1392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* ==================================================================== 2392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * Copyright (c) 2011 The OpenSSL Project. All rights reserved. 3392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 4392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * Redistribution and use in source and binary forms, with or without 5392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * modification, are permitted provided that the following conditions 6392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * are met: 7392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 8392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 1. Redistributions of source code must retain the above copyright 9392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * notice, this list of conditions and the following disclaimer. 10392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 11392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 2. Redistributions in binary form must reproduce the above copyright 12392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * notice, this list of conditions and the following disclaimer in 13392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * the documentation and/or other materials provided with the 14392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * distribution. 15392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 16392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 3. All advertising materials mentioning features or use of this 17392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * software must display the following acknowledgment: 18392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * "This product includes software developed by the OpenSSL Project 19392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 20392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 21392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 22392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * endorse or promote products derived from this software without 23392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * prior written permission. For written permission, please contact 24392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * licensing@OpenSSL.org. 25392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 26392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 5. Products derived from this software may not be called "OpenSSL" 27392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * nor may "OpenSSL" appear in their names without prior written 28392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * permission of the OpenSSL Project. 29392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 30392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 6. Redistributions of any form whatsoever must retain the following 31392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * acknowledgment: 32392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * "This product includes software developed by the OpenSSL Project 33392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 34392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 35392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 36392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 37392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 38392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 39392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 40392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 41392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 42392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 43392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 44392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 45392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 46392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * OF THE POSSIBILITY OF SUCH DAMAGE. 47392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * ==================================================================== 48392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom */ 49392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 50392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/opensslconf.h> 51392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 52392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <stdio.h> 53392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <string.h> 54392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 55392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1) 56392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 57392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/evp.h> 58392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/objects.h> 59392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/aes.h> 60392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/sha.h> 61392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include "evp_locl.h" 62392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 63392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef EVP_CIPH_FLAG_AEAD_CIPHER 64392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000 65392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define EVP_CTRL_AEAD_TLS1_AAD 0x16 66392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 67392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 68392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 69392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1) 70392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define EVP_CIPH_FLAG_DEFAULT_ASN1 0 71392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 72392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 73392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define TLS1_1_VERSION 0x0302 74392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 75392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromtypedef struct 76392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 77392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom AES_KEY ks; 78392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA_CTX head,tail,md; 79392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom size_t payload_length; /* AAD length in decrypt case */ 80392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom union { 81392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned int tls_ver; 82392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char tls_aad[16]; /* 13 used */ 83392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } aux; 84392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } EVP_AES_HMAC_SHA1; 85392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 86a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom#define NO_PAYLOAD_LENGTH ((size_t)-1) 87a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom 88392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#if defined(AES_ASM) && ( \ 89392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom defined(__x86_64) || defined(__x86_64__) || \ 90392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom defined(_M_AMD64) || defined(_M_X64) || \ 91392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom defined(__INTEL__) ) 92392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 93392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromextern unsigned int OPENSSL_ia32cap_P[2]; 94392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define AESNI_CAPABLE (1<<(57-32)) 95392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 96392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint aesni_set_encrypt_key(const unsigned char *userKey, int bits, 97392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom AES_KEY *key); 98392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint aesni_set_decrypt_key(const unsigned char *userKey, int bits, 99392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom AES_KEY *key); 100392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 101392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromvoid aesni_cbc_encrypt(const unsigned char *in, 102392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char *out, 103392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom size_t length, 104392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const AES_KEY *key, 105392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char *ivec, int enc); 106392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 107392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromvoid aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks, 108392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const AES_KEY *key, unsigned char iv[16], 109392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA_CTX *ctx,const void *in0); 110392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 111392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data) 112392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 113392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, 114392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const unsigned char *inkey, 115392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const unsigned char *iv, int enc) 116392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 117392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_AES_HMAC_SHA1 *key = data(ctx); 118392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int ret; 119392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 120392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (enc) 121392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret=aesni_set_encrypt_key(inkey,ctx->key_len*8,&key->ks); 122392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 123392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret=aesni_set_decrypt_key(inkey,ctx->key_len*8,&key->ks); 124392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 125392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Init(&key->head); /* handy when benchmarking */ 126392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->tail = key->head; 127392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md = key->head; 128392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 129a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom key->payload_length = NO_PAYLOAD_LENGTH; 130392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 131392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return