ciphercommon.c@ 100947

Last change on this file since 100947 was 99366, checked in by vboxsync, 22 months ago
openssl-3.1.0: Applied and adjusted our OpenSSL changes to 3.0.7. bugref:10418
File size: 21.7 KB

Line
1	/*
2	* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	/*
11	* Generic dispatch table functions for ciphers.
12	*/
13
14	/* For SSL3_VERSION */
15	#include <openssl/prov_ssl.h>
16	#include <openssl/proverr.h>
17	#include "ciphercommon_local.h"
18	#include "prov/provider_ctx.h"
19	#include "prov/providercommon.h"
20
21	/*-
22	* Generic cipher functions for OSSL_PARAM gettables and settables
23	*/
24	static const OSSL_PARAM cipher_known_gettable_params[] = {
25	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL),
26	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
27	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
28	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL),
29	OSSL_PARAM_int(OSSL_CIPHER_PARAM_AEAD, NULL),
30	OSSL_PARAM_int(OSSL_CIPHER_PARAM_CUSTOM_IV, NULL),
31	OSSL_PARAM_int(OSSL_CIPHER_PARAM_CTS, NULL),
32	OSSL_PARAM_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK, NULL),
33	OSSL_PARAM_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY, NULL),
34	OSSL_PARAM_END
35	};
36	const OSSL_PARAM ossl_cipher_generic_gettable_params(ossl_unused void provctx)
37	{
38	return cipher_known_gettable_params;
39	}
40
41	int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md,
42	uint64_t flags,
43	size_t kbits, size_t blkbits, size_t ivbits)
44	{
45	OSSL_PARAM *p;
46
47	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE);
48	if (p != NULL && !OSSL_PARAM_set_uint(p, md)) {
49	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
50	return 0;
51	}
52	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD);
53	if (p != NULL
54	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_AEAD) != 0)) {
55	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
56	return 0;
57	}
58	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CUSTOM_IV);
59	if (p != NULL
60	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CUSTOM_IV) != 0)) {
61	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
62	return 0;
63	}
64	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CTS);
65	if (p != NULL
66	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CTS) != 0)) {
67	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
68	return 0;
69	}
70	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK);
71	if (p != NULL
72	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_TLS1_MULTIBLOCK) != 0)) {
73	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
74	return 0;
75	}
76	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_HAS_RAND_KEY);
77	if (p != NULL
78	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_RAND_KEY) != 0)) {
79	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
80	return 0;
81	}
82	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
83	if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) {
84	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
85	return 0;
86	}
87	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE);
88	if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) {
89	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
90	return 0;
91	}
92	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
93	if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) {
94	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
95	return 0;
96	}
97	return 1;
98	}
99
100	CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic)
101	{ OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED },
102	CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic)
103
104	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic)
105	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL),
106	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL),
107	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL),
108	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic)
109
110	/*
111	* Variable key length cipher functions for OSSL_PARAM settables
112	*/
113	int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[])
114	{
115	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
116	const OSSL_PARAM *p;
117
118	if (params == NULL)
119	return 1;
120
121	if (!ossl_cipher_generic_set_ctx_params(vctx, params))
122	return 0;
123	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
124	if (p != NULL) {
125	size_t keylen;
126
127	if (!OSSL_PARAM_get_size_t(p, &keylen)) {
128	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
129	return 0;
130	}
131	ctx->keylen = keylen;
132	}
133	return 1;
134	}
135
136	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen)
137	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
138	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen)
139
140	/*-
141	* AEAD cipher functions for OSSL_PARAM gettables and settables
142	*/
143	static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
144	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
145	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
146	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL),
147	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
148	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0),
149	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
