2015-03-24 06:57:47 +08:00
|
|
|
/*
|
2024-03-20 20:07:54 +08:00
|
|
|
* Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
|
2015-03-24 06:57:47 +08:00
|
|
|
*
|
2018-12-06 20:12:35 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 03:38:09 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
2015-03-24 06:57:47 +08:00
|
|
|
*/
|
|
|
|
|
2021-02-07 05:36:46 +08:00
|
|
|
#ifndef OSSL_CRYPTO_EVP_H
|
|
|
|
# define OSSL_CRYPTO_EVP_H
|
|
|
|
# pragma once
|
|
|
|
|
|
|
|
# include <openssl/evp.h>
|
|
|
|
# include <openssl/core_dispatch.h>
|
|
|
|
# include "internal/refcount.h"
|
|
|
|
# include "crypto/ecx.h"
|
2016-08-27 22:01:08 +08:00
|
|
|
|
2023-08-28 10:47:51 +08:00
|
|
|
/*
|
|
|
|
* Default PKCS5 PBE KDF salt lengths
|
|
|
|
* In RFC 8018, PBE1 uses 8 bytes (64 bits) for its salt length.
|
|
|
|
* It also specifies to use at least 8 bytes for PBES2.
|
|
|
|
* The NIST requirement for PBKDF2 is 128 bits so we use this as the
|
|
|
|
* default for PBE2 (scrypt and HKDF2)
|
|
|
|
*/
|
|
|
|
# define PKCS5_DEFAULT_PBE1_SALT_LEN PKCS5_SALT_LEN
|
|
|
|
# define PKCS5_DEFAULT_PBE2_SALT_LEN 16
|
2018-09-04 17:21:10 +08:00
|
|
|
/*
|
|
|
|
* Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
|
|
|
|
* values in evp.h
|
|
|
|
*/
|
|
|
|
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
|
2023-03-10 00:45:02 +08:00
|
|
|
#define EVP_MD_CTX_FLAG_FINALISED 0x0800
|
2018-09-04 17:21:10 +08:00
|
|
|
|
2020-09-30 23:22:27 +08:00
|
|
|
#define evp_pkey_ctx_is_legacy(ctx) \
|
2021-07-19 23:17:50 +08:00
|
|
|
((ctx)->keymgmt == NULL)
|
2020-09-30 23:22:27 +08:00
|
|
|
#define evp_pkey_ctx_is_provided(ctx) \
|
|
|
|
(!evp_pkey_ctx_is_legacy(ctx))
|
|
|
|
|
2015-03-24 06:57:47 +08:00
|
|
|
struct evp_pkey_ctx_st {
|
2019-09-05 06:13:25 +08:00
|
|
|
/* Actual operation */
|
|
|
|
int operation;
|
|
|
|
|
2019-11-01 23:56:31 +08:00
|
|
|
/*
|
2020-03-17 21:37:47 +08:00
|
|
|
* Library context, property query, keytype and keymgmt associated with
|
|
|
|
* this context
|
2019-11-01 23:56:31 +08:00
|
|
|
*/
|
2020-10-15 17:55:50 +08:00
|
|
|
OSSL_LIB_CTX *libctx;
|
2020-12-02 18:54:08 +08:00
|
|
|
char *propquery;
|
2020-03-17 21:37:47 +08:00
|
|
|
const char *keytype;
|
EVP: Reverse the fetch logic in all pkey using functionality
In all initializing functions for functionality that use an EVP_PKEY, the
coded logic was to find an KEYMGMT implementation first, and then try to
find the operation method (for example, SIGNATURE implementation) in the
same provider.
This implies that in providers where there is a KEYMGMT implementation,
there must also be a SIGNATURE implementation, along with a KEYEXCH,
ASYM_CIPHER, etc implementation.
The intended design was, however, the opposite implication, i.e. that
where there is a SIGNATURE implementation, there must also be KEYMGMT.
This change reverses the logic of the code to be closer to the intended
design.
There is a consequence; we now use the query_operation_name function from
the KEYMGMT of the EVP_PKEY given by the EVP_PKEY_CTX (ultimately given by
the application). Previously, we used the query_operation_name function
from the KEYMGMT found alongside the SIGNATURE implementation.
Another minor consequence is that the |keymgmt| field in EVP_PKEY_CTX
is now always a reference to the KEYMGMT of the |pkey| field if that
one is given (|pkey| isn't NULL) and is provided (|pkey->keymgmt|
isn't NULL).
Fixes #16614
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16725)
2021-10-01 14:57:03 +08:00
|
|
|
/* If |pkey| below is set, this field is always a reference to its keymgmt */
|
2019-10-31 01:03:07 +08:00
|
|
|
EVP_KEYMGMT *keymgmt;
|
|
|
|
|
2019-09-05 06:13:25 +08:00
|
|
|
union {
|
2019-10-27 22:09:26 +08:00
|
|
|
struct {
|
|
|
|
void *genctx;
|
|
|
|
} keymgmt;
|
|
|
|
|
2019-09-05 06:13:25 +08:00
|
|
|
struct {
|
|
|
|
EVP_KEYEXCH *exchange;
|
2021-05-14 11:08:42 +08:00
|
|
|
/*
|
|
|
|
* Opaque ctx returned from a providers exchange algorithm
|
|
|
|
* implementation OSSL_FUNC_keyexch_newctx()
|
|
|
|
*/
|
|
|
|
void *algctx;
|
2019-09-05 06:13:25 +08:00
|
|
|
} kex;
|
2019-06-27 17:48:17 +08:00
|
|
|
|
2019-09-05 06:13:25 +08:00
|
|
|
struct {
|
|
|
|
EVP_SIGNATURE *signature;
|
2021-05-14 11:08:42 +08:00
|
|
|
/*
|
|
|
|
* Opaque ctx returned from a providers signature algorithm
|
|
|
|
* implementation OSSL_FUNC_signature_newctx()
|
|
|
|
*/
|
|
|
|
void *algctx;
|
2019-09-05 06:13:25 +08:00
|
|
|
} sig;
|
2019-10-01 16:40:57 +08:00
|
|
|
|
|
|
|
struct {
|
|
|
|
EVP_ASYM_CIPHER *cipher;
|
2021-05-14 11:08:42 +08:00
|
|
|
/*
|
|
|
|
* Opaque ctx returned from a providers asymmetric cipher algorithm
|
|
|
|
* implementation OSSL_FUNC_asym_cipher_newctx()
|
|
|
|
*/
|
|
|
|
void *algctx;
|
2019-10-01 16:40:57 +08:00
|
|
|
} ciph;
|
2020-09-19 16:08:46 +08:00
|
|
|
struct {
|
|
|
|
EVP_KEM *kem;
|
2021-05-14 11:08:42 +08:00
|
|
|
/*
|
|
|
|
* Opaque ctx returned from a providers KEM algorithm
|
|
|
|
* implementation OSSL_FUNC_kem_newctx()
|
|
|
|
*/
|
|
|
|
void *algctx;
|
2020-09-19 16:08:46 +08:00
|
|
|
} encap;
|
2019-09-05 06:13:25 +08:00
|
|
|
} op;
|
2019-08-30 20:33:10 +08:00
|
|
|
|
2020-09-02 21:54:13 +08:00
|
|
|
/*
|
|
|
|
* Cached parameters. Inits of operations that depend on these should
|
|
|
|
* call evp_pkey_ctx_use_delayed_data() when the operation has been set
|
|
|
|
* up properly.
|
|
|
|
*/
|
|
|
|
struct {
|
|
|
|
/* Distinguishing Identifier, ISO/IEC 15946-3, FIPS 196 */
|
|
|
|
char *dist_id_name; /* The name used with EVP_PKEY_CTX_ctrl_str() */
|
|
|
|
void *dist_id; /* The distinguishing ID itself */
|
|
|
|
size_t dist_id_len; /* The length of the distinguishing ID */
|
|
|
|
|
|
|
|
/* Indicators of what has been set. Keep them together! */
|
|
|
|
unsigned int dist_id_set : 1;
|
|
|
|
} cached_parameters;
|
|
|
|
|
2019-10-27 22:09:26 +08:00
|
|
|
/* Application specific data, usually used by the callback */
|
|
|
|
void *app_data;
|
|
|
|
/* Keygen callback */
|
|
|
|
EVP_PKEY_gen_cb *pkey_gencb;
|
|
|
|
/* implementation specific keygen data */
|
|
|
|
int *keygen_info;
|
|
|
|
int keygen_info_count;
|
|
|
|
|
2019-06-27 17:48:17 +08:00
|
|
|
/* Legacy fields below */
|
|
|
|
|
2020-09-02 15:30:42 +08:00
|
|
|
/* EVP_PKEY identity */
|
|
|
|
int legacy_keytype;
|
2015-03-24 06:57:47 +08:00
|
|
|
/* Method associated with this operation */
|
|
|
|
const EVP_PKEY_METHOD *pmeth;
|
|
|
|
/* Engine that implements this method or NULL if builtin */
|
|
|
|
ENGINE *engine;
|
|
|
|
/* Key: may be NULL */
|
|
|
|
EVP_PKEY *pkey;
|
|
|
|
/* Peer key for key agreement, may be NULL */
|
|
|
|
EVP_PKEY *peerkey;
|
|
|
|
/* Algorithm specific data */
|
|
|
|
void *data;
|
2020-03-11 05:07:10 +08:00
|
|
|
/* Indicator if digest_custom needs to be called */
|
|
|
|
unsigned int flag_call_digest_custom:1;
|
2020-09-24 23:43:06 +08:00
|
|
|
/*
|
|
|
|
* Used to support taking custody of memory in the case of a provider being
|
|
|
|
* used with the deprecated EVP_PKEY_CTX_set_rsa_keygen_pubexp() API. This
|
|
|
|
* member should NOT be used for any other purpose and should be removed
|
|
|
|
* when said deprecated API is excised completely.
|
|
|
|
*/
|
|
|
|
BIGNUM *rsa_pubexp;
|
2015-03-24 06:57:47 +08:00
|
|
|
} /* EVP_PKEY_CTX */ ;
|
|
|
|
|
|
|
|
#define EVP_PKEY_FLAG_DYNAMIC 1
|
|
|
|
|
|
|
|
struct evp_pkey_method_st {
|
|
|
|
int pkey_id;
|
|
|
|
int flags;
|
|
|
|
int (*init) (EVP_PKEY_CTX *ctx);
|
2019-01-16 04:51:25 +08:00
|
|
|
int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
|
2015-03-24 06:57:47 +08:00
|
|
|
void (*cleanup) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*paramgen_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
|
|
|
|
int (*keygen_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
|
|
|
|
int (*sign_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
|
|
|
const unsigned char *tbs, size_t tbslen);
|
|
|
|
int (*verify_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*verify) (EVP_PKEY_CTX *ctx,
|
|
|
|
const unsigned char *sig, size_t siglen,
|
|
|
|
const unsigned char *tbs, size_t tbslen);
|
|
|
|
int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*verify_recover) (EVP_PKEY_CTX *ctx,
|
|
|
|
unsigned char *rout, size_t *routlen,
|
|
|
|
const unsigned char *sig, size_t siglen);
|
|
|
|
int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
|
|
|
|
int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
|
|
|
|
EVP_MD_CTX *mctx);
|
|
|
|
int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
|
|
|
|
int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
|
|
|
|
EVP_MD_CTX *mctx);
|
|
|
|
int (*encrypt_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
|
|
|
const unsigned char *in, size_t inlen);
|
|
|
|
int (*decrypt_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
|
|
|
|
const unsigned char *in, size_t inlen);
|
|
|
|
int (*derive_init) (EVP_PKEY_CTX *ctx);
|
|
|
|
int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
|
|
|
|
int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
|
|
|
|
int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
|
2017-05-20 04:31:46 +08:00
|
|
|
int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
|
|
|
|
const unsigned char *tbs, size_t tbslen);
|
|
|
|
int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
|
|
|
|
size_t siglen, const unsigned char *tbs,
|
|
|
|
size_t tbslen);
|
2017-09-04 22:02:59 +08:00
|
|
|
int (*check) (EVP_PKEY *pkey);
|
2017-11-01 00:45:24 +08:00
|
|
|
int (*public_check) (EVP_PKEY *pkey);
|
|
|
|
int (*param_check) (EVP_PKEY *pkey);
|
2018-09-04 00:51:04 +08:00
|
|
|
|
|
|
|
int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
|
2015-03-24 06:57:47 +08:00
|
|
|
} /* EVP_PKEY_METHOD */ ;
|
|
|
|
|
2016-01-08 01:02:20 +08:00
|
|
|
DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
|
2016-01-06 10:54:18 +08:00
|
|
|
|
2015-03-24 06:57:47 +08:00
|
|
|
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
|
2015-09-20 05:13:22 +08:00
|
|
|
|
Fix external symbols related to dh keys
Partial fix for #12964
This adds ossl_ names for the following symbols:
dh_new_by_nid_ex, dh_new_ex, dh_generate_ffc_parameters, dh_generate_public_key,
dh_get_named_group_uid_from_size, dh_gen_type_id2name, dh_gen_type_name2id,
dh_cache_named_group, dh_get0_params, dh_get0_nid,
dh_params_fromdata, dh_key_fromdata, dh_params_todata, dh_key_todata,
dh_check_pub_key_partial, dh_check_priv_key, dh_check_pairwise,
dh_get_method, dh_buf2key, dh_key2buf, dh_KDF_X9_42_asn1,
dh_pkey_method, dhx_pkey_method
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
2021-02-18 13:56:53 +08:00
|
|
|
const EVP_PKEY_METHOD *ossl_dh_pkey_method(void);
|
|
|
|
const EVP_PKEY_METHOD *ossl_dhx_pkey_method(void);
|
Fix external symbols related to dsa keys
Partial fix for #12964
This adds ossl_ names for the following symbols:
dsa_check_pairwise, dsa_check_params, dsa_check_priv_key, dsa_check_pub_key, dsa_check_pub_key_partial,
dsa_do_sign_int, dsa_ffc_params_fromdata,
dsa_generate_ffc_parameters, dsa_generate_public_key,
dsa_get0_params, dsa_key_fromdata, dsa_new_with_ctx, dsa_pkey_method, dsa_sign_int
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
2021-02-18 14:30:37 +08:00
|
|
|
const EVP_PKEY_METHOD *ossl_dsa_pkey_method(void);
|
2021-02-18 18:27:26 +08:00
|
|
|
const EVP_PKEY_METHOD *ossl_ec_pkey_method(void);
|
|
|
|
const EVP_PKEY_METHOD *ossl_ecx25519_pkey_method(void);
|
|
|
|
const EVP_PKEY_METHOD *ossl_ecx448_pkey_method(void);
|
|
|
|
const EVP_PKEY_METHOD *ossl_ed25519_pkey_method(void);
|
|
|
|
const EVP_PKEY_METHOD *ossl_ed448_pkey_method(void);
|
rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
rsa_check_prime_factor, rsa_check_prime_factor_range,
rsa_check_private_exponent, rsa_check_public_exponent,
rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
rsa_padding_add_PKCS1_type_2_with_libctx,
rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
rsa_validate_private and rsa_validate_public.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
2020-09-30 12:20:14 +08:00
|
|
|
const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void);
|
|
|
|
const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void);
|
2015-11-30 03:09:34 +08:00
|
|
|
|
2018-10-13 04:27:18 +08:00
|
|
|
struct evp_mac_st {
|
2019-05-07 18:39:58 +08:00
|
|
|
OSSL_PROVIDER *prov;
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
int name_id;
|
2021-04-16 22:22:03 +08:00
|
|
|
char *type_name;
|
2021-03-16 21:14:43 +08:00
|
|
|
const char *description;
|
2019-05-07 18:39:58 +08:00
|
|
|
|
|
|
|
CRYPTO_REF_COUNT refcnt;
|
|
|
|
|
2020-06-21 07:19:16 +08:00
|
|
|
OSSL_FUNC_mac_newctx_fn *newctx;
|
|
|
|
OSSL_FUNC_mac_dupctx_fn *dupctx;
|
|
|
|
OSSL_FUNC_mac_freectx_fn *freectx;
|
|
|
|
OSSL_FUNC_mac_init_fn *init;
|
|
|
|
OSSL_FUNC_mac_update_fn *update;
|
|
|
|
OSSL_FUNC_mac_final_fn *final;
|
|
|
|
OSSL_FUNC_mac_gettable_params_fn *gettable_params;
|
|
|
|
OSSL_FUNC_mac_gettable_ctx_params_fn *gettable_ctx_params;
|
|
|
|
OSSL_FUNC_mac_settable_ctx_params_fn *settable_ctx_params;
|
|
|
|
OSSL_FUNC_mac_get_params_fn *get_params;
|
|
|
|
OSSL_FUNC_mac_get_ctx_params_fn *get_ctx_params;
|
|
|
|
OSSL_FUNC_mac_set_ctx_params_fn *set_ctx_params;
|
2018-10-13 04:27:18 +08:00
|
|
|
};
|
|
|
|
|
2019-04-22 15:18:56 +08:00
|
|
|
struct evp_kdf_st {
|
2019-08-21 16:54:35 +08:00
|
|
|
OSSL_PROVIDER *prov;
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
int name_id;
|
2021-04-16 22:22:03 +08:00
|
|
|
char *type_name;
|
2021-03-16 21:14:43 +08:00
|
|
|
const char *description;
|
2019-08-21 16:54:35 +08:00
|
|
|
CRYPTO_REF_COUNT refcnt;
|
|
|
|
|
2020-06-21 07:19:16 +08:00
|
|
|
OSSL_FUNC_kdf_newctx_fn *newctx;
|
|
|
|
OSSL_FUNC_kdf_dupctx_fn *dupctx;
|
|
|
|
OSSL_FUNC_kdf_freectx_fn *freectx;
|
|
|
|
OSSL_FUNC_kdf_reset_fn *reset;
|
|
|
|
OSSL_FUNC_kdf_derive_fn *derive;
|
|
|
|
OSSL_FUNC_kdf_gettable_params_fn *gettable_params;
|
|
|
|
OSSL_FUNC_kdf_gettable_ctx_params_fn *gettable_ctx_params;
|
|
|
|
OSSL_FUNC_kdf_settable_ctx_params_fn *settable_ctx_params;
|
|
|
|
OSSL_FUNC_kdf_get_params_fn *get_params;