ret<0?0:1; 132392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 133392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 134392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define STITCHED_CALL 135392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 136392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#if !defined(STITCHED_CALL) 137392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define aes_off 0 138392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 139392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 140392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromvoid sha1_block_data_order (void *c,const void *p,size_t len); 141392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 142392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic void sha1_update(SHA_CTX *c,const void *data,size_t len) 143392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom{ const unsigned char *ptr = data; 144392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom size_t res; 145392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 146392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((res = c->num)) { 147392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom res = SHA_CBLOCK-res; 148392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (len<res) res=len; 149392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update (c,ptr,res); 150392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ptr += res; 151392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len -= res; 152392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 153392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 154392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom res = len % SHA_CBLOCK; 155392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len -= res; 156392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 157392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (len) { 158392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sha1_block_data_order(c,ptr,len/SHA_CBLOCK); 159392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 160392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ptr += len; 161392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom c->Nh += len>>29; 162392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom c->Nl += len<<=3; 163392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (c->Nl<(unsigned int)len) c->Nh++; 164392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 165392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 166392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (res) 167392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(c,ptr,res); 168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom} 169392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 170392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define SHA1_Update sha1_update 171392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 172392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 173392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const unsigned char *in, size_t len) 174392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 175392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_AES_HMAC_SHA1 *key = data(ctx); 176392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned int l; 177392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom size_t plen = key->payload_length, 178392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom iv = 0, /* explicit IV in TLS 1.1 and later */ 179392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sha_off = 0; 180392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#if defined(STITCHED_CALL) 181392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom size_t aes_off = 0, 182392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom blocks; 183392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 184392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sha_off = SHA_CBLOCK-key->md.num; 185392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 186392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 187392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (len%AES_BLOCK_SIZE) return 0; 188392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 189392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->encrypt) { 190a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom if (plen==NO_PAYLOAD_LENGTH) 191392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom plen = len; 192392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (len!=((plen+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE)) 193392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 194392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (key->aux.tls_ver >= TLS1_1_VERSION) 195392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom iv = AES_BLOCK_SIZE; 196392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 197392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#if defined(STITCHED_CALL) 198392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (plen>(sha_off+iv) && (blocks=(plen-(sha_off+iv))/SHA_CBLOCK)) { 199392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,in+iv,sha_off); 200392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 201392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_sha1_enc(in,out,blocks,&key->ks, 202392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ctx->iv,&key->md,in+iv+sha_off); 203392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom blocks *= SHA_CBLOCK; 204392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aes_off += blocks; 205392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sha_off += blocks; 206392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md.Nh += blocks>>29; 207392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md.Nl += blocks<<=3; 208392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (key->md.Nl<(unsigned int)blocks) key->md.Nh++; 209392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } else { 210392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sha_off = 0; 211392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 212392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 213392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sha_off += iv; 214392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,in+sha_off,plen-sha_off); 215392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 216392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (plen!=len) { /* "TLS" mode of operation */ 217392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (in!=out) 218392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom memcpy(out+aes_off,in+aes_off,plen-aes_off); 219392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 220392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* calculate HMAC and append it to payload */ 221392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Final(out+plen,&key->md); 222392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md = key->tail; 223392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,out+plen,SHA_DIGEST_LENGTH); 224392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Final(out+plen,&key->md); 225392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 226392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* pad the payload|hmac */ 227392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom plen += SHA_DIGEST_LENGTH; 228392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (l=len-plen-1;plen<len;plen++) out[plen]=l; 229392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* encrypt HMAC|padding at once */ 230392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_encrypt(out+aes_off,out+aes_off,len-aes_off, 231392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom &key->ks,ctx->iv,1); 232392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } else { 233392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_encrypt(in+aes_off,out+aes_off,len-aes_off, 234392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom &key->ks,ctx->iv,1); 235392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 236392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } else { 237392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char mac[SHA_DIGEST_LENGTH]; 238392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 239392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* decrypt HMAC|padding at once */ 240392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_encrypt(in,out,len, 241392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom &key->ks,ctx->iv,0); 242392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 243392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (plen) { /* "TLS" mode of operation */ 244392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* figure out payload length */ 245392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (len<(size_t)(out[len-1]+1+SHA_DIGEST_LENGTH)) 246392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 247392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 248392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len -= (out[len-1]+1+SHA_DIGEST_LENGTH); 249392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 250392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((key->aux.tls_aad[plen-4]<<8|key->aux.tls_aad[plen-3]) 251392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom >= TLS1_1_VERSION) { 252392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len -= AES_BLOCK_SIZE; 253392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom iv = AES_BLOCK_SIZE; 254392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 255392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 256392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->aux.tls_aad[plen-2] = len>>8; 257392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->aux.tls_aad[plen-1] = len; 258392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 259392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* calculate HMAC and verify it */ 260392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md = key->head; 261392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,key->aux.tls_aad,plen); 262392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,out+iv,len); 263392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Final(mac,&key->md); 264392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 265392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md = key->tail; 266392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,mac,SHA_DIGEST_LENGTH); 267392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Final(mac,&key->md); 268392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 269392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (memcmp(out+iv+len,mac,SHA_DIGEST_LENGTH)) 270392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 271392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } else { 272392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,out,len); 273392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 274392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 275392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 276a1a5710c055e139ea00e785f9eb55b3af3e4dab1Brian Carlstrom key->payload_length = NO_PAYLOAD_LENGTH; 277392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 278392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 279392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 280392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 281392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) 282392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 283392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_AES_HMAC_SHA1 *key = data(ctx); 284392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 285392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom switch (type) 286392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 287392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom case EVP_CTRL_AEAD_SET_MAC_KEY: 288392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 289392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned int i; 290392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char hmac_key[64]; 291392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 292392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom memset (hmac_key,0,sizeof(hmac_key)); 293392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 294392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (arg > (int)sizeof(hmac_key)) { 295392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Init(&key->head); 296392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->head,ptr,arg); 297392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Final(hmac_key,&key->head); 298392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } else { 299392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom memcpy(hmac_key,ptr,arg); 300392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 301392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 302392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i=0;i<sizeof(hmac_key);i++) 303392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom hmac_key[i] ^= 0x36; /* ipad */ 304392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Init(&key->head); 305392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->head,hmac_key,sizeof(hmac_key)); 306392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 307392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i=0;i<sizeof(hmac_key);i++) 308392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom hmac_key[i] ^= 0x36^0x5c; /* opad */ 309392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Init(&key->tail); 310392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->tail,hmac_key,sizeof(hmac_key)); 311392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 312392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 313392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 314392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom case EVP_CTRL_AEAD_TLS1_AAD: 315392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 316392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned char *p=ptr; 317392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom unsigned int len=p[arg-2]<<8|p[arg-1]; 318392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 319392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ctx->encrypt) 320392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 321392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->payload_length = len; 322392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((key->aux.tls_ver=p[arg-4]<<8|p[arg-3]) >= TLS1_1_VERSION) { 323392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len -= AES_BLOCK_SIZE; 324392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p[arg-2] = len>>8; 325392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom p[arg-1] = len; 326392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 327392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->md = key->head; 328392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom SHA1_Update(&key->md,p,arg); 329392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 330392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return (int)(((len+SHA_DIGEST_LENGTH+AES_BLOCK_SIZE)&-AES_BLOCK_SIZE) 331392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom - len); 332392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 333392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 334392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 335392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (arg>13) arg = 13; 336392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom memcpy(key->aux.tls_aad,ptr,arg); 337392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom key->payload_length = arg; 338392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 339392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return SHA_DIGEST_LENGTH; 340392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 341392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 342392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom default: 343392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return -1; 344392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 345392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 346392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 347392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = 348392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 349392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef NID_aes_128_cbc_hmac_sha1 350392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NID_aes_128_cbc_hmac_sha1, 351392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#else 352392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NID_undef, 353392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 354392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 16,16,16, 355392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPH_CBC_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1|EVP_CIPH_FLAG_AEAD_CIPHER, 356392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_hmac_sha1_init_key, 357392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_hmac_sha1_cipher, 358392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL, 359392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sizeof(EVP_AES_HMAC_SHA1), 360392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv, 361392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_get_asn1_iv, 362392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_hmac_sha1_ctrl, 363392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL 364392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom }; 365392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 366392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = 367392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 368392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef NID_aes_256_cbc_hmac_sha1 369392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NID_aes_256_cbc_hmac_sha1, 370392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#else 371392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NID_undef, 372392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 373392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 16,32,16, 374392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPH_CBC_MODE|EVP_CIPH_FLAG_DEFAULT_ASN1|EVP_CIPH_FLAG_AEAD_CIPHER, 375392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_hmac_sha1_init_key, 376392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_hmac_sha1_cipher, 377392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL, 378392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom sizeof(EVP_AES_HMAC_SHA1), 379392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_set_asn1_iv, 380392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom EVP_CIPH_FLAG_DEFAULT_ASN1?NULL:EVP_CIPHER_get_asn1_iv, 381392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom aesni_cbc_hmac_sha1_ctrl, 382392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom NULL 383392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom }; 384392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 385392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromconst EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void) 386392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 387392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return(OPENSSL_ia32cap_P[1]&AESNI_CAPABLE? 388392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom &aesni_128_cbc_hmac_sha1_cipher:NULL); 389392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 390392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 391392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromconst EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void) 392392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 393392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return(OPENSSL_ia32cap_P[1]&AESNI_CAPABLE? 394392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom &aesni_256_cbc_hmac_sha1_cipher:NULL); 395392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 396392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#else 397392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromconst EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void) 398392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return NULL; 400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromconst EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void) 402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 403392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return NULL; 404392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 405392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 406392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 407