On Fri, Oct 22, 2004, Paolo Serra wrote:
> Hi all,
> I'near to integrate my AES-CCM in openssl, but I need a little help. I've
> created my file AES_CCM_encrypt (I'm sure it's ok), I saved it in
> crypto/aes and
> added the prototipe in crypto/aes/aes.h
>
> Then I modified the following files:
>
> file crypto/objects/objects.txt
> modified line 660
> !Alias nistAlgorithms csor 8 (it was 4)
Don't do that: you break the OIDs for the existing algorithms.
> added this line
> aes 81 : AES-128-CCM : aes-128-ccm
> (
> automatically openssl modified files obj_mac.h, obj_dat.h and object_mac.num
> ...now obj_mac.h now has this lines
> #define SN_aes_128_ccm "AES-128-CCM"
> #define LN_aes_128_ccm "aes-128-ccm"
> #define NID_aes_128_ccm 650
> #define OBJ_aes_128_ccm OBJ_aes,81L
> ... and similar modifies for obj_dat.h and object_mac.num)
>
> File /crypto/evp/e_aes.c
> added these lines
> IMPLEMENT_BLOCK_CIPHER_CCM(aes_128, ks, AES, EVP_AES_KEY,
> NID_aes_128, 16, 16, 16, 128,
> 0, aes_init_key, NULL,
> EVP_CIPHER_set_asn1_iv,
> EVP_CIPHER_get_asn1_iv,
> NULL)
>
> File /crypto/evp/evp_locl.h
> added these lines
> #define IMPLEMENT_BLOCK_CIPHER_CCM(cname, ksched, cprefix, kstruct, nid, \
> block_size, key_len, iv_len, cbits, flags,
> init_key, cleanup,
> set_asn1, get_asn1, ctrl) \
> static int cname##_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char
> *out, const
> unsigned char *in, unsigned int inl) \
> {\
> cprefix##_CCM_encrypt(in, out, (unsigned long)inl,
> ctx->iv,&((kstruct
> *)ctx->cipher_data)->ksched, ctx->encrypt);\
> return 1;\
> }\
> BLOCK_CIPHER_def1(cname, ccm, ccm, CCM, kstruct, nid, block_size,
> key_len, \
> iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
>
> File /crypto/evp/evp.h
> added this line
> const EVP_CIPHER *EVP_aes_128_ccm(void);
>
A note about the macros. The intention when I added these to OpenSSL
originally was to make it easier to maintain the internal algorithms. After
spending a few minutes changing one minor part of the structure and then the
rest of the afternoon modifying every single cipher definition I decided to
gather together all the common parts into some macros. This makes it much
easier to make minor changes: the macros only need changing and all the
definitions will pick them up.
However for custom or single ciphers there isn't much to gain from writing
your own macros. It would be much better if you wrote out the full structure
definitions.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