|
|
|
|
OSSL_FUNC_kdf_get_ctx_params_fn *get_ctx_params;
|
|
|
|
OSSL_FUNC_kdf_set_ctx_params_fn *set_ctx_params;
|
2019-04-22 15:18:56 +08:00
|
|
|
};
|
2018-06-22 05:16:18 +08:00
|
|
|
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
#define EVP_ORIG_DYNAMIC 0
|
|
|
|
#define EVP_ORIG_GLOBAL 1
|
|
|
|
#define EVP_ORIG_METH 2
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
struct evp_md_st {
|
2019-03-13 22:49:40 +08:00
|
|
|
/* nid */
|
2015-11-30 03:09:34 +08:00
|
|
|
int type;
|
2019-03-13 22:49:40 +08:00
|
|
|
|
|
|
|
/* Legacy structure members */
|
2015-11-30 03:09:34 +08:00
|
|
|
int pkey_type;
|
|
|
|
int md_size;
|
|
|
|
unsigned long flags;
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
int origin;
|
2015-11-30 03:09:34 +08:00
|
|
|
int (*init) (EVP_MD_CTX *ctx);
|
|
|
|
int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
|
|
|
|
int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
|
|
|
|
int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
|
|
|
|
int (*cleanup) (EVP_MD_CTX *ctx);
|
|
|
|
int block_size;
|
|
|
|
int ctx_size; /* how big does the ctx->md_data need to be */
|
|
|
|
/* control function */
|
|
|
|
int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
|
2019-03-13 22:49:40 +08:00
|
|
|
|
|
|
|
/* New structure members */
|
2021-03-01 23:55:23 +08:00
|
|
|
/* Above comment to be removed when legacy has gone */
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
int name_id;
|
2021-04-16 22:22:03 +08:00
|
|
|
char *type_name;
|
2021-03-16 21:14:43 +08:00
|
|
|
const char *description;
|
2019-03-13 22:49:40 +08:00
|
|
|
OSSL_PROVIDER *prov;
|
|
|
|
CRYPTO_REF_COUNT refcnt;
|
2020-06-21 07:19:16 +08:00
|
|
|
OSSL_FUNC_digest_newctx_fn *newctx;
|
|
|
|
OSSL_FUNC_digest_init_fn *dinit;
|
|
|
|
OSSL_FUNC_digest_update_fn *dupdate;
|
|
|
|
OSSL_FUNC_digest_final_fn *dfinal;
|
2023-07-21 13:05:38 +08:00
|
|
|
OSSL_FUNC_digest_squeeze_fn *dsqueeze;
|
2020-06-21 07:19:16 +08:00
|
|
|
OSSL_FUNC_digest_digest_fn *digest;
|
|
|
|
OSSL_FUNC_digest_freectx_fn *freectx;
|
|
|
|
OSSL_FUNC_digest_dupctx_fn *dupctx;
|
|
|
|
OSSL_FUNC_digest_get_params_fn *get_params;
|
|
|
|
OSSL_FUNC_digest_set_ctx_params_fn *set_ctx_params;
|
|
|
|
OSSL_FUNC_digest_get_ctx_params_fn *get_ctx_params;
|
|
|
|
OSSL_FUNC_digest_gettable_params_fn *gettable_params;
|
|
|
|
OSSL_FUNC_digest_settable_ctx_params_fn *settable_ctx_params;
|
|
|
|
OSSL_FUNC_digest_gettable_ctx_params_fn *gettable_ctx_params;
|
2019-03-13 22:49:40 +08:00
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
} /* EVP_MD */ ;
|
|
|
|
|
2015-12-18 23:37:02 +08:00
|
|
|
struct evp_cipher_st {
|
|
|
|
int nid;
|
2019-04-03 22:38:07 +08:00
|
|
|
|
2015-12-18 23:37:02 +08:00
|
|
|
int block_size;
|
|
|
|
/* Default value for variable length ciphers */
|
|
|
|
int key_len;
|
|
|
|
int iv_len;
|
2019-04-03 22:38:07 +08:00
|
|
|
|
|
|
|
/* Legacy structure members */
|
2015-12-18 23:37:02 +08:00
|
|
|
/* Various flags */
|
|
|
|
unsigned long flags;
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
/* How the EVP_CIPHER was created. */
|
|
|
|
int origin;
|
2015-12-18 23:37:02 +08:00
|
|
|
/* init key */
|
|
|
|
int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|
|
|
const unsigned char *iv, int enc);
|
|
|
|
/* encrypt/decrypt data */
|
|
|
|
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
|
|
const unsigned char *in, size_t inl);
|
|
|
|
/* cleanup ctx */
|
|
|
|
int (*cleanup) (EVP_CIPHER_CTX *);
|
|
|
|
/* how big ctx->cipher_data needs to be */
|
|
|
|
int ctx_size;
|
|
|
|
/* Populate a ASN1_TYPE with parameters */
|
|
|
|
int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
|
|
|
|
/* Get parameters from a ASN1_TYPE */
|
|
|
|
int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
|
|
|
|
/* Miscellaneous operations */
|
|
|
|
int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
|
|
|
|
/* Application data */
|
|
|
|
void *app_data;
|
2019-04-03 22:38:07 +08:00
|
|
|
|
|
|
|
/* New structure members */
|
2021-03-01 23:55:23 +08:00
|
|
|
/* Above comment to be removed when legacy has gone */
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
int name_id;
|
2021-04-16 22:22:03 +08:00
|
|
|
char *type_name;
|
2021-03-16 21:14:43 +08:00
|
|
|
const char *description;
|
2019-04-03 22:38:07 +08:00
|
|
|
OSSL_PROVIDER *prov;
|
|
|
|
CRYPTO_REF_COUNT refcnt;
|
2020-06-21 07:19:16 +08:00
|
|
|
OSSL_FUNC_cipher_newctx_fn *newctx;
|
|
|
|
OSSL_FUNC_cipher_encrypt_init_fn *einit;
|
|
|
|
OSSL_FUNC_cipher_decrypt_init_fn *dinit;
|
|
|
|
OSSL_FUNC_cipher_update_fn *cupdate;
|
|
|
|
OSSL_FUNC_cipher_final_fn *cfinal;
|
|
|
|
OSSL_FUNC_cipher_cipher_fn *ccipher;
|
|
|
|
OSSL_FUNC_cipher_freectx_fn *freectx;
|
|
|
|
OSSL_FUNC_cipher_dupctx_fn *dupctx;
|
|
|
|
OSSL_FUNC_cipher_get_params_fn *get_params;
|
|
|
|
OSSL_FUNC_cipher_get_ctx_params_fn *get_ctx_params;
|
|
|
|
OSSL_FUNC_cipher_set_ctx_params_fn *set_ctx_params;
|
|
|
|
OSSL_FUNC_cipher_gettable_params_fn *gettable_params;
|
|
|
|
OSSL_FUNC_cipher_gettable_ctx_params_fn *gettable_ctx_params;
|
|
|
|
OSSL_FUNC_cipher_settable_ctx_params_fn *settable_ctx_params;
|
2015-12-18 23:37:02 +08:00
|
|
|
} /* EVP_CIPHER */ ;
|
|
|
|
|
|
|
|
/* Macros to code block cipher wrappers */
|
|
|
|
|
|
|
|
/* Wrapper functions for each cipher mode */
|
|
|
|
|
2016-03-07 18:17:27 +08:00
|
|
|
#define EVP_C_DATA(kstruct, ctx) \
|
|
|
|
((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
|
2015-12-18 23:37:02 +08:00
|
|
|
|
|
|
|
#define BLOCK_CIPHER_ecb_loop() \
|
|
|
|
size_t i, bl; \
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
bl = EVP_CIPHER_CTX_get0_cipher(ctx)->block_size; \
|
2016-06-29 06:18:50 +08:00
|
|
|
if (inl < bl) return 1;\
|
2015-12-18 23:37:02 +08:00
|
|
|
inl -= bl; \
|
2016-06-29 06:18:50 +08:00
|
|
|
for (i=0; i <= inl; i+=bl)
|
2015-12-18 23:37:02 +08:00
|
|
|
|
|
|
|
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
|
|
|
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
|
|
|
{\
|
|
|
|
BLOCK_CIPHER_ecb_loop() \
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_is_encrypting(ctx)); \
|
2015-12-18 23:37:02 +08:00
|
|
|
return 1;\
|
|
|
|
}
|
|
|
|
|
2022-08-15 12:49:17 +08:00
|
|
|
#define EVP_MAXCHUNK ((size_t)1 << 30)
|
2015-12-18 23:37:02 +08:00
|
|
|
|
|
|
|
#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
|
|
|
|
static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
|
|
|
{\
|
|
|
|
while(inl>=EVP_MAXCHUNK) {\
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
int num = EVP_CIPHER_CTX_get_num(ctx);\
|
2020-07-03 05:12:33 +08:00
|
|
|
cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, &num); \
|
2015-12-18 23:37:02 +08:00
|
|
|
EVP_CIPHER_CTX_set_num(ctx, num);\
|
|
|
|
inl-=EVP_MAXCHUNK;\
|
|
|
|
in +=EVP_MAXCHUNK;\
|
|
|
|
out+=EVP_MAXCHUNK;\
|
|
|
|
}\
|
|
|
|
if (inl) {\
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
int num = EVP_CIPHER_CTX_get_num(ctx);\