150	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
151	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0),
152	OSSL_PARAM_END
153	};
154	const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params(
155	ossl_unused void cctx, ossl_unused void provctx
156	)
157	{
158	return cipher_aead_known_gettable_ctx_params;
159	}
160
161	static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = {
162	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL),
163	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
164	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
165	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0),
166	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0),
167	OSSL_PARAM_END
168	};
169	const OSSL_PARAM *ossl_cipher_aead_settable_ctx_params(
170	ossl_unused void cctx, ossl_unused void provctx
171	)
172	{
173	return cipher_aead_known_settable_ctx_params;
174	}
175
176	void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx)
177	{
178	if (ctx != NULL && ctx->alloced) {
179	OPENSSL_free(ctx->tlsmac);
180	ctx->alloced = 0;
181	ctx->tlsmac = NULL;
182	}
183	}
184
185	static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx,
186	const unsigned char *key, size_t keylen,
187	const unsigned char *iv, size_t ivlen,
188	const OSSL_PARAM params[], int enc)
189	{
190	ctx->num = 0;
191	ctx->bufsz = 0;
192	ctx->updated = 0;
193	ctx->enc = enc ? 1 : 0;
194
195	if (!ossl_prov_is_running())
196	return 0;
197
198	if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) {
199	if (!ossl_cipher_generic_initiv(ctx, iv, ivlen))
200	return 0;
201	}
202	if (iv == NULL && ctx->iv_set
203	&& (ctx->mode == EVP_CIPH_CBC_MODE
204	\|\| ctx->mode == EVP_CIPH_CFB_MODE
205	\|\| ctx->mode == EVP_CIPH_OFB_MODE))
206	/* reset IV for these modes to keep compatibility with 1.1.1 */
207	memcpy(ctx->iv, ctx->oiv, ctx->ivlen);
208
209	if (key != NULL) {
210	if (ctx->variable_keylength == 0) {
211	if (keylen != ctx->keylen) {
212	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
213	return 0;
214	}
215	} else {
216	ctx->keylen = keylen;
217	}
218	if (!ctx->hw->init(ctx, key, ctx->keylen))
219	return 0;
220	}
221	return ossl_cipher_generic_set_ctx_params(ctx, params);
222	}
223
224	int ossl_cipher_generic_einit(void vctx, const unsigned char key,
225	size_t keylen, const unsigned char *iv,
226	size_t ivlen, const OSSL_PARAM params[])
227	{
228	return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen,
229	iv, ivlen, params, 1);
230	}
231
232	int ossl_cipher_generic_dinit(void vctx, const unsigned char key,
233	size_t keylen, const unsigned char *iv,
234	size_t ivlen, const OSSL_PARAM params[])
235	{
236	return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen,
237	iv, ivlen, params, 0);
238	}
239
240	/* Max padding including padding length byte */
241	#define MAX_PADDING 256
242
243	int ossl_cipher_generic_block_update(void vctx, unsigned char out,
244	size_t *outl, size_t outsize,
245	const unsigned char *in, size_t inl)
246	{
247	size_t outlint = 0;
248	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
249	size_t blksz = ctx->blocksize;
250	size_t nextblocks;
251
252	if (ctx->tlsversion > 0) {
253	/*
254	* Each update call corresponds to a TLS record and is individually
255	* padded
256	*/
257
258	/* Sanity check inputs */
259	if (in == NULL
260	\|\| in != out
261	\|\| outsize < inl
262	\|\| !ctx->pad) {
263	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
264	return 0;
265	}
266
267	if (ctx->enc) {
268	unsigned char padval;
269	size_t padnum, loop;
270
271	/* Add padding */
272
273	padnum = blksz - (inl % blksz);
274
275	if (outsize < inl + padnum) {
276	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
277	return 0;
278	}
279
280	if (padnum > MAX_PADDING) {
281	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
282	return 0;
283	}
284	padval = (unsigned char)(padnum - 1);
285	if (ctx->tlsversion == SSL3_VERSION) {
286	if (padnum > 1)
287	memset(out + inl, 0, padnum - 1);
288	*(out + inl + padnum - 1) = padval;
289	} else {
290	/* we need to add 'padnum' padding bytes of value padval */
291	for (loop = inl; loop < inl + padnum; loop++)
292	out[loop] = padval;
293	}
294	inl += padnum;
295	}
296
297	if ((inl % blksz) != 0) {
298	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
299	return 0;
300	}
301
302
303	/* Shouldn't normally fail */
304	if (!ctx->hw->cipher(ctx, out, in, inl)) {
305	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
306	return 0;
307	}
308
309	if (ctx->alloced) {
310	OPENSSL_free(ctx->tlsmac);
311	ctx->alloced = 0;
312	ctx->tlsmac = NULL;
313	}
314
315	/* This only fails if padding is publicly invalid */
316	*outl = inl;
317	if (!ctx->enc
318	&& !ossl_cipher_tlsunpadblock(ctx->libctx, ctx->tlsversion,
319	out, outl,
320	blksz, &ctx->tlsmac, &ctx->alloced,
321	ctx->tlsmacsize, 0)) {
322	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
323	return 0;
324	}
325	return 1;
326	}
327
328	if (ctx->bufsz != 0)
329	nextblocks = ossl_cipher_fillblock(ctx->buf, &ctx->bufsz, blksz,
330	&in, &inl);
331	else
332	nextblocks = inl & ~(blksz-1);
333
334	/*
335	* If we're decrypting and we end an update on a block boundary we hold
336	* the last block back in case this is the last update call and the last
337	* block is padded.
