Skip to content

Commit

Permalink
remove old code with EVP cipher
Browse files Browse the repository at this point in the history
  • Loading branch information
rajeev-0 committed Mar 7, 2024
1 parent bb4baaa commit 099cff0
Show file tree
Hide file tree
Showing 26 changed files with 58 additions and 696 deletions.
5 changes: 0 additions & 5 deletions crypto/evp/evp_lib.c
Original file line number Diff line number Diff line change
Expand Up @@ -330,11 +330,6 @@ int EVP_CIPHER_get_type(const EVP_CIPHER *cipher)

return NID_des_cfb64;

case NID_null_hmac_sha256:
return NID_null_hmac_sha256;
case NID_null_hmac_sha384:
return NID_null_hmac_sha384;

default:
#ifdef FIPS_MODULE
return NID_undef;
Expand Down
14 changes: 4 additions & 10 deletions crypto/objects/obj_dat.h
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/objects/obj_dat.pl
*
* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
Expand Down Expand Up @@ -1184,7 +1184,7 @@ static const unsigned char so[8476] = {
0x55,0x1D,0x4B, /* [ 8472] OBJ_associated_information */
};

#define NUM_NID 1322
#define NUM_NID 1320
static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"UNDEF", "undefined", NID_undef},
{"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
Expand Down Expand Up @@ -2506,11 +2506,9 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
{"altSignatureAlgorithm", "X509v3 Alternative Signature Algorithm", NID_alt_signature_algorithm, 3, &so[8466]},
{"altSignatureValue", "X509v3 Alternative Signature Value", NID_alt_signature_value, 3, &so[8469]},
{"associatedInformation", "X509v3 Associated Information", NID_associated_information, 3, &so[8472]},
{"NULL-HMAC-SHA256", "null-hmac-sha256", NID_null_hmac_sha256},
{"NULL-HMAC-SHA384", "null-hmac-sha384", NID_null_hmac_sha384},
};

#define NUM_SN 1313
#define NUM_SN 1311
static const unsigned int sn_objs[NUM_SN] = {
364, /* "AD_DVCS" */
419, /* "AES-128-CBC" */
Expand Down Expand Up @@ -2705,8 +2703,6 @@ static const unsigned int sn_objs[NUM_SN] = {
388, /* "Mail" */
393, /* "NULL" */
404, /* "NULL" */
1320, /* "NULL-HMAC-SHA256" */
1321, /* "NULL-HMAC-SHA384" */
57, /* "Netscape" */
366, /* "Nonce" */
17, /* "O" */
Expand Down Expand Up @@ -3827,7 +3823,7 @@ static const unsigned int sn_objs[NUM_SN] = {
1289, /* "zstd" */
};

#define NUM_LN 1313
#define NUM_LN 1311
static const unsigned int ln_objs[NUM_LN] = {
363, /* "AD Time Stamping" */
405, /* "ANSI X9.62" */
Expand Down Expand Up @@ -4780,8 +4776,6 @@ static const unsigned int ln_objs[NUM_LN] = {
1217, /* "modp_8192" */
481, /* "nSRecord" */
173, /* "name" */
1320, /* "null-hmac-sha256" */
1321, /* "null-hmac-sha384" */
681, /* "onBasis" */
379, /* "org" */
1089, /* "organizationIdentifier" */
Expand Down
2 changes: 0 additions & 2 deletions crypto/objects/obj_mac.num
Original file line number Diff line number Diff line change
Expand Up @@ -1317,5 +1317,3 @@ subject_alt_public_key_info 1316
alt_signature_algorithm 1317
alt_signature_value 1318
associated_information 1319
null_hmac_sha256 1320
null_hmac_sha384 1321
2 changes: 1 addition & 1 deletion crypto/objects/obj_xref.h
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by objxref.pl
*
* Copyright 1998-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 1998-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
Expand Down
2 changes: 0 additions & 2 deletions crypto/objects/objects.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1685,8 +1685,6 @@ sm-scheme 104 10 : SM4-XTS : sm4-xts
: AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256
: ChaCha20-Poly1305 : chacha20-poly1305
: ChaCha20 : chacha20
: NULL-HMAC-SHA256 : null-hmac-sha256
: NULL-HMAC-SHA384 : null-hmac-sha384

ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH

Expand Down
60 changes: 38 additions & 22 deletions doc/man7/EVP_CIPHER-NULL.pod
Original file line number Diff line number Diff line change
Expand Up @@ -2,55 +2,71 @@

=head1 NAME

EVP_CIPHER-NULL - NULL encryption EVP_CIPHER implementation
EVP_CIPHER-NULL - The NULL EVP_CIPHER implementation

=head1 DESCRIPTION

This module provides support for NULL encryption using the B<EVP_CIPHER> API.
It simply copies the data without any encryption.
Support for a NULL symmetric encryption using the B<EVP_CIPHER> API.
This is used when the TLS cipher suite is TLS_NULL_WITH_NULL_NULL.
This does no encryption (just copies the data) and has a mac size of zero.

=head2 Algorithm Names
=head2 Algorithm Name

The default provider offers the following algorithms:
The following algorithm is available in the default provider:

=over 4

=item "NULL"

=item "NULL-HMAC-SHA256" and "NULL-HMAC-SHA384"

=back

=head2 Parameters

The parameters supported by this implementation are detailed in
L<EVP_EncryptInit(3)/PARAMETERS>.
This implementation supports the following parameters:

=head1 NOTES
=head3 Gettable EVP_CIPHER parameters

"NULL" algorithm is used when the TLS cipher suite is TLS_NULL_WITH_NULL_NULL.
This does no encryption (just copies the data) and has a mac size of zero.
This conforms to RFC 5246 section-6.2.3.1.
See L<EVP_EncryptInit(3)/Gettable EVP_CIPHER parameters>

"NULL-HMAC-SHA256" and "NULL-HMAC-SHA384" are used when the TLS cipher suite is
TLS_SHA256_SHA256 and TLS_SHA384_SHA384 respectively.
This conforms to RFC 9150.
=head3 Gettable EVP_CIPHER_CTX parameters

=head1 SEE ALSO
=over 4

L<provider-cipher(7)>, L<OSSL_PROVIDER-default(7)>
=item "keylen" (B<OSSL_CIPHER_PARAM_KEYLEN>) <unsigned integer>

=item "ivlen" (B<OSSL_CIPHER_PARAM_IVLEN> and <B<OSSL_CIPHER_PARAM_AEAD_IVLEN>) <unsigned integer>

=item "tls-mac" (B<OSSL_CIPHER_PARAM_TLS_MAC>) <octet ptr>

=back

See L<EVP_EncryptInit(3)/PARAMETERS> for further information.

=head1 HISTORY
=head3 Settable EVP_CIPHER_CTX parameters

The NULL-HMAC-SHA256 and NULL-HMAC-SHA384 ciphers were added in OpenSSL version 3.3.
=over 4

=item "tls-mac-size" (B<OSSL_CIPHER_PARAM_TLS_MAC_SIZE>) <unsigned integer>

=back

See L<EVP_EncryptInit(3)/PARAMETERS> for further information.

=head1 CONFORMING TO

RFC 5246 section-6.2.3.1

=head1 SEE ALSO

L<provider-cipher(7)>, L<OSSL_PROVIDER-default(7)>

=head1 COPYRIGHT

Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
=cut
2 changes: 1 addition & 1 deletion fuzz/oids.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# WARNING: do not edit!
# Generated by fuzz/mkfuzzoids.pl
#
# Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
# Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
Expand Down
9 changes: 2 additions & 7 deletions include/openssl/evp.h
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@

# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
# define EVP_MAX_KEY_LENGTH 64
# define EVP_MAX_IV_LENGTH 48 /* longest known for TLS_SHA384_SHA384 */
# define EVP_MAX_IV_LENGTH 16
# define EVP_MAX_BLOCK_LENGTH 32
# define EVP_MAX_AEAD_TAG_LENGTH 48 /* longest known for TLS_SHA384_SHA384 */
# define EVP_MAX_AEAD_TAG_LENGTH 16

# define PKCS5_SALT_LEN 8
/* Default PKCS#5 iteration count */
Expand Down Expand Up @@ -479,11 +479,6 @@ typedef struct {

/* Length of tag for TLS */
# define EVP_CHACHAPOLY_TLS_TAG_LEN 16
/* Length of HMAC_SHA256 for TLS v1.3 integrity-only */
# define EVP_HMACSHA256_TLS_TAG_LEN 32
/* Length of HMAC_SHA384 for TLS v1.3 integrity-only */
# define EVP_HMACSHA384_TLS_TAG_LEN 48


typedef struct evp_cipher_info_st {
const EVP_CIPHER *cipher;
Expand Down
10 changes: 1 addition & 9 deletions include/openssl/obj_mac.h
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/objects/objects.pl
*
* Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
Expand Down Expand Up @@ -5290,14 +5290,6 @@
#define LN_chacha20 "chacha20"
#define NID_chacha20 1019

#define SN_null_hmac_sha256 "NULL-HMAC-SHA256"
#define LN_null_hmac_sha256 "null-hmac-sha256"
#define NID_null_hmac_sha256 1320

#define SN_null_hmac_sha384 "NULL-HMAC-SHA384"
#define LN_null_hmac_sha384 "null-hmac-sha384"
#define NID_null_hmac_sha384 1321

#define SN_dhpublicnumber "dhpublicnumber"
#define LN_dhpublicnumber "X9.42 DH"
#define NID_dhpublicnumber 920
Expand Down
4 changes: 0 additions & 4 deletions providers/defltprov.c
Original file line number Diff line number Diff line change
Expand Up @@ -313,10 +313,6 @@ static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = {
ALG(PROV_NAMES_ChaCha20_Poly1305, ossl_chacha20_ossl_poly1305_functions),
# endif /* OPENSSL_NO_POLY1305 */
#endif /* OPENSSL_NO_CHACHA */
#ifndef OPENSSL_NO_TLS1_3_INTEGRITY_ONLY_CIPHERS
ALG(PROV_NAMES_NULL_HMAC_SHA256, ossl_null_hmac_sha256_functions),
ALG(PROV_NAMES_NULL_HMAC_SHA384, ossl_null_hmac_sha384_functions),
#endif
{ { NULL, NULL, NULL }, NULL }
};
static OSSL_ALGORITHM exported_ciphers[OSSL_NELEM(deflt_ciphers)];
Expand Down
6 changes: 0 additions & 6 deletions providers/implementations/ciphers/build.info
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ $CHACHA_GOAL=../../libdefault.a
$CHACHAPOLY_GOAL=../../libdefault.a
$SIV_GOAL=../../libdefault.a
$SIV_GCM_GOAL=../../libdefault.a
$NULL_HMAC_GOAL=../../libdefault.a

IF[{- !$disabled{asm} -}]
$GHASHDEF_x86=GHASH_ASM
Expand Down Expand Up @@ -193,8 +192,3 @@ IF[{- !$disabled{chacha} -}]
cipher_chacha20_poly1305.c cipher_chacha20_poly1305_hw.c
ENDIF
ENDIF

IF[{- !$disabled{tls1_3-integrity-only_ciphers} -}]
SOURCE[$NULL_HMAC_GOAL]=\
cipher_null_hmac.c cipher_null_hmac_hw.c
ENDIF
2 changes: 1 addition & 1 deletion providers/implementations/ciphers/cipher_null.c
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ static int null_cipher(void *vctx, unsigned char *out, size_t *outl,
}
if (outsize < inl)
return 0;
if (in != NULL && out != NULL && in != out)
if (out != NULL && in != out)
memcpy(out, in, inl);
*outl = inl;
return 1;
Expand Down
Loading

0 comments on commit 099cff0

Please sign in to comment.