|
2020-07-03 05:12:33 +08:00
|
|
|
cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, &num); \
|
2015-12-18 23:37:02 +08:00
|
|
|
EVP_CIPHER_CTX_set_num(ctx, num);\
|
|
|
|
}\
|
|
|
|
return 1;\
|
|
|
|
}
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
|
|
|
static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
|
|
|
{\
|
|
|
|
while(inl>=EVP_MAXCHUNK) \
|
|
|
|
{\
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_is_encrypting(ctx));\
|
2015-12-18 23:37:02 +08:00
|
|
|
inl-=EVP_MAXCHUNK;\
|
|
|
|
in +=EVP_MAXCHUNK;\
|
|
|
|
out+=EVP_MAXCHUNK;\
|
|
|
|
}\
|
|
|
|
if (inl)\
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_is_encrypting(ctx));\
|
2015-12-18 23:37:02 +08:00
|
|
|
return 1;\
|
|
|
|
}
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
|
|
|
|
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
|
|
|
|
{\
|
2016-06-29 06:18:50 +08:00
|
|
|
size_t chunk = EVP_MAXCHUNK;\
|
|
|
|
if (cbits == 1) chunk >>= 3;\
|
|
|
|
if (inl < chunk) chunk = inl;\
|
|
|
|
while (inl && inl >= chunk)\
|
|
|
|
{\
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
int num = EVP_CIPHER_CTX_get_num(ctx);\
|
2016-06-29 06:18:50 +08:00
|
|
|
cprefix##_cfb##cbits##_encrypt(in, out, (long) \
|
|
|
|
((cbits == 1) \
|
|
|
|
&& !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
|
2018-02-21 22:48:02 +08:00
|
|
|
? chunk*8 : chunk), \
|
2020-07-03 05:12:33 +08:00
|
|
|
&EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv,\
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
&num, EVP_CIPHER_CTX_is_encrypting(ctx));\
|
2016-06-29 06:18:50 +08:00
|
|
|
EVP_CIPHER_CTX_set_num(ctx, num);\
|
|
|
|
inl -= chunk;\
|
|
|
|
in += chunk;\
|
|
|
|
out += chunk;\
|
|
|
|
if (inl < chunk) chunk = inl;\
|
|
|
|
}\
|
|
|
|
return 1;\
|
2015-12-18 23:37:02 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
|
|
|
|
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
|
|
|
BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
|
|
|
|
BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
|
|
|
BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
|
|
|
|
key_len, iv_len, flags, init_key, cleanup, \
|
|
|
|
set_asn1, get_asn1, ctrl) \
|
|
|
|
static const EVP_CIPHER cname##_##mode = { \
|
|
|
|
nid##_##nmode, block_size, key_len, iv_len, \
|
|
|
|
flags | EVP_CIPH_##MODE##_MODE, \
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
EVP_ORIG_GLOBAL, \
|
2015-12-18 23:37:02 +08:00
|
|
|
init_key, \
|
|
|
|
cname##_##mode##_cipher, \
|
|
|
|
cleanup, \
|
|
|
|
sizeof(kstruct), \
|
|
|
|
set_asn1, get_asn1,\
|
|
|
|
ctrl, \
|
|
|
|
NULL \
|
|
|
|
}; \
|
|
|
|
const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
|
|
|
|
iv_len, flags, init_key, cleanup, set_asn1, \
|
|
|
|
get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
|
|
|
|
iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
|
|
|
|
iv_len, cbits, flags, init_key, cleanup, \
|
|
|
|
set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
|
|
|
|
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
|
|
|
|
get_asn1, ctrl)
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
|
|
|
|
iv_len, cbits, flags, init_key, cleanup, \
|
|
|
|
set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
|
|
|
|
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
|
|
|
|
get_asn1, ctrl)
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
|
|
|
|
flags, init_key, cleanup, set_asn1, \
|
|
|
|
get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
|
|
|
|
0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
|
|
|
|
|
|
|
|
#define BLOCK_CIPHER_defs(cname, kstruct, \
|
|
|
|
nid, block_size, key_len, iv_len, cbits, flags, \
|
|
|
|
init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
|
|
|
|
init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
|
|
|
|
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
|
|
|
|
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
|
|
|
|
init_key, cleanup, set_asn1, get_asn1, ctrl)
|
|
|
|
|
|
|
|
/*-
|
|
|
|
#define BLOCK_CIPHER_defs(cname, kstruct, \
|
|
|
|
nid, block_size, key_len, iv_len, flags,\
|
|
|
|
init_key, cleanup, set_asn1, get_asn1, ctrl)\
|
|
|
|
static const EVP_CIPHER cname##_cbc = {\
|
|
|
|
nid##_cbc, block_size, key_len, iv_len, \
|
|
|
|
flags | EVP_CIPH_CBC_MODE,\
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
EVP_ORIG_GLOBAL,\
|
2015-12-18 23:37:02 +08:00
|
|
|
init_key,\
|
|
|
|
cname##_cbc_cipher,\
|
|
|
|
cleanup,\
|
|
|
|
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
|
|
|
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
|
|
|
set_asn1, get_asn1,\
|
|
|
|
ctrl, \
|
|
|
|
NULL \
|
|
|
|
};\
|
|
|
|
const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
|
|
|
|
static const EVP_CIPHER cname##_cfb = {\
|
|
|
|
nid##_cfb64, 1, key_len, iv_len, \
|
|
|
|
flags | EVP_CIPH_CFB_MODE,\
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
EVP_ORIG_GLOBAL,\
|
2015-12-18 23:37:02 +08:00
|
|
|
init_key,\
|
|
|
|
cname##_cfb_cipher,\
|
|
|
|
cleanup,\
|
|
|
|
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
|
|
|
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
|
|
|
set_asn1, get_asn1,\
|
|
|
|
ctrl,\
|
|
|
|
NULL \
|
|
|
|
};\
|
|
|
|
const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
|
|
|
|
static const EVP_CIPHER cname##_ofb = {\
|
|
|
|
nid##_ofb64, 1, key_len, iv_len, \
|
|
|
|
flags | EVP_CIPH_OFB_MODE,\
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
EVP_ORIG_GLOBAL,\
|
2015-12-18 23:37:02 +08:00
|
|
|
init_key,\
|
|
|
|
cname##_ofb_cipher,\
|
|
|
|
cleanup,\
|
|
|
|
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
|
|
|
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
|
|
|
set_asn1, get_asn1,\
|
|
|
|
ctrl,\
|
|
|
|
NULL \
|
|
|
|
};\
|
|
|
|
const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
|
|
|
|
static const EVP_CIPHER cname##_ecb = {\
|
|
|
|
nid##_ecb, block_size, key_len, iv_len, \
|
|
|
|
flags | EVP_CIPH_ECB_MODE,\
|
Add "origin" field to EVP_CIPHER, EVP_MD
Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch,
or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all
three origins. The flag is deliberately right before some function pointers,
so that compile-time failures (int/pointer) will occur, as opposed to
taking a bit in the existing "flags" field. The "global variable" flag
is non-zero, so the default case of using OPENSSL_zalloc (for provider
ciphers), will do the right thing. Ref-counting is a no-op for
Make up_ref no-op for global MD and CIPHER objects
Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as
the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate
EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add
EVP_CIPHER_CTX_get1_CIPHER().
Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common
evp_md_free_int() function.
Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common
evp_cipher_free_int() function.