338	*/
339	if (ctx->bufsz == blksz && (ctx->enc \|\| inl > 0 \|\| !ctx->pad)) {
340	if (outsize < blksz) {
341	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
342	return 0;
343	}
344	if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
345	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
346	return 0;
347	}
348	ctx->bufsz = 0;
349	outlint = blksz;
350	out += blksz;
351	}
352	if (nextblocks > 0) {
353	if (!ctx->enc && ctx->pad && nextblocks == inl) {
354	if (!ossl_assert(inl >= blksz)) {
355	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
356	return 0;
357	}
358	nextblocks -= blksz;
359	}
360	outlint += nextblocks;
361	if (outsize < outlint) {
362	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
363	return 0;
364	}
365	}
366	if (nextblocks > 0) {
367	if (!ctx->hw->cipher(ctx, out, in, nextblocks)) {
368	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
369	return 0;
370	}
371	in += nextblocks;
372	inl -= nextblocks;
373	}
374	if (inl != 0
375	&& !ossl_cipher_trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) {
376	/* ERR_raise already called */
377	return 0;
378	}
379
380	*outl = outlint;
381	return inl == 0;
382	}
383
384	int ossl_cipher_generic_block_final(void vctx, unsigned char out,
385	size_t *outl, size_t outsize)
386	{
387	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
388	size_t blksz = ctx->blocksize;
389
390	if (!ossl_prov_is_running())
391	return 0;
392
393	if (ctx->tlsversion > 0) {
394	/* We never finalize TLS, so this is an error */
395	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
396	return 0;
397	}
398
399	if (ctx->enc) {
400	if (ctx->pad) {
401	ossl_cipher_padblock(ctx->buf, &ctx->bufsz, blksz);
402	} else if (ctx->bufsz == 0) {
403	*outl = 0;
404	return 1;
405	} else if (ctx->bufsz != blksz) {
406	ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
407	return 0;
408	}
409
410	if (outsize < blksz) {
411	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
412	return 0;
413	}
414	if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
415	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
416	return 0;
417	}
418	ctx->bufsz = 0;
419	*outl = blksz;
420	return 1;
421	}
422
423	/* Decrypting */
424	if (ctx->bufsz != blksz) {
425	if (ctx->bufsz == 0 && !ctx->pad) {
426	*outl = 0;
427	return 1;
428	}
429	ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
430	return 0;
431	}
432
433	if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) {
434	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
435	return 0;
436	}
437
438	if (ctx->pad && !ossl_cipher_unpadblock(ctx->buf, &ctx->bufsz, blksz)) {
439	/* ERR_raise already called */
440	return 0;
441	}
442
443	if (outsize < ctx->bufsz) {
444	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
445	return 0;
446	}
447	memcpy(out, ctx->buf, ctx->bufsz);
448	*outl = ctx->bufsz;
449	ctx->bufsz = 0;
450	return 1;
451	}
452
453	int ossl_cipher_generic_stream_update(void vctx, unsigned char out,
454	size_t *outl, size_t outsize,
455	const unsigned char *in, size_t inl)
456	{
457	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
458
459	if (inl == 0) {
460	*outl = 0;
461	return 1;
462	}
463
464	if (outsize < inl) {
465	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
466	return 0;
467	}
468
469	if (!ctx->hw->cipher(ctx, out, in, inl)) {
470	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
471	return 0;
472	}
473
474	*outl = inl;
475	if (!ctx->enc && ctx->tlsversion > 0) {
476	/*
477	* Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and
478	* cipher_aes_cbc_hmac_sha256_hw.c
479	*/
480	if (ctx->removetlspad) {
481	/*
482	* We should have already failed in the cipher() call above if this
483	* isn't true.
484	*/
485	if (!ossl_assert(*outl >= (size_t)(out[inl - 1] + 1)))
486	return 0;
487	/* The actual padding length */
488	*outl -= out[inl - 1] + 1;
489	}
490
491	/* TLS MAC and explicit IV if relevant. We should have already failed
492	* in the cipher() call above if *outl is too short.
