2016-05-18 02:24:46 +08:00
|
|
|
/*
|
2018-06-20 22:25:43 +08:00
|
|
|
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
1998-12-21 18:56:39 +08:00
|
|
|
*
|
2018-12-06 20:40:06 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 02:24:46 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
|
* https://www.openssl.org/source/license.html
|
1998-12-21 18:56:39 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
2015-05-14 22:56:48 +08:00
|
|
|
#include "internal/cryptlib.h"
|
1999-04-24 06:13:45 +08:00
|
|
|
#include <openssl/evp.h>
|
|
|
|
|
#include <openssl/objects.h>
|
2019-04-04 01:01:21 +08:00
|
|
|
#include <openssl/params.h>
|
|
|
|
|
#include <openssl/core_names.h>
|
2019-06-27 17:48:17 +08:00
|
|
|
#include <openssl/dh.h>
|
2019-09-28 06:45:33 +08:00
|
|
|
#include "crypto/evp.h"
|
2019-03-13 22:49:40 +08:00
|
|
|
#include "internal/provider.h"
|
2019-09-28 06:45:40 +08:00
|
|
|
#include "evp_local.h"
|
1998-12-21 18:56:39 +08:00
|
|
|
|
2019-05-13 13:41:06 +08:00
|
|
|
#if !defined(FIPS_MODE)
|
1999-04-20 05:31:43 +08:00
|
|
|
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
int ret = -1; /* Assume the worst */
|
2019-04-04 01:01:21 +08:00
|
|
|
const EVP_CIPHER *cipher = c->cipher;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
/*
|
|
|
|
|
* For legacy implementations, we detect custom AlgorithmIdentifier
|
|
|
|
|
* parameter handling by checking if the function pointer
|
|
|
|
|
* cipher->set_asn1_parameters is set. We know that this pointer
|
|
|
|
|
* is NULL for provided implementations.
|
|
|
|
|
*
|
|
|
|
|
* Otherwise, for any implementation, we check the flag
|
|
|
|
|
* EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
|
|
|
|
|
* default AI parameter extraction.
|
|
|
|
|
*
|
|
|
|
|
* Otherwise, for provided implementations, we convert |type| to
|
|
|
|
|
* a DER encoded blob and pass to the implementation in OSSL_PARAM
|
|
|
|
|
* form.
|
|
|
|
|
*
|
|
|
|
|
* If none of the above applies, this operation is unsupported.
|
|
|
|
|
*/
|
|
|
|
|
if (cipher->set_asn1_parameters != NULL) {
|
2019-04-04 01:01:21 +08:00
|
|
|
ret = cipher->set_asn1_parameters(c, type);
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
} else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
|
2019-04-04 01:01:21 +08:00
|
|
|
switch (EVP_CIPHER_mode(cipher)) {
|
2015-08-01 22:38:11 +08:00
|
|
|
case EVP_CIPH_WRAP_MODE:
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap))
|
2015-10-13 04:14:04 +08:00
|
|
|
ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
|
2015-01-22 11:40:55 +08:00
|
|
|
ret = 1;
|
2015-08-01 22:38:11 +08:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case EVP_CIPH_GCM_MODE:
|
|
|
|
|
case EVP_CIPH_CCM_MODE:
|
|
|
|
|
case EVP_CIPH_XTS_MODE:
|
|
|
|
|
case EVP_CIPH_OCB_MODE:
|
2018-05-11 03:14:12 +08:00
|
|
|
ret = -2;
|
2015-08-01 22:38:11 +08:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
2015-01-22 11:40:55 +08:00
|
|
|
ret = EVP_CIPHER_set_asn1_iv(c, type);
|
2015-08-01 22:38:11 +08:00
|
|
|
}
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
} else if (cipher->prov != NULL) {
|
|
|
|
|
OSSL_PARAM params[3], *p = params;
|
|
|
|
|
unsigned char *der = NULL, *derp;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* We make two passes, the first to get the appropriate buffer size,
|
|
|
|
|
* and the second to get the actual value.
|
|
|
|
|
*/
|
|
|
|
|
*p++ = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
|
|
|
|
|
NULL, 0);
|
|
|
|
|
*p = OSSL_PARAM_construct_end();
|
|
|
|
|
|
|
|
|
|
if (!EVP_CIPHER_CTX_get_params(c, params))
|
|
|
|
|
goto err;
|
|
|
|
|
|
|
|
|
|
/* ... but, we should get a return size too! */
|
|
|
|
|
if (params[0].return_size != 0
|
|
|
|
|
&& (der = OPENSSL_malloc(params[0].return_size)) != NULL) {
|
|
|
|
|
params[0].data = der;
|
|
|
|
|
params[0].data_size = params[0].return_size;
|
|
|
|
|
params[0].return_size = 0;
|
|
|
|
|
derp = der;
|
|
|
|
|
if (EVP_CIPHER_CTX_get_params(c, params)
|
|
|
|
|
&& d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
|
|
|
|
|
params[0].return_size) != NULL) {
|
|
|
|
|
ret = 1;
|
|
|
|
|
}
|
|
|
|
|
OPENSSL_free(der);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
ret = -2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err:
|
2019-08-17 06:05:08 +08:00
|
|
|
if (ret == -2)
|
|
|
|
|
EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, ASN1_R_UNSUPPORTED_CIPHER);
|
|
|
|
|
else if (ret <= 0)
|
|
|
|
|
EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, EVP_R_CIPHER_PARAMETER_ERROR);
|
2018-05-11 03:14:12 +08:00
|
|
|
if (ret < -1)
|
|
|
|
|
ret = -1;
|
2017-10-17 22:04:09 +08:00
|
|
|
return ret;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:56:39 +08:00
|
|
|
|
1999-04-20 05:31:43 +08:00
|
|
|
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
int ret = -1; /* Assume the worst */
|
2019-04-04 01:01:21 +08:00
|
|
|
const EVP_CIPHER *cipher = c->cipher;
|
|
|
|
|
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
/*
|
|
|
|
|
* For legacy implementations, we detect custom AlgorithmIdentifier
|
|
|
|
|
* parameter handling by checking if there the function pointer
|
|
|
|
|
* cipher->get_asn1_parameters is set. We know that this pointer
|
|
|
|
|
* is NULL for provided implementations.
|
|
|
|
|
*
|
|
|
|
|
* Otherwise, for any implementation, we check the flag
|
|
|
|
|
* EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
|
|
|
|
|
* default AI parameter creation.
|
|
|
|
|
*
|
|
|
|
|
* Otherwise, for provided implementations, we get the AI parameter
|
|
|
|
|
* in DER encoded form from the implementation by requesting the
|
|
|
|
|
* appropriate OSSL_PARAM and converting the result to a ASN1_TYPE.
|
|
|
|
|
*
|
|
|
|
|
* If none of the above applies, this operation is unsupported.
|
|
|
|
|
*/
|
|
|
|
|
if (cipher->get_asn1_parameters != NULL) {
|
2019-04-04 01:01:21 +08:00
|
|
|
ret = cipher->get_asn1_parameters(c, type);
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
} else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
|
2019-04-04 01:01:21 +08:00
|
|
|
switch (EVP_CIPHER_mode(cipher)) {
|
2015-08-01 22:38:11 +08:00
|
|
|
case EVP_CIPH_WRAP_MODE:
|
|
|
|
|
ret = 1;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case EVP_CIPH_GCM_MODE:
|
|
|
|
|
case EVP_CIPH_CCM_MODE:
|
|
|
|
|
case EVP_CIPH_XTS_MODE:
|
|
|
|
|
case EVP_CIPH_OCB_MODE:
|
2018-05-11 03:14:12 +08:00
|
|
|
ret = -2;
|
2015-08-01 22:38:11 +08:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
ret = EVP_CIPHER_get_asn1_iv(c, type);
|
|
|
|
|
}
|
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
2019-09-25 14:56:14 +08:00
|
|
|
} else if (cipher->prov != NULL) {
|
|
|
|
|
OSSL_PARAM params[3], *p = params;
|
|
|
|
|
unsigned char *der = NULL;
|
|
|
|
|
int derl = -1;
|
|
|
|
|
|
|
|
|
|
if ((derl = i2d_ASN1_TYPE(type, &der)) >= 0) {
|
|
|
|
|
*p++ =
|
|
|
|
|
OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
|
|
|
|
|
der, (size_t)derl);
|
|
|
|
|
*p = OSSL_PARAM_construct_end();
|
|
|
|
|
if (EVP_CIPHER_CTX_set_params(c, params))
|
|
|
|
|
ret = 1;
|
|
|
|
|
OPENSSL_free(der);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
ret = -2;
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-17 06:05:08 +08:00
|
|
|
if (ret == -2)
|
|
|
|
|
EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_UNSUPPORTED_CIPHER);
|
|
|
|
|
else if (ret <= 0)
|
|
|
|
|
EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_CIPHER_PARAMETER_ERROR);
|
2018-05-11 03:14:12 +08:00
|
|
|
if (ret < -1)
|
|
|
|
|
ret = -1;
|
2017-10-17 22:04:09 +08:00
|
|
|
return ret;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:56:39 +08:00
|
|
|
|
2019-04-04 01:01:21 +08:00
|
|
|
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
int i = 0;
|
|
|
|
|
unsigned int l;
|
|
|
|
|
|
|
|
|
|
if (type != NULL) {
|
2019-04-04 01:01:21 +08:00
|
|
|
unsigned char iv[EVP_MAX_IV_LENGTH];
|
|
|
|
|
|
|
|
|
|
l = EVP_CIPHER_CTX_iv_length(ctx);
|
|
|
|
|
if (!ossl_assert(l <= sizeof(iv)))
|
|
|
|
|
return -1;
|
|
|
|
|
i = ASN1_TYPE_get_octetstring(type, iv, l);
|
2015-01-22 11:40:55 +08:00
|
|
|
if (i != (int)l)
|
2017-10-17 22:04:09 +08:00
|
|
|
return -1;
|
2019-04-04 01:01:21 +08:00
|
|
|
|
|
|
|
|
if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1))
|
|
|
|
|
return -1;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2017-10-17 22:04:09 +08:00
|
|
|
return i;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:56:39 +08:00
|
|
|
|
1999-04-20 05:31:43 +08:00
|
|
|
int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
int i = 0;
|
|
|
|
|
unsigned int j;
|
2019-10-08 07:19:10 +08:00
|
|
|
unsigned char *oiv = NULL;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
if (type != NULL) {
|
2019-10-08 07:19:10 +08:00
|
|
|
oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c);
|
2015-01-22 11:40:55 +08:00
|
|
|
j = EVP_CIPHER_CTX_iv_length(c);
|
|
|
|
|
OPENSSL_assert(j <= sizeof(c->iv));
|
2019-10-08 07:19:10 +08:00
|
|
|
i = ASN1_TYPE_set_octetstring(type, oiv, j);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2017-10-17 22:04:09 +08:00
|
|
|
return i;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2019-05-13 13:41:06 +08:00
|
|
|
#endif /* !defined(FIPS_MODE) */
|
1999-05-10 08:47:42 +08:00
|
|
|
|
|
|
|
|
/* Convert the various cipher NIDs and dummies to a proper OID NID */
|
1999-05-16 08:25:36 +08:00
|
|
|
int EVP_CIPHER_type(const EVP_CIPHER *ctx)
|
1999-05-10 08:47:42 +08:00
|
|
|
{
|
2015-01-22 11:40:55 +08:00
|
|
|
int nid;
|
|
|
|
|
nid = EVP_CIPHER_nid(ctx);
|
1999-05-10 08:47:42 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
switch (nid) {
|
1999-05-10 08:47:42 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_rc2_cbc:
|
|
|
|
|
case NID_rc2_64_cbc:
|
|
|
|
|
case NID_rc2_40_cbc:
|
1999-05-10 08:47:42 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_rc2_cbc;
|
1999-05-10 08:47:42 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_rc4:
|
|
|
|
|
case NID_rc4_40:
|
1999-05-10 08:47:42 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_rc4;
|
1999-05-10 08:47:42 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_aes_128_cfb128:
|
|
|
|
|
case NID_aes_128_cfb8:
|
|
|
|
|
case NID_aes_128_cfb1:
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_aes_128_cfb128;
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_aes_192_cfb128:
|
|
|
|
|
case NID_aes_192_cfb8:
|
|
|
|
|
case NID_aes_192_cfb1:
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_aes_192_cfb128;
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_aes_256_cfb128:
|
|
|
|
|
case NID_aes_256_cfb8:
|
|
|
|
|
case NID_aes_256_cfb1:
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_aes_256_cfb128;
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_des_cfb64:
|
|
|
|
|
case NID_des_cfb8:
|
|
|
|
|
case NID_des_cfb1:
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_des_cfb64;
|
2004-01-29 03:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case NID_des_ede3_cfb64:
|
|
|
|
|
case NID_des_ede3_cfb8:
|
|
|
|
|
case NID_des_ede3_cfb1:
|
2009-12-25 22:13:11 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return NID_des_cfb64;
|
2009-12-25 22:13:11 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
default:
|
2019-05-13 13:41:06 +08:00
|
|
|
#ifdef FIPS_MODE
|
|
|
|
|
return NID_undef;
|
|
|
|
|
#else
|
|
|
|
|
{
|
|
|
|
|
/* Check it has an OID and it is valid */
|
|
|
|
|
ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
|
|
|
|
|
|
|
|
|
|
if (OBJ_get0_data(otmp) == NULL)
|
|
|
|
|
nid = NID_undef;
|
|
|
|
|
ASN1_OBJECT_free(otmp);
|
|
|
|
|
return nid;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1999-05-10 08:47:42 +08:00
|
|
|
}
|
|
|
|
|
|
2019-04-04 01:01:21 +08:00
|
|
|
int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
size_t v = cipher->block_size;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &v);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_getparams(cipher, params);
|
2019-07-09 13:32:16 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2008-11-12 11:58:08 +08:00
|
|
|
int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-04-04 01:01:21 +08:00
|
|
|
return EVP_CIPHER_block_size(ctx->cipher);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2015-12-18 23:37:02 +08:00
|
|
|
int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
|
|
|
|
|
{
|
|
|
|
|
return e->ctx_size;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
|
|
|
const unsigned char *in, unsigned int inl)
|
|
|
|
|
{
|
2019-04-04 01:01:21 +08:00
|
|
|
if (ctx->cipher->prov != NULL) {
|
Fix EVP_Cipher() for provided cipher implementations
EVP_Cipher() would return whatever ctx->cipher->ccipher() returned
with no regard for historical semantics.
We change this to first look if there is a ctx->cipher->ccipher(), and
in that case we treat the implementation as one with a custom cipher,
and "translate" it's return value like this: 0 => -1, 1 => outl, where
|outl| is the output length.
If there is no ctx->cipher->ccipher, we treat the implementation as
one without a custom cipher, call ctx->cipher->cupdate or
ctx->cipher->cfinal depending on input, and return whatever they
return (0 or 1).
Furthermore, we add a small hack in EVP_CIPHER_flags() to check if the
cipher is a provided one, and add EVP_CIPH_FLAG_CUSTOM_CIPHER to the
flags to be returned if there is a cipher->ccipher. That way,
provided implementations never have to set that flag themselves, all
they need to do is to include a OSSL_FUNC_CIPHER_CIPHER function.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10137)
2019-10-11 00:04:06 +08:00
|
|
|
/*
|
|
|
|
|
* If the provided implementation has a ccipher function, we use it,
|
|
|
|
|
* and translate its return value like this: 0 => -1, 1 => outlen
|
|
|
|
|
*
|
|
|
|
|
* Otherwise, we call the cupdate function if in != NULL, or cfinal
|
|
|
|
|
* if in == NULL. Regardless of which, we return what we got.
|
|
|
|
|
*/
|
|
|
|
|
int ret = -1;
|
|
|
|
|
size_t outl = 0;
|
|
|
|
|
size_t blocksize = EVP_CIPHER_CTX_block_size(ctx);
|
2019-04-30 20:01:52 +08:00
|
|
|
|
2019-04-04 01:01:21 +08:00
|
|
|
if (ctx->cipher->ccipher != NULL)
|
Fix EVP_Cipher() for provided cipher implementations
EVP_Cipher() would return whatever ctx->cipher->ccipher() returned
with no regard for historical semantics.
We change this to first look if there is a ctx->cipher->ccipher(), and
in that case we treat the implementation as one with a custom cipher,
and "translate" it's return value like this: 0 => -1, 1 => outl, where
|outl| is the output length.
If there is no ctx->cipher->ccipher, we treat the implementation as
one without a custom cipher, call ctx->cipher->cupdate or
ctx->cipher->cfinal depending on input, and return whatever they
return (0 or 1).
Furthermore, we add a small hack in EVP_CIPHER_flags() to check if the
cipher is a provided one, and add EVP_CIPH_FLAG_CUSTOM_CIPHER to the
flags to be returned if there is a cipher->ccipher. That way,
provided implementations never have to set that flag themselves, all
they need to do is to include a OSSL_FUNC_CIPHER_CIPHER function.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10137)
2019-10-11 00:04:06 +08:00
|
|
|
ret = ctx->cipher->ccipher(ctx->provctx, out, &outl,
|
|
|
|
|
inl + (blocksize == 1 ? 0 : blocksize),
|
|
|
|
|
in, (size_t)inl)
|
|
|
|
|
? (int)outl : -1;
|
|
|
|
|
else if (in != NULL)
|
|
|
|
|
ret = ctx->cipher->cupdate(ctx->provctx, out, &outl,
|
|
|
|
|
inl + (blocksize == 1 ? 0 : blocksize),
|
|
|
|
|
in, (size_t)inl);
|
|
|
|
|
else
|
|
|
|
|
ret = ctx->cipher->cfinal(ctx->provctx, out, &outl,
|
|
|
|
|
blocksize == 1 ? 0 : blocksize);
|
|
|
|
|
|
|
|
|
|
return ret;
|
2019-04-04 01:01:21 +08:00
|
|
|
}
|
|
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
return ctx->cipher->do_cipher(ctx, out, in, inl);
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return ctx->cipher;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2015-12-14 04:25:42 +08:00
|
|
|
int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return ctx->encrypt;
|
|
|
|
|
}
|
|
|
|
|
|
2006-11-30 04:54:57 +08:00
|
|
|
unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-07-16 07:46:14 +08:00
|
|
|
int ok;
|
2019-07-09 13:32:16 +08:00
|
|
|
unsigned long v = cipher->flags;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
|
|
|
|
params[0] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &v);
|
|
|
|
|
ok = evp_do_ciph_getparams(cipher, params);
|
2019-07-09 13:32:16 +08:00
|
|
|
|
Fix EVP_Cipher() for provided cipher implementations
EVP_Cipher() would return whatever ctx->cipher->ccipher() returned
with no regard for historical semantics.
We change this to first look if there is a ctx->cipher->ccipher(), and
in that case we treat the implementation as one with a custom cipher,
and "translate" it's return value like this: 0 => -1, 1 => outl, where
|outl| is the output length.
If there is no ctx->cipher->ccipher, we treat the implementation as
one without a custom cipher, call ctx->cipher->cupdate or
ctx->cipher->cfinal depending on input, and return whatever they
return (0 or 1).
Furthermore, we add a small hack in EVP_CIPHER_flags() to check if the
cipher is a provided one, and add EVP_CIPH_FLAG_CUSTOM_CIPHER to the
flags to be returned if there is a cipher->ccipher. That way,
provided implementations never have to set that flag themselves, all
they need to do is to include a OSSL_FUNC_CIPHER_CIPHER function.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10137)
2019-10-11 00:04:06 +08:00
|
|
|
/* Provided implementations may have a custom cipher_cipher */
|
|
|
|
|
if (cipher->prov != NULL && cipher->ccipher != NULL)
|
|
|
|
|
v |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
|
|
|
|
|
|
2019-07-09 13:32:16 +08:00
|
|
|
return ok != 0 ? v : 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return ctx->app_data;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
ctx->app_data = data;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2016-03-07 18:17:27 +08:00
|
|
|
void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
|
2015-12-14 04:25:42 +08:00
|
|
|
{
|
|
|
|
|
return ctx->cipher_data;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-22 18:11:24 +08:00
|
|
|
void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
|
|
|
|
|
{
|
|
|
|
|
void *old_cipher_data;
|
|
|
|
|
|
|
|
|
|
old_cipher_data = ctx->cipher_data;
|
|
|
|
|
ctx->cipher_data = cipher_data;
|
|
|
|
|
|
|
|
|
|
return old_cipher_data;
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-12 11:58:08 +08:00
|
|
|
int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
size_t v = cipher->iv_len;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
2019-04-04 01:01:21 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_getparams(cipher, params);
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2008-11-12 11:58:08 +08:00
|
|
|
int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-09-14 07:11:28 +08:00
|
|
|
int rv, len = EVP_CIPHER_iv_length(ctx->cipher);
|
|
|
|
|
size_t v = len;
|
2019-07-31 19:55:16 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
|
2019-08-08 11:14:05 +08:00
|
|
|
rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
|
|
|
|
if (rv == EVP_CTRL_RET_UNSUPPORTED)
|
|
|
|
|
goto legacy;
|
2019-09-05 09:23:57 +08:00
|
|
|
return rv != 0 ? (int)v : -1;
|
2019-08-08 11:14:05 +08:00
|
|
|
/* TODO (3.0) Remove legacy support */
|
|
|
|
|
legacy:
|
|
|
|
|
if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
|
|
|
|
|
rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
|
|
|
|
|
0, &len);
|
2019-09-14 07:11:28 +08:00
|
|
|
return (rv == 1) ? len : -1;
|
2019-08-08 11:14:05 +08:00
|
|
|
}
|
2019-09-14 07:11:28 +08:00
|
|
|
return len;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2019-09-11 15:52:30 +08:00
|
|
|
int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
size_t v = 0;
|
|
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
|
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
|
|
|
|
|
ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
|
|
|
|
return ret == 1 ? (int)v : 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-14 04:25:42 +08:00
|
|
|
const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
2019-10-08 07:19:10 +08:00
|
|
|
int ok;
|
|
|
|
|
const unsigned char *v = ctx->oiv;
|
|
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
|
|
|
|
params[0] =
|
|
|
|
|
OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
|
|
|
|
|
(void **)&v, sizeof(ctx->oiv));
|
|
|
|
|
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
|
|
|
|
|
|
|
|
|
return ok != 0 ? v : NULL;
|
2015-12-14 04:25:42 +08:00
|
|
|
}
|
|
|
|
|
|
2019-07-09 13:32:16 +08:00
|
|
|
/*
|
|
|
|
|
* OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
|
|
|
|
|
*/
|
2015-12-14 04:25:42 +08:00
|
|
|
const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
2019-07-16 07:46:14 +08:00
|
|
|
int ok;
|
2019-07-09 13:32:16 +08:00
|
|
|
const unsigned char *v = ctx->iv;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
2019-07-09 13:32:16 +08:00
|
|
|
|
2019-07-16 07:46:14 +08:00
|
|
|
params[0] =
|
|
|
|
|
OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v,
|
|
|
|
|
sizeof(ctx->iv));
|
|
|
|
|
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
|
|
|
|
|
|
|
|
|
return ok != 0 ? v : NULL;
|
2015-12-14 04:25:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
2019-07-16 07:46:14 +08:00
|
|
|
int ok;
|
2019-07-09 13:32:16 +08:00
|
|
|
unsigned char *v = ctx->iv;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
|
|
|
|
params[0] =
|
|
|
|
|
OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v,
|
|
|
|
|
sizeof(ctx->iv));
|
|
|
|
|
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
2019-07-09 13:32:16 +08:00
|
|
|
|
2019-07-16 07:46:14 +08:00
|
|
|
return ok != 0 ? v : NULL;
|
2015-12-14 04:25:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return ctx->buf;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
|
|
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
unsigned int v = (unsigned int)ctx->num;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
2019-07-09 13:32:16 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
2015-12-14 04:25:42 +08:00
|
|
|
}
|
|
|
|
|
|
2019-07-09 13:32:16 +08:00
|
|
|
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
|
2015-12-14 04:25:42 +08:00
|
|
|
{
|
2019-07-16 07:46:14 +08:00
|
|
|
int ok;
|
2019-09-05 09:23:57 +08:00
|
|
|
unsigned int n = (unsigned int)num;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
2019-07-09 13:32:16 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
|
|
|
|
|
|
|
|
|
|
if (ok != 0)
|
2019-09-05 09:23:57 +08:00
|
|
|
ctx->num = (int)n;
|
2019-07-09 13:32:16 +08:00
|
|
|
return ok != 0;
|
2015-12-14 04:25:42 +08:00
|
|
|
}
|
|
|
|
|
|
2008-11-12 11:58:08 +08:00
|
|
|
int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
size_t v = cipher->key_len;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_getparams(cipher, params);
|
2019-04-03 22:38:07 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2008-11-12 11:58:08 +08:00
|
|
|
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
size_t v = ctx->key_len;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
|
2019-07-09 13:32:16 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return cipher->nid;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return ctx->cipher->nid;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2019-09-14 22:35:08 +08:00
|
|
|
int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
|
|
|
|
|
{
|
2019-09-25 15:15:42 +08:00
|
|
|
#ifndef FIPS_MODE
|
|
|
|
|
if (cipher->prov == NULL) {
|
|
|
|
|
int nid = EVP_CIPHER_nid(cipher);
|
|
|
|
|
|
|
|
|
|
return nid == OBJ_sn2nid(name) || nid == OBJ_ln2nid(name);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2019-09-14 22:35:08 +08:00
|
|
|
return evp_is_a(cipher->prov, cipher->name_id, name);
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-11 04:24:00 +08:00
|
|
|
const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
|
|
|
|
|
{
|
|
|
|
|
if (cipher->prov != NULL)
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
return evp_first_name(cipher->prov, cipher->name_id);
|
2019-07-11 04:24:00 +08:00
|
|
|
#ifndef FIPS_MODE
|
|
|
|
|
return OBJ_nid2sn(EVP_CIPHER_nid(cipher));
|
|
|
|
|
#else
|
|
|
|
|
return NULL;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-23 16:56:13 +08:00
|
|
|
void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
|
|
|
|
|
void (*fn)(const char *name, void *data),
|
|
|
|
|
void *data)
|
|
|
|
|
{
|
|
|
|
|
if (cipher->prov != NULL)
|
|
|
|
|
evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-11 04:59:07 +08:00
|
|
|
const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher)
|
|
|
|
|
{
|
|
|
|
|
return cipher->prov;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-04 01:01:21 +08:00
|
|
|
int EVP_CIPHER_mode(const EVP_CIPHER *cipher)
|
|
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
unsigned int v = EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
|
2019-07-16 07:46:14 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
2019-04-04 01:01:21 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &v);
|
2019-07-16 07:46:14 +08:00
|
|
|
ok = evp_do_ciph_getparams(cipher, params);
|
2019-04-04 01:01:21 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : 0;
|
2019-07-16 07:46:14 +08:00
|
|
|
}
|
2019-04-04 01:01:21 +08:00
|
|
|
|
EVP: add missing common functionality
This adds the missing functions that should be common for all
fetchable EVP sub-APIs:
EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(),
EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(),
EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a().