Also change some flags tests to explicit test == or != zero. E.g.,
if (flags & x) --> if ((flags & x) != 0)
if (!(flags & x)) --> if ((flags & x) == 0)
Only done for those lines where "get0_cipher" calls were made.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14193)
2021-02-17 06:51:56 +08:00
|
|
|
EVP_ORIG_GLOBAL,\
|
2015-12-18 23:37:02 +08:00
|
|
|
init_key,\
|
|
|
|
cname##_ecb_cipher,\
|
|
|
|
cleanup,\
|
|
|
|
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
|
|
|
|
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
|
|
|
|
set_asn1, get_asn1,\
|
|
|
|
ctrl,\
|
|
|
|
NULL \
|
|
|
|
};\
|
|
|
|
const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
|
|
|
|
*/
|
|
|
|
|
|
|
|
#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
|
|
|
|
block_size, key_len, iv_len, cbits, \
|
|
|
|
flags, init_key, \
|
|
|
|
cleanup, set_asn1, get_asn1, ctrl) \
|
|
|
|
BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
|
|
|
|
BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
|
|
|
|
cbits, flags, init_key, cleanup, set_asn1, \
|
|
|
|
get_asn1, ctrl)
|
|
|
|
|
|
|
|
#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
|
|
|
|
BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
|
|
|
|
BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
|
|
|
|
NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
|
|
|
|
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
|
|
|
|
cipher##_init_key, NULL, NULL, NULL, NULL)
|
|
|
|
|
2020-09-07 02:11:34 +08:00
|
|
|
typedef struct {
|
|
|
|
unsigned char iv[EVP_MAX_IV_LENGTH];
|
|
|
|
unsigned int iv_len;
|
|
|
|
unsigned int tag_len;
|
|
|
|
} evp_cipher_aead_asn1_params;
|
|
|
|
|
|
|
|
int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
|
|
|
|
evp_cipher_aead_asn1_params *params);
|
|
|
|
|
|
|
|
int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
|
|
|
|
evp_cipher_aead_asn1_params *params);
|
|
|
|
|
2021-02-04 12:40:19 +08:00
|
|
|
/*
|
|
|
|
* To support transparent execution of operation in backends other
|
|
|
|
* than the "origin" key, we support transparent export/import to
|
|
|
|
* those providers, and maintain a cache of the imported keydata,
|
|
|
|
* so we don't need to redo the export/import every time we perform
|
|
|
|
* the same operation in that same provider.
|
|
|
|
* This requires that the "origin" backend (whether it's a legacy or a
|
|
|
|
* provider "origin") implements exports, and that the target provider
|
|
|
|
* has an EVP_KEYMGMT that implements import.
|
|
|
|
*/
|
|
|
|
typedef struct {
|
|
|
|
EVP_KEYMGMT *keymgmt;
|
|
|
|
void *keydata;
|
2022-11-10 23:46:32 +08:00
|
|
|
int selection;
|
2021-02-04 12:40:19 +08:00
|
|
|
} OP_CACHE_ELEM;
|
|
|
|
|
|
|
|
DEFINE_STACK_OF(OP_CACHE_ELEM)
|
|
|
|
|
2016-01-19 08:21:12 +08:00
|
|
|
/*
|
2020-03-21 13:03:39 +08:00
|
|
|
* An EVP_PKEY can have the following states:
|
|
|
|
*
|
|
|
|
* untyped & empty:
|
|
|
|
*
|
|
|
|
* type == EVP_PKEY_NONE && keymgmt == NULL
|
|
|
|
*
|
|
|
|
* typed & empty:
|
|
|
|
*
|
|
|
|
* (type != EVP_PKEY_NONE && pkey.ptr == NULL) ## legacy (libcrypto only)
|
|
|
|
* || (keymgmt != NULL && keydata == NULL) ## provider side
|
|
|
|
*
|
|
|
|
* fully assigned:
|
|
|
|
*
|
|
|
|
* (type != EVP_PKEY_NONE && pkey.ptr != NULL) ## legacy (libcrypto only)
|
|
|
|
* || (keymgmt != NULL && keydata != NULL) ## provider side
|
|
|
|
*
|
Re-introduce legacy EVP_PKEY types for provided keys
EVP_PKEYs with provider side internal keys got the key type
EVP_PKEY_NONE. This turned out to be too disruptive, so we try
instead to find a matching EVP_PKEY_ASN1_METHOD and use whatever
EVP_PKEY type it uses.
To make internal coding easier, we introduce a few internal macros to
distinguish what can be expected from a EVP_PKEY:
- evp_pkey_is_blank(), to detect an unassigned EVP_PKEY.
- evp_pkey_is_typed(), to detect that an EVP_PKEY has been assigned a
type, which may be an old style type number or a EVP_KEYMGMT method.
- evp_pkey_is_assigned(), to detect that an EVP_PKEY has been assigned
an key value.
- evp_pkey_is_legacy(), to detect that the internal EVP_PKEY key is a
legacy one, i.e. will be handled via an EVP_PKEY_ASN1_METHOD and an
EVP_PKEY_METHOD.
- evp_pkey_is_provided(), to detect that the internal EVP_PKEY key is
a provider side one, i.e. will be handdled via an EVP_KEYMGMT and
other provider methods.
This also introduces EVP_PKEY_KEYMGMT, to indicate that this EVP_PKEY
contains a provider side key for which there are no known
EVP_PKEY_ASN1_METHODs or EVP_PKEY_METHODs, i.e. these can only be
handled via EVP_KEYMGMT and other provider methods.
Fixes #11823
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11913)
2020-05-22 21:41:28 +08:00
|
|
|
* The easiest way to detect a legacy key is:
|
|
|
|
*
|
|
|
|
* keymgmt == NULL && type != EVP_PKEY_NONE
|
|
|
|
*
|
|
|
|
* The easiest way to detect a provider side key is:
|
|
|
|
*
|
|
|
|
* keymgmt != NULL
|
2016-01-19 08:21:12 +08:00
|
|
|
*/
|
Re-introduce legacy EVP_PKEY types for provided keys
EVP_PKEYs with provider side internal keys got the key type
EVP_PKEY_NONE. This turned out to be too disruptive, so we try
instead to find a matching EVP_PKEY_ASN1_METHOD and use whatever
EVP_PKEY type it uses.
To make internal coding easier, we introduce a few internal macros to
distinguish what can be expected from a EVP_PKEY:
- evp_pkey_is_blank(), to detect an unassigned EVP_PKEY.
- evp_pkey_is_typed(), to detect that an EVP_PKEY has been assigned a
type, which may be an old style type number or a EVP_KEYMGMT method.
- evp_pkey_is_assigned(), to detect that an EVP_PKEY has been assigned
an key value.
- evp_pkey_is_legacy(), to detect that the internal EVP_PKEY key is a
legacy one, i.e. will be handled via an EVP_PKEY_ASN1_METHOD and an
EVP_PKEY_METHOD.
- evp_pkey_is_provided(), to detect that the internal EVP_PKEY key is
a provider side one, i.e. will be handdled via an EVP_KEYMGMT and
other provider methods.
This also introduces EVP_PKEY_KEYMGMT, to indicate that this EVP_PKEY
contains a provider side key for which there are no known
EVP_PKEY_ASN1_METHODs or EVP_PKEY_METHODs, i.e. these can only be
handled via EVP_KEYMGMT and other provider methods.
Fixes #11823
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11913)
2020-05-22 21:41:28 +08:00
|
|
|
#define evp_pkey_is_blank(pk) \
|
|
|
|
((pk)->type == EVP_PKEY_NONE && (pk)->keymgmt == NULL)
|
|
|
|
#define evp_pkey_is_typed(pk) \
|
|
|
|
((pk)->type != EVP_PKEY_NONE || (pk)->keymgmt != NULL)
|
2021-02-09 00:25:41 +08:00
|
|
|
#ifndef FIPS_MODULE
|
|
|
|
# define evp_pkey_is_assigned(pk) \
|
Re-introduce legacy EVP_PKEY types for provided keys
EVP_PKEYs with provider side internal keys got the key type
EVP_PKEY_NONE. This turned out to be too disruptive, so we try
instead to find a matching EVP_PKEY_ASN1_METHOD and use whatever
EVP_PKEY type it uses.
To make internal coding easier, we introduce a few internal macros to
distinguish what can be expected from a EVP_PKEY:
- evp_pkey_is_blank(), to detect an unassigned EVP_PKEY.
- evp_pkey_is_typed(), to detect that an EVP_PKEY has been assigned a
type, which may be an old style type number or a EVP_KEYMGMT method.
- evp_pkey_is_assigned(), to detect that an EVP_PKEY has been assigned
an key value.
- evp_pkey_is_legacy(), to detect that the internal EVP_PKEY key is a
legacy one, i.e. will be handled via an EVP_PKEY_ASN1_METHOD and an
EVP_PKEY_METHOD.
- evp_pkey_is_provided(), to detect that the internal EVP_PKEY key is
a provider side one, i.e. will be handdled via an EVP_KEYMGMT and
other provider methods.
This also introduces EVP_PKEY_KEYMGMT, to indicate that this EVP_PKEY
contains a provider side key for which there are no known
EVP_PKEY_ASN1_METHODs or EVP_PKEY_METHODs, i.e. these can only be
handled via EVP_KEYMGMT and other provider methods.
