Go back to internal OCB implementation

After further discussion, the Mosh maintainers have decided to stick with the internal OCB implementation for this release. Restore support for using OpenSSL’s AES but internal OCB. To make this commit easy to audit, restore the code exactly, including calls to AES functions that are deprecated in OpenSSL 3; a future commit will update ocb_internal.cc to use EVP instead of directly calling the AES primitives. In anticipation of future changes, preserve support for OpenSSL’s AES-OCB, but don’t compile it in. Add --with-crypto-library=openssl-with-openssl-ocb and --with-crypto-library=openssl-with-internal-ocb options to configure so that developers can easily test Mosh using OpenSSL’s AES-OCB. These options are intended only for testing, are undocumented, and are not subject to any API stability guarantees. Rework configure to look for all possible cryptography libraries first and then dispatch on --with-crypto-library as appropriate.
2022-06-22 20:47:57 -04:00
parent 135a11a2bb
commit bacc024083
3 changed files with 70 additions and 26 deletions
@@ -4,7 +4,7 @@ AM_CXXFLAGS = $(WARNING_CXXFLAGS) $(PICKY_CXXFLAGS) $(HARDEN_CFLAGS) $(MISC_CXXF
 noinst_LIBRARIES = libmoshcrypto.a

 OCB_SRCS = ae.h
-if CRYPTO_LIBRARY_OPENSSL
+if USE_AES_OCB_FROM_OPENSSL
 OCB_SRCS += ocb_openssl.cc
 else
 OCB_SRCS += ocb_internal.cc
@@ -26,10 +26,11 @@

 #include "config.h"

-/* This module implements the ae.h interface for Apple Common Crypto and
-/  Nettle.                                                                 */
-#if !defined(USE_APPLE_COMMON_CRYPTO_AES) && !defined(USE_NETTLE_AES)
-#error ocb_internal.cc only works with Apple Common Crypto or Nettle
+/* This module implements the ae.h interface for OpenSSL, Apple Common
+/  Crypto, and Nettle.                                                     */
+#if !defined(USE_OPENSSL_AES) && !defined(USE_APPLE_COMMON_CRYPTO_AES) && \
+    !defined(USE_NETTLE_AES)
+#error ocb_internal.cc only works with OpenSSL, Apple Common Crypto, or Nettle
 #endif

 /* ----------------------------------------------------------------------- */
@@ -62,6 +63,7 @@
 #if 0
 #define USE_APPLE_COMMON_CRYPTO_AES       0
 #define USE_NETTLE_AES       0
+#define USE_OPENSSL_AES      1  /* http://openssl.org                      */
 #endif

 /* During encryption and decryption, various "L values" are required.
@@ -352,8 +354,31 @@
 /* AES - Code uses OpenSSL API. Other implementations get mapped to it.    */
 /* ----------------------------------------------------------------------- */

+/*---------------*/
+#if USE_OPENSSL_AES
+/*---------------*/
+
+#include <openssl/aes.h>                            /* http://openssl.org/ */
+
+/* How to ECB encrypt an array of blocks, in place                         */
+static inline void AES_ecb_encrypt_blks(block *blks, unsigned nblks, AES_KEY *key) {
+	while (nblks) {
+		--nblks;
+		AES_encrypt((unsigned char *)(blks+nblks), (unsigned char *)(blks+nblks), key);
+	}
+}
+
+static inline void AES_ecb_decrypt_blks(block *blks, unsigned nblks, AES_KEY *key) {
+	while (nblks) {
+		--nblks;
+		AES_decrypt((unsigned char *)(blks+nblks), (unsigned char *)(blks+nblks), key);
+	}
+}
+
+#define BPI 4  /* Number of blocks in buffer per ECB call */
+
 /*-------------------*/
-#if USE_APPLE_COMMON_CRYPTO_AES
+#elif USE_APPLE_COMMON_CRYPTO_AES
 /*-------------------*/

 #include <fatal_assert.h>
@@ -1320,3 +1345,7 @@ int main()
    return 0;
 }
 #endif
+
+#if USE_OPENSSL_AES
+char infoString[] = "OCB3 (OpenSSL)";
+#endif