493	*/
494	if (!ossl_assert(*outl >= ctx->removetlsfixed))
495	return 0;
496	*outl -= ctx->removetlsfixed;
497
498	/* Extract the MAC if there is one */
499	if (ctx->tlsmacsize > 0) {
500	if (*outl < ctx->tlsmacsize)
501	return 0;
502
503	ctx->tlsmac = out + *outl - ctx->tlsmacsize;
504	*outl -= ctx->tlsmacsize;
505	}
506	}
507
508	return 1;
509	}
510	int ossl_cipher_generic_stream_final(void vctx, unsigned char out,
511	size_t *outl, size_t outsize)
512	{
513	if (!ossl_prov_is_running())
514	return 0;
515
516	*outl = 0;
517	return 1;
518	}
519
520	int ossl_cipher_generic_cipher(void vctx, unsigned char out, size_t *outl,
521	size_t outsize, const unsigned char *in,
522	size_t inl)
523	{
524	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
525
526	if (!ossl_prov_is_running())
527	return 0;
528
529	if (outsize < inl) {
530	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
531	return 0;
532	}
533
534	if (!ctx->hw->cipher(ctx, out, in, inl)) {
535	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
536	return 0;
537	}
538
539	*outl = inl;
540	return 1;
541	}
542
543	int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
544	{
545	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
546	OSSL_PARAM *p;
547
548	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
549	if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) {
550	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
551	return 0;
552	}
553	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
554	if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) {
555	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
556	return 0;
557	}
558	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
559	if (p != NULL
560	&& !OSSL_PARAM_set_octet_ptr(p, &ctx->oiv, ctx->ivlen)
561	&& !OSSL_PARAM_set_octet_string(p, &ctx->oiv, ctx->ivlen)) {
562	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
563	return 0;
564	}
565	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV);
566	if (p != NULL
567	&& !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen)
568	&& !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) {
569	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
570	return 0;
571	}
572	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM);
573	if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) {
574	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
575	return 0;
576	}
577	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
578	if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
579	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
580	return 0;
581	}
582	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS_MAC);
583	if (p != NULL
584	&& !OSSL_PARAM_set_octet_ptr(p, ctx->tlsmac, ctx->tlsmacsize)) {
585	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
586	return 0;
587	}
588	return 1;
589	}
590
591	int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
592	{
593	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
594	const OSSL_PARAM *p;
595
596	if (params == NULL)
597	return 1;
598
599	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING);
600	if (p != NULL) {
601	unsigned int pad;
602
603	if (!OSSL_PARAM_get_uint(p, &pad)) {
604	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
605	return 0;
606	}
607	ctx->pad = pad ? 1 : 0;
608	}
609	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_USE_BITS);
610	if (p != NULL) {
611	unsigned int bits;
612
613	if (!OSSL_PARAM_get_uint(p, &bits)) {
614	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
615	return 0;
616	}
617	ctx->use_bits = bits ? 1 : 0;
618	}
619	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION);
620	if (p != NULL) {
621	if (!OSSL_PARAM_get_uint(p, &ctx->tlsversion)) {
622	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
623	return 0;
624	}
625	}
626	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_MAC_SIZE);
627	if (p != NULL) {
628	if (!OSSL_PARAM_get_size_t(p, &ctx->tlsmacsize)) {
629	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
630	return 0;
631	}
632	}
633	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM);
634	if (p != NULL) {
635	unsigned int num;
636
637	if (!OSSL_PARAM_get_uint(p, &num)) {
638	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
639	return 0;
640	}
641	ctx->num = num;
642	}
643	return 1;
644	}
645
646	int ossl_cipher_generic_initiv(PROV_CIPHER_CTX ctx, const unsigned char iv,
647	size_t ivlen)
648	{
649	if (ivlen != ctx->ivlen
650	\|\| ivlen > sizeof(ctx->iv)) {
651	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
652	return 0;
653	}
654	ctx->iv_set = 1;
655	memcpy(ctx->iv, iv, ivlen);
656	memcpy(ctx->oiv, iv, ivlen);
657	return 1;
658	}
659
660	void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
661	size_t ivbits, unsigned int mode,
662	uint64_t flags, const PROV_CIPHER_HW *hw,
663	void *provctx)
664	{
665	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
666
667	if ((flags & PROV_CIPHER_FLAG_INVERSE_CIPHER) != 0)
668	ctx->inverse_cipher = 1;
669	if ((flags & PROV_CIPHER_FLAG_VARIABLE_LENGTH) != 0)
670	ctx->variable_keylength = 1;
671
672	ctx->pad = 1;
673	ctx->keylen = ((kbits) / 8);
674	ctx->ivlen = ((ivbits) / 8);
675	ctx->hw = hw;
676	ctx->mode = mode;
677	ctx->blocksize = blkbits / 8;
678	if (provctx != NULL)
679	ctx->libctx = PROV_LIBCTX_OF(provctx); /* used for rand */
680	}

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.1.0/providers/implementations/ciphers/ciphercommon.c@ 100947

Download in other formats: