENGTH: for (n = 0; n < SHA384_DIGEST_LENGTH / 8; n++) { SHA_LONG64 t = c->h[n]; |