Fixes #11823
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11913)
2020-05-22 21:41:28 +08:00
|
|
|
((pk)->pkey.ptr != NULL || (pk)->keydata != NULL)
|
2021-02-09 00:25:41 +08:00
|
|
|
#else
|
|
|
|
# define evp_pkey_is_assigned(pk) \
|
|
|
|
((pk)->keydata != NULL)
|
|
|
|
#endif
|
Re-introduce legacy EVP_PKEY types for provided keys
EVP_PKEYs with provider side internal keys got the key type
EVP_PKEY_NONE. This turned out to be too disruptive, so we try
instead to find a matching EVP_PKEY_ASN1_METHOD and use whatever
EVP_PKEY type it uses.
To make internal coding easier, we introduce a few internal macros to
distinguish what can be expected from a EVP_PKEY:
- evp_pkey_is_blank(), to detect an unassigned EVP_PKEY.
- evp_pkey_is_typed(), to detect that an EVP_PKEY has been assigned a
type, which may be an old style type number or a EVP_KEYMGMT method.
- evp_pkey_is_assigned(), to detect that an EVP_PKEY has been assigned
an key value.
- evp_pkey_is_legacy(), to detect that the internal EVP_PKEY key is a
legacy one, i.e. will be handled via an EVP_PKEY_ASN1_METHOD and an
EVP_PKEY_METHOD.
- evp_pkey_is_provided(), to detect that the internal EVP_PKEY key is
a provider side one, i.e. will be handdled via an EVP_KEYMGMT and
other provider methods.
This also introduces EVP_PKEY_KEYMGMT, to indicate that this EVP_PKEY
contains a provider side key for which there are no known
EVP_PKEY_ASN1_METHODs or EVP_PKEY_METHODs, i.e. these can only be
handled via EVP_KEYMGMT and other provider methods.
Fixes #11823
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11913)
2020-05-22 21:41:28 +08:00
|
|
|
#define evp_pkey_is_legacy(pk) \
|
|
|
|
((pk)->type != EVP_PKEY_NONE && (pk)->keymgmt == NULL)
|
|
|
|
#define evp_pkey_is_provided(pk) \
|
|
|
|
((pk)->keymgmt != NULL)
|
|
|
|
|
2021-02-25 00:38:28 +08:00
|
|
|
union legacy_pkey_st {
|
|
|
|
void *ptr;
|
|
|
|
struct rsa_st *rsa; /* RSA */
|
|
|
|
# ifndef OPENSSL_NO_DSA
|
|
|
|
struct dsa_st *dsa; /* DSA */
|
|
|
|
# endif
|
|
|
|
# ifndef OPENSSL_NO_DH
|
|
|
|
struct dh_st *dh; /* DH */
|
|
|
|
# endif
|
|
|
|
# ifndef OPENSSL_NO_EC
|
|
|
|
struct ec_key_st *ec; /* ECC */
|
2023-04-17 16:20:31 +08:00
|
|
|
# ifndef OPENSSL_NO_ECX
|
2021-02-25 00:38:28 +08:00
|
|
|
ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
|
2023-04-17 16:20:31 +08:00
|
|
|
# endif
|
2021-02-25 00:38:28 +08:00
|
|
|
# endif
|
|
|
|
};
|
|
|
|
|
2016-01-19 08:21:12 +08:00
|
|
|
struct evp_pkey_st {
|
2019-07-05 06:31:42 +08:00
|
|
|
/* == Legacy attributes == */
|
2016-01-19 08:21:12 +08:00
|
|
|
int type;
|
|
|
|
int save_type;
|
2020-02-21 03:26:16 +08:00
|
|
|
|
2020-04-14 04:34:56 +08:00
|
|
|
# ifndef FIPS_MODULE
|
2020-02-21 03:26:16 +08:00
|
|
|
/*
|
|
|
|
* Legacy key "origin" is composed of a pointer to an EVP_PKEY_ASN1_METHOD,
|
|
|
|
* a pointer to a low level key and possibly a pointer to an engine.
|
|
|
|
*/
|
2016-01-19 08:21:12 +08:00
|
|
|
const EVP_PKEY_ASN1_METHOD *ameth;
|
|
|
|
ENGINE *engine;
|
2017-10-09 22:21:11 +08:00
|
|
|
ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
|
2021-02-25 00:38:28 +08:00
|
|
|
|
|
|
|
/* Union to store the reference to an origin legacy key */
|
|
|
|
union legacy_pkey_st pkey;
|
|
|
|
|
|
|
|
/* Union to store the reference to a non-origin legacy key */
|
|
|
|
union legacy_pkey_st legacy_cache_pkey;
|
2020-03-21 13:03:39 +08:00
|
|
|
# endif
|
2019-07-05 06:31:42 +08:00
|
|
|
|
|
|
|
/* == Common attributes == */
|
|
|
|
CRYPTO_REF_COUNT references;
|
2016-02-26 20:21:15 +08:00
|
|
|
CRYPTO_RWLOCK *lock;
|
2021-04-13 23:31:08 +08:00
|
|
|
#ifndef FIPS_MODULE
|
2019-07-05 06:31:42 +08:00
|
|
|
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
|
|
|
|
int save_parameters;
|
2021-07-07 01:42:22 +08:00
|
|
|
unsigned int foreign:1; /* the low-level key is using an engine or an app-method */
|
2020-04-07 08:18:09 +08:00
|
|
|
CRYPTO_EX_DATA ex_data;
|
|
|
|
#endif
|
2019-07-05 06:31:42 +08:00
|
|
|
|
|
|
|
/* == Provider attributes == */
|
2020-02-21 03:26:16 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Provider keydata "origin" is composed of a pointer to an EVP_KEYMGMT
|
|
|
|
* and a pointer to the provider side key data. This is never used at
|
|
|
|
* the same time as the legacy key data above.
|
|
|
|
*/
|
|
|
|
EVP_KEYMGMT *keymgmt;
|
|
|
|
void *keydata;
|
|
|
|
/*
|
|
|
|
* If any libcrypto code does anything that may modify the keydata
|
|
|
|
* contents, this dirty counter must be incremented.
|
|
|
|
*/
|
|
|
|
size_t dirty_cnt;
|
|
|
|
|
2019-07-05 06:31:42 +08:00
|
|
|
/*
|
2020-02-21 03:26:16 +08:00
|
|
|
* To support transparent execution of operation in backends other
|
|
|
|
* than the "origin" key, we support transparent export/import to
|
|
|
|
* those providers, and maintain a cache of the imported keydata,
|
|
|
|
* so we don't need to redo the export/import every time we perform
|
|
|
|
* the same operation in that same provider.
|
2019-07-05 06:31:42 +08:00
|
|
|
*/
|
2021-02-04 12:40:19 +08:00
|
|
|
STACK_OF(OP_CACHE_ELEM) *operation_cache;
|
|
|
|
|
2019-07-07 03:57:15 +08:00
|
|
|
/*
|
2020-02-21 03:26:16 +08:00
|
|
|
* We keep a copy of that "origin"'s dirty count, so we know if the
|
|
|
|
* operation cache needs flushing.
