Add AES-192 ECB.

I tried so hard to get rid of AES-192, but it's called from too many
places. I suspect that those places don't actually use it, but it's
dangerous to assume that.

Change-Id: I6208b64a463e3539973532abd21882e0e4c55a1c

crypto/cipher/cipher_test.c

@@ -315,6 +315,8 @@ static int test_cipher(const char *cipher, const uint8_t *key, int kn,
     c = EVP_aes_128_ofb();
   } else if (strcmp(cipher, "AES-192-CBC") == 0) {
     c = EVP_aes_192_cbc();
+  } else if (strcmp(cipher, "AES-192-ECB") == 0) {
+    c = EVP_aes_192_ecb();
   } else if (strcmp(cipher, "AES-256-CBC") == 0) {
     c = EVP_aes_256_cbc();
   } else if (strcmp(cipher, "AES-128-CTR") == 0) {

crypto/cipher/e_aes.c

@@ -771,6 +771,12 @@ static const EVP_CIPHER aes_192_ctr = {
     NULL /* app_data */, aes_init_key,        aes_ctr_cipher,
     NULL /* cleanup */,  NULL /* ctrl */};
 
+static const EVP_CIPHER aes_192_ecb = {
+    NID_aes_192_ecb,     16 /* block_size */, 24 /* key_size */,
+    0 /* iv_len */,      sizeof(EVP_AES_KEY), EVP_CIPH_ECB_MODE,
+    NULL /* app_data */, aes_init_key,        aes_ecb_cipher,
+    NULL /* cleanup */,  NULL /* ctrl */};
+
 static const EVP_CIPHER aes_192_gcm = {
     NID_aes_192_gcm, 1 /* block_size */, 24 /* key_size */, 12 /* iv_len */,
     sizeof(EVP_AES_GCM_CTX),
@@ -953,6 +959,12 @@ static const EVP_CIPHER aesni_192_ctr = {
     NULL /* app_data */, aesni_init_key,      aes_ctr_cipher,
     NULL /* cleanup */,  NULL /* ctrl */};
 
+static const EVP_CIPHER aesni_192_ecb = {
+    NID_aes_192_ecb,     16 /* block_size */, 24 /* key_size */,
+    0 /* iv_len */,      sizeof(EVP_AES_KEY), EVP_CIPH_ECB_MODE,
+    NULL /* app_data */, aesni_init_key,      aesni_ecb_cipher,
+    NULL /* cleanup */,  NULL /* ctrl */};
+
 static const EVP_CIPHER aesni_192_gcm = {
     NID_aes_192_gcm, 1 /* block_size */, 24 /* key_size */, 12 /* iv_len */,
     sizeof(EVP_AES_GCM_CTX),
@@ -1026,6 +1038,7 @@ EVP_CIPHER_FUNCTION(128, gcm)
 
 EVP_CIPHER_FUNCTION(192, cbc)
 EVP_CIPHER_FUNCTION(192, ctr)
+EVP_CIPHER_FUNCTION(192, ecb)
 EVP_CIPHER_FUNCTION(192, gcm)
 
 EVP_CIPHER_FUNCTION(256, cbc)

crypto/cipher/test/cipher_test.txt

@@ -107,3 +107,12 @@ AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:0001020304050607080
 AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A
 AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0
 AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD
+
+# AES-192-ECB tests from FIPS-197
+AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1
+
+# AES-192-ECB tests from NIST document SP800-38A
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC:1
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF:1
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E:1
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E:1

include/openssl/cipher.h

@@ -93,6 +93,7 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_gcm(void);
 OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_gcm(void);
 
 /* Deprecated 192-bit version of AES. */
+OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_ecb(void);
 OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_cbc(void);
 OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_ctr(void);
 OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_gcm(void);
@@ -525,15 +526,6 @@ struct evp_cipher_st {
 };
 
 
-/* Android compatibility section.
- *
- * These functions are declared, temporarily, for Android because
- * wpa_supplicant will take a little time to sync with upstream. Outside of
- * Android they'll have no definition. */
-
-OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_ecb(void);
-
-
 #if defined(__cplusplus)
 }  /* extern C */
 #endif