diff options
| author | Matt Caswell <matt@openssl.org> | 2019-04-09 16:32:33 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2019-04-12 15:22:41 +0200 |
| commit | fd367b4ce37d8f8353deb93fd7677ca636881d81 (patch) | |
| tree | 853d01be754fb608381b4d3e4a4cc524c1fbcd87 /test/igetest.c | |
| parent | Add CMAC speed measurements (diff) | |
| download | openssl-fd367b4ce37d8f8353deb93fd7677ca636881d81.tar.xz openssl-fd367b4ce37d8f8353deb93fd7677ca636881d81.zip | |
Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt()
These undocumented functions were never integrated into the EVP layer
and implement the AES Infinite Garble Extension (IGE) mode and AES
Bi-directional IGE mode. These modes were never formally standardised
and usage of these functions is believed to be very small. In particular
AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only
one is ever used. The security implications are believed to be minimal,
but this issue was never fixed for backwards compatibility reasons.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8710)
Diffstat (limited to 'test/igetest.c')
| -rw-r--r-- | test/igetest.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/test/igetest.c b/test/igetest.c index 9cc551f48e..a4b8cfab4a 100644 --- a/test/igetest.c +++ b/test/igetest.c @@ -15,19 +15,21 @@ #include "internal/nelem.h" #include "testutil.h" -#define TEST_SIZE 128 -#define BIG_TEST_SIZE 10240 +#if !OPENSSL_API_3 -#if BIG_TEST_SIZE < TEST_SIZE -#error BIG_TEST_SIZE is smaller than TEST_SIZE -#endif +# define TEST_SIZE 128 +# define BIG_TEST_SIZE 10240 + +# if BIG_TEST_SIZE < TEST_SIZE +# error BIG_TEST_SIZE is smaller than TEST_SIZE +# endif static unsigned char rkey[16]; static unsigned char rkey2[16]; static unsigned char plaintext[BIG_TEST_SIZE]; static unsigned char saved_iv[AES_BLOCK_SIZE * 4]; -#define MAX_VECTOR_SIZE 64 +# define MAX_VECTOR_SIZE 64 struct ige_test { const unsigned char key[16]; @@ -432,9 +434,11 @@ static int test_bi_ige_garble3(void) /* Fail if there is more than 1% matching bytes */ return TEST_size_t_le(matches, sizeof(checktext) / 100); } +#endif int setup_tests(void) { +#if !OPENSSL_API_3 RAND_bytes(rkey, sizeof(rkey)); RAND_bytes(rkey2, sizeof(rkey2)); RAND_bytes(plaintext, sizeof(plaintext)); @@ -450,5 +454,6 @@ int setup_tests(void) ADD_TEST(test_bi_ige_garble3); ADD_ALL_TESTS(test_ige_vectors, OSSL_NELEM(ige_test_vectors)); ADD_ALL_TESTS(test_bi_ige_vectors, OSSL_NELEM(bi_ige_test_vectors)); +#endif return 1; } |