|
2019-07-07 03:57:15 +08:00
|
|
|
*/
|
|
|
|
size_t dirty_cnt_copy;
|
2020-01-08 10:44:28 +08:00
|
|
|
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
/* Cache of key object information */
|
2020-01-08 10:44:28 +08:00
|
|
|
struct {
|
|
|
|
int bits;
|
|
|
|
int security_bits;
|
|
|
|
int size;
|
|
|
|
} cache;
|
2016-01-19 08:21:12 +08:00
|
|
|
} /* EVP_PKEY */ ;
|
2016-02-09 00:43:03 +08:00
|
|
|
|
2019-09-05 06:13:25 +08:00
|
|
|
#define EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) \
|
|
|
|
((ctx)->operation == EVP_PKEY_OP_SIGN \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_SIGNCTX \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_VERIFY \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_VERIFYCTX \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_VERIFYRECOVER)
|
|
|
|
|
|
|
|
#define EVP_PKEY_CTX_IS_DERIVE_OP(ctx) \
|
|
|
|
((ctx)->operation == EVP_PKEY_OP_DERIVE)
|
2016-02-09 00:43:03 +08:00
|
|
|
|
2019-10-01 16:40:57 +08:00
|
|
|
#define EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) \
|
|
|
|
((ctx)->operation == EVP_PKEY_OP_ENCRYPT \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_DECRYPT)
|
|
|
|
|
2019-10-27 22:09:26 +08:00
|
|
|
#define EVP_PKEY_CTX_IS_GEN_OP(ctx) \
|
|
|
|
((ctx)->operation == EVP_PKEY_OP_PARAMGEN \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_KEYGEN)
|
|
|
|
|
2021-01-21 06:04:53 +08:00
|
|
|
#define EVP_PKEY_CTX_IS_FROMDATA_OP(ctx) \
|
|
|
|
((ctx)->operation == EVP_PKEY_OP_FROMDATA)
|
|
|
|
|
2020-09-19 16:08:46 +08:00
|
|
|
#define EVP_PKEY_CTX_IS_KEM_OP(ctx) \
|
|
|
|
((ctx)->operation == EVP_PKEY_OP_ENCAPSULATE \
|
|
|
|
|| (ctx)->operation == EVP_PKEY_OP_DECAPSULATE)
|
|
|
|
|
2016-04-12 19:20:16 +08:00
|
|
|
void openssl_add_all_ciphers_int(void);
|
|
|
|
void openssl_add_all_digests_int(void);
|
|
|
|
void evp_cleanup_int(void);
|
2017-09-11 23:15:55 +08:00
|
|
|
void evp_app_cleanup_int(void);
|
2020-10-15 17:55:50 +08:00
|
|
|
void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
|
2020-02-21 03:26:16 +08:00
|
|
|
EVP_KEYMGMT **keymgmt,
|
|
|
|
const char *propquery);
|
2020-04-14 04:34:56 +08:00
|
|
|
#ifndef FIPS_MODULE
|
2020-08-27 16:07:09 +08:00
|
|
|
int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src);
|
2021-02-25 00:38:28 +08:00
|
|
|
void *evp_pkey_get_legacy(EVP_PKEY *pk);
|
2019-10-27 22:09:26 +08:00
|
|
|
void evp_pkey_free_legacy(EVP_PKEY *x);
|
2021-03-23 23:40:53 +08:00
|
|
|
EVP_PKEY *evp_pkcs82pkey_legacy(const PKCS8_PRIV_KEY_INFO *p8inf,
|
|
|
|
OSSL_LIB_CTX *libctx, const char *propq);
|
2019-10-27 22:09:26 +08:00
|
|
|
#endif
|
2017-01-10 04:29:42 +08:00
|
|
|
|
2020-02-03 12:42:48 +08:00
|
|
|
/*
|
|
|
|
* KEYMGMT utility functions
|
|
|
|
*/
|
2020-07-09 04:09:32 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Key import structure and helper function, to be used as an export callback
|
|
|
|
*/
|
|
|
|
struct evp_keymgmt_util_try_import_data_st {
|
|
|
|
EVP_KEYMGMT *keymgmt;
|
|
|
|
void *keydata;
|
|
|
|
|
|
|
|
int selection;
|
|
|
|
};
|
|
|
|
int evp_keymgmt_util_try_import(const OSSL_PARAM params[], void *arg);
|
|
|
|
int evp_keymgmt_util_assign_pkey(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt,
|
|
|
|
void *keydata);
|
|
|
|
EVP_PKEY *evp_keymgmt_util_make_pkey(EVP_KEYMGMT *keymgmt, void *keydata);
|
|
|
|
|
2020-09-11 14:35:26 +08:00
|
|
|
int evp_keymgmt_util_export(const EVP_PKEY *pk, int selection,
|
|
|
|
OSSL_CALLBACK *export_cb, void *export_cbarg);
|
2022-11-10 23:46:32 +08:00
|
|
|
void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
|
|
|
|
int selection);
|
2021-02-04 12:40:19 +08:00
|
|
|
OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk,
|
2022-11-10 23:46:32 +08:00
|
|
|
EVP_KEYMGMT *keymgmt,
|
|
|
|
int selection);
|
2023-05-10 23:27:03 +08:00
|
|
|
int evp_keymgmt_util_clear_operation_cache(EVP_PKEY *pk);
|
2022-11-10 23:46:32 +08:00
|
|
|
int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
|
|
|
|
void *keydata, int selection);
|
2020-02-21 03:26:16 +08:00
|
|
|
void evp_keymgmt_util_cache_keyinfo(EVP_PKEY *pk);
|
2020-02-03 12:42:48 +08:00
|
|
|
void *evp_keymgmt_util_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
int selection, const OSSL_PARAM params[]);
|
2020-02-05 17:18:51 +08:00
|
|
|
int evp_keymgmt_util_has(EVP_PKEY *pk, int selection);
|
2020-02-05 19:55:43 +08:00
|
|
|
int evp_keymgmt_util_match(EVP_PKEY *pk1, EVP_PKEY *pk2, int selection);
|
2020-02-05 23:30:21 +08:00
|
|
|
int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection);
|
2019-10-27 22:09:26 +08:00
|
|
|
void *evp_keymgmt_util_gen(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
|
|
|
|
void *genctx, OSSL_CALLBACK *cb, void *cbarg);
|
2020-04-20 15:14:59 +08:00
|
|
|
int evp_keymgmt_util_get_deflt_digest_name(EVP_KEYMGMT *keymgmt,
|
|
|
|
void *keydata,
|
|
|
|
char *mdname, size_t mdname_sz);
|
EVP: Reverse the fetch logic in all pkey using functionality
In all initializing functions for functionality that use an EVP_PKEY, the
coded logic was to find an KEYMGMT implementation first, and then try to
find the operation method (for example, SIGNATURE implementation) in the
same provider.
This implies that in providers where there is a KEYMGMT implementation,
there must also be a SIGNATURE implementation, along with a KEYEXCH,
ASYM_CIPHER, etc implementation.
The intended design was, however, the opposite implication, i.e. that
where there is a SIGNATURE implementation, there must also be KEYMGMT.
This change reverses the logic of the code to be closer to the intended
design.
There is a consequence; we now use the query_operation_name function from
the KEYMGMT of the EVP_PKEY given by the EVP_PKEY_CTX (ultimately given by
the application). Previously, we used the query_operation_name function
from the KEYMGMT found alongside the SIGNATURE implementation.
Another minor consequence is that the |keymgmt| field in EVP_PKEY_CTX
is now always a reference to the KEYMGMT of the |pkey| field if that
one is given (|pkey| isn't NULL) and is provided (|pkey->keymgmt|
isn't NULL).
Fixes #16614
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16725)
2021-10-01 14:57:03 +08:00
|
|
|
const char *evp_keymgmt_util_query_operation_name(EVP_KEYMGMT *keymgmt,
|
|
|
|
int op_id);
|
2019-07-07 03:57:15 +08:00
|
|
|
|
2020-02-03 12:42:48 +08:00
|
|
|
/*
|
|
|
|
* KEYMGMT provider interface functions
|
|
|
|
*/
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt);
|
|
|
|
void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata);
|
|
|
|
int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt,
|
|
|
|
void *keydata, OSSL_PARAM params[]);
|
2019-12-15 06:20:53 +08:00
|
|
|
int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt,
|
|
|
|
void *keydata, const OSSL_PARAM params[]);
|
2021-03-02 07:01:33 +08:00
|
|
|
void *evp_keymgmt_gen_init(const EVP_KEYMGMT *keymgmt, int selection,
|
|
|
|
const OSSL_PARAM params[]);
|
2019-10-26 19:00:56 +08:00
|
|
|
int evp_keymgmt_gen_set_template(const EVP_KEYMGMT *keymgmt, void *genctx,
|
2023-08-09 14:43:40 +08:00
|
|
|
void *templ);
|
2019-10-26 19:00:56 +08:00
|
|
|
int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
|
|
|
|
const OSSL_PARAM params[]);
|
|
|
|
void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
|
|
|
|
OSSL_CALLBACK *cb, void *cbarg);
|
|
|
|
void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx);
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
|
2021-06-28 11:37:22 +08:00
|
|
|
int evp_keymgmt_has_load(const EVP_KEYMGMT *keymgmt);
|
2020-07-09 04:21:18 +08:00
|
|
|
void *evp_keymgmt_load(const EVP_KEYMGMT *keymgmt,
|
|
|
|
const void *objref, size_t objref_sz);
|
|
|
|
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keyddata, int selection);
|
|
|
|
int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
|
2021-02-09 23:50:05 +08:00
|
|
|
int selection, int checktype);
|
2020-02-05 19:53:14 +08:00
|
|
|
int evp_keymgmt_match(const EVP_KEYMGMT *keymgmt,
|
|
|
|
const void *keydata1, const void *keydata2,
|
|
|
|
int selection);
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
|
|
|
|
int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata,
|
|
|
|
int selection, const OSSL_PARAM params[]);
|
|
|
|
const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt,
|
|
|
|
int selection);
|
|
|
|
int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata,
|
|
|
|
int selection, OSSL_CALLBACK *param_cb, void *cbarg);
|
|
|
|
const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt,
|
|
|
|
int selection);
|
2021-04-08 01:35:13 +08:00
|
|
|
void *evp_keymgmt_dup(const EVP_KEYMGMT *keymgmt,
|
2021-04-09 00:25:26 +08:00
|
|
|
const void *keydata_from, int selection);
|
2022-01-21 02:49:40 +08:00
|
|
|
EVP_KEYMGMT *evp_keymgmt_fetch_from_prov(OSSL_PROVIDER *prov,
|
|
|
|
const char *name,
|
|
|
|
const char *properties);
|
2020-01-29 18:32:32 +08:00
|
|
|
|
2017-11-12 08:03:10 +08:00
|
|
|
/* Pulling defines out of C source files */
|
2017-01-10 04:29:42 +08:00
|
|
|
|
2021-02-07 05:36:46 +08:00
|
|
|
# define EVP_RC4_KEY_SIZE 16
|
|
|
|
# ifndef TLS1_1_VERSION
|
|
|
|
# define TLS1_1_VERSION 0x0302
|
|
|
|
# endif
|
2018-04-09 22:06:50 +08:00
|
|
|
|
|
|
|
void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
|
|
|
|
|
|
|
|
/* EVP_ENCODE_CTX flags */
|
2018-04-09 22:50:20 +08:00
|
|
|
/* Don't generate new lines when encoding */
|
|
|
|
#define EVP_ENCODE_CTX_NO_NEWLINES 1
|
|
|
|
/* Use the SRP base64 alphabet instead of the standard one */
|
|
|
|
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
|
2019-11-01 22:13:49 +08:00
|
|
|
|
2020-10-15 17:55:50 +08:00
|
|
|
const EVP_CIPHER *evp_get_cipherbyname_ex(OSSL_LIB_CTX *libctx,
|
|
|
|
const char *name);
|
|
|
|
const EVP_MD *evp_get_digestbyname_ex(OSSL_LIB_CTX *libctx,
|
|
|
|
const char *name);
|
2020-01-12 09:32:12 +08:00
|
|
|
|
2021-03-09 12:44:51 +08:00
|
|
|
int ossl_pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
|
|
|
|
const unsigned char *salt, int saltlen, int iter,
|
|
|
|
const EVP_MD *digest, int keylen,
|
|
|
|
unsigned char *out,
|
|
|
|
OSSL_LIB_CTX *libctx, const char *propq);
|
2020-08-07 12:29:00 +08:00
|
|
|
|
2021-02-07 05:36:46 +08:00
|
|
|
# ifndef FIPS_MODULE
|
2019-12-15 06:20:53 +08:00
|
|
|
/*
|
|
|
|
* Internal helpers for stricter EVP_PKEY_CTX_{set,get}_params().
|
|
|
|
*
|
|
|
|
* Return 1 on success, 0 or negative for errors.
|
|
|
|
*
|
|
|
|
* In particular they return -2 if any of the params is not supported.
|
|
|
|
*
|
2020-04-14 04:34:56 +08:00
|
|
|
* They are not available in FIPS_MODULE as they depend on
|
2019-12-15 06:20:53 +08:00
|
|
|
* - EVP_PKEY_CTX_{get,set}_params()
|
|
|
|
* - EVP_PKEY_CTX_{gettable,settable}_params()
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
|
|
|
|
int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
|
2020-04-07 01:18:18 +08:00
|
|
|
|
2020-09-24 17:42:23 +08:00
|
|
|
EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id,
|
2020-10-15 17:55:50 +08:00
|
|
|
OSSL_LIB_CTX *libctx, const char *propq);
|
2020-09-02 15:30:42 +08:00
|
|
|
int evp_pkey_name2type(const char *name);
|
2021-01-27 18:07:38 +08:00
|
|
|
const char *evp_pkey_type2name(int type);
|
2020-09-02 21:54:13 +08:00
|
|
|
|
|
|
|
int evp_pkey_ctx_use_cached_data(EVP_PKEY_CTX *ctx);
|
2021-02-07 05:36:46 +08:00
|
|
|
# endif /* !defined(FIPS_MODULE) */
|
|
|
|
|
2022-04-22 17:00:36 +08:00
|
|
|
int evp_method_store_cache_flush(OSSL_LIB_CTX *libctx);
|
2022-04-22 22:44:51 +08:00
|
|
|
int evp_method_store_remove_all_provided(const OSSL_PROVIDER *prov);
|
2022-04-22 17:00:36 +08:00
|
|
|
|
2021-07-27 23:59:59 +08:00
|
|
|
int evp_default_properties_enable_fips_int(OSSL_LIB_CTX *libctx, int enable,
|
|
|
|
int loadconfig);
|
2020-10-15 17:55:50 +08:00
|
|
|
int evp_set_default_properties_int(OSSL_LIB_CTX *libctx, const char *propq,
|
2021-05-08 00:59:47 +08:00
|
|
|
int loadconfig, int mirrored);
|
|
|
|
char *evp_get_global_properties_str(OSSL_LIB_CTX *libctx, int loadconfig);
|
2020-09-03 18:50:30 +08:00
|
|
|
|
2022-03-10 17:38:09 +08:00
|
|
|
void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force, int keep_digest);
|
2022-04-13 22:26:18 +08:00
|
|
|
/* just free the algctx if set, returns 0 on inconsistent state of ctx */
|
|
|
|
int evp_md_ctx_free_algctx(EVP_MD_CTX *ctx);
|
2021-02-07 05:36:46 +08:00
|
|
|
|
2021-01-25 22:24:46 +08:00
|
|
|
/* Three possible states: */
|
|
|
|
# define EVP_PKEY_STATE_UNKNOWN 0
|
|
|
|
# define EVP_PKEY_STATE_LEGACY 1
|
|
|
|
# define EVP_PKEY_STATE_PROVIDER 2
|
|
|
|
int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx);
|
|
|
|
|
2021-01-21 06:04:53 +08:00
|
|
|
/* These two must ONLY be called for provider side operations */
|
|
|
|
int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *ctx,
|
|
|
|
int keytype, int optype,
|
|
|
|
int cmd, int p1, void *p2);
|
|
|
|
int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *ctx,
|
|
|
|
const char *name, const char *value);
|
|
|
|
|
|
|
|
/* These two must ONLY be called for legacy operations */
|
2021-04-15 00:29:22 +08:00
|
|
|
int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params);
|
2021-01-21 06:04:53 +08:00
|
|
|
int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
|
|
|
|
|
|
|
|
/* This must ONLY be called for legacy EVP_PKEYs */
|
|
|
|
int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params);
|
|
|
|
|
2021-03-02 23:52:00 +08:00
|
|
|
/* Same as the public get0 functions but are not const */
|
|
|
|
# ifndef OPENSSL_NO_DEPRECATED_3_0
|
|
|
|
DH *evp_pkey_get0_DH_int(const EVP_PKEY *pkey);
|
|
|
|
EC_KEY *evp_pkey_get0_EC_KEY_int(const EVP_PKEY *pkey);
|
|
|
|
RSA *evp_pkey_get0_RSA_int(const EVP_PKEY *pkey);
|
|
|
|
# endif
|
|
|
|
|
2021-06-01 10:51:45 +08:00
|
|
|
/* Get internal identification number routines */
|
|
|
|
int evp_asym_cipher_get_number(const EVP_ASYM_CIPHER *cipher);
|
|
|
|
int evp_cipher_get_number(const EVP_CIPHER *cipher);
|
|
|
|
int evp_kdf_get_number(const EVP_KDF *kdf);
|
|
|
|
int evp_kem_get_number(const EVP_KEM *wrap);
|
|
|
|
int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch);
|
|
|
|
int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt);
|
2024-01-11 23:52:35 +08:00
|
|
|
int evp_keymgmt_get_legacy_alg(const EVP_KEYMGMT *keymgmt);
|
2021-06-01 10:51:45 +08:00
|
|
|
int evp_mac_get_number(const EVP_MAC *mac);
|
|
|
|
int evp_md_get_number(const EVP_MD *md);
|
|
|
|
int evp_rand_get_number(const EVP_RAND *rand);
|
2023-10-16 07:35:48 +08:00
|
|
|
int evp_rand_can_seed(EVP_RAND_CTX *ctx);
|
|
|
|
size_t evp_rand_get_seed(EVP_RAND_CTX *ctx,
|
|
|
|
unsigned char **buffer,
|
|
|
|
int entropy, size_t min_len, size_t max_len,
|
|
|
|
int prediction_resistance,
|
|
|
|
const unsigned char *adin, size_t adin_len);
|
|
|
|
void evp_rand_clear_seed(EVP_RAND_CTX *ctx,
|
|
|
|
unsigned char *buffer, size_t b_len);
|
2021-06-01 10:51:45 +08:00
|
|
|
int evp_signature_get_number(const EVP_SIGNATURE *signature);
|
|
|
|
|
2021-12-25 20:38:23 +08:00
|
|
|
int evp_pkey_decrypt_alloc(EVP_PKEY_CTX *ctx, unsigned char **outp,
|
|
|
|
size_t *outlenp, size_t expected_outlen,
|
|
|
|
const unsigned char *in, size_t inlen);
|
|
|
|
|
2021-02-07 05:36:46 +08:00
|
|
|
#endif /* OSSL_CRYPTO_EVP_H */
|