From: tb Date: Tue, 25 Apr 2023 17:54:10 +0000 (+0000) Subject: Remove CTS mode X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=bb62b8f92169830c524fc189dd5b02a92ea15288;p=openbsd Remove CTS mode ok jsing --- diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index a993755d24e..057eb9cc541 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.111 2023/04/25 17:42:07 tb Exp $ +# $OpenBSD: Makefile,v 1.112 2023/04/25 17:54:10 tb Exp $ LIB= crypto LIBREBUILD=y @@ -513,7 +513,6 @@ SRCS+= cbc128.c SRCS+= ccm128.c SRCS+= cfb128.c SRCS+= ctr128.c -#SRCS+= cts128.c SRCS+= gcm128.c SRCS+= ofb128.c SRCS+= xts128.c diff --git a/lib/libcrypto/modes/cts128.c b/lib/libcrypto/modes/cts128.c deleted file mode 100644 index ec81dd24334..00000000000 --- a/lib/libcrypto/modes/cts128.c +++ /dev/null @@ -1,267 +0,0 @@ -/* $OpenBSD: cts128.c,v 1.6 2022/11/26 16:08:53 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Rights for redistribution and usage in source and binary - * forms are granted according to the OpenSSL license. - */ - -#include -#include "modes_local.h" -#include - -#ifndef MODES_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -/* - * Trouble with Ciphertext Stealing, CTS, mode is that there is no - * common official specification, but couple of cipher/application - * specific ones: RFC2040 and RFC3962. Then there is 'Proposal to - * Extend CBC Mode By "Ciphertext Stealing"' at NIST site, which - * deviates from mentioned RFCs. Most notably it allows input to be - * of block length and it doesn't flip the order of the last two - * blocks. CTS is being discussed even in ECB context, but it's not - * adopted for any known application. This implementation provides - * two interfaces: one compliant with above mentioned RFCs and one - * compliant with the NIST proposal, both extending CBC mode. - */ - -size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out, - size_t len, const void *key, - unsigned char ivec[16], block128_f block) -{ size_t residue, n; - - if (len <= 16) return 0; - - if ((residue=len%16) == 0) residue = 16; - - len -= residue; - - CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block); - - in += len; - out += len; - - for (n=0; n