This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(),
EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex'
to '_provided'.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-09-23 16:33:26 +08:00
|
|
|
int EVP_MD_is_a(const EVP_MD *md, const char *name)
|
|
|
|
|
{
|
|
|
|
|
return evp_is_a(md->prov, md->name_id, name);
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-11 04:24:00 +08:00
|
|
|
const char *EVP_MD_name(const EVP_MD *md)
|
|
|
|
|
{
|
|
|
|
|
if (md->prov != NULL)
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
return evp_first_name(md->prov, md->name_id);
|
2019-07-11 04:24:00 +08:00
|
|
|
#ifndef FIPS_MODE
|
|
|
|
|
return OBJ_nid2sn(EVP_MD_nid(md));
|
|
|
|
|
#else
|
|
|
|
|
return NULL;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-23 16:56:13 +08:00
|
|
|
void EVP_MD_names_do_all(const EVP_MD *md,
|
|
|
|
|
void (*fn)(const char *name, void *data),
|
|
|
|
|
void *data)
|
|
|
|
|
{
|
|
|
|
|
if (md->prov != NULL)
|
|
|
|
|
evp_names_do_all(md->prov, md->name_id, fn, data);
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-11 04:59:07 +08:00
|
|
|
const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
|
|
|
|
|
{
|
|
|
|
|
return md->prov;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
int EVP_MD_block_size(const EVP_MD *md)
|
|
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
size_t v = md->block_size;
|
2019-07-16 12:03:12 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
2019-03-29 01:22:20 +08:00
|
|
|
if (md == NULL) {
|
|
|
|
|
EVPerr(EVP_F_EVP_MD_BLOCK_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
|
2019-07-16 12:03:12 +08:00
|
|
|
ok = evp_do_md_getparams(md, params);
|
2019-03-29 01:22:20 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : -1;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
int EVP_MD_type(const EVP_MD *md)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return md->type;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
int EVP_MD_pkey_type(const EVP_MD *md)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return md->pkey_type;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2008-11-12 11:58:08 +08:00
|
|
|
int EVP_MD_size(const EVP_MD *md)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-09-05 09:23:57 +08:00
|
|
|
int ok;
|
|
|
|
|
size_t v = md->md_size;
|
2019-07-16 12:03:12 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
|
|
|
|
if (md == NULL) {
|
2015-01-22 11:40:55 +08:00
|
|
|
EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2019-03-14 00:17:17 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
|
2019-07-16 12:03:12 +08:00
|
|
|
ok = evp_do_md_getparams(md, params);
|
2019-03-14 00:17:17 +08:00
|
|
|
|
2019-09-05 09:23:57 +08:00
|
|
|
return ok != 0 ? (int)v : -1;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2009-04-15 23:27:03 +08:00
|
|
|
unsigned long EVP_MD_flags(const EVP_MD *md)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-07-16 12:03:12 +08:00
|
|
|
int ok;
|
|
|
|
|
unsigned long v = md->flags;
|
|
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
|
|
|
|
|
|
params[0] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &v);
|
|
|
|
|
ok = evp_do_md_getparams(md, params);
|
|
|
|
|
|
|
|
|
|
return ok != 0 ? v : 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2009-04-15 23:27:03 +08:00
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
|
|
|
|
|
{
|
2019-09-03 23:47:13 +08:00
|
|
|
EVP_MD *md = evp_md_new();
|
2016-02-08 23:11:56 +08:00
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
if (md != NULL) {
|
|
|
|
|
md->type = md_type;
|
|
|
|
|
md->pkey_type = pkey_type;
|
|
|
|
|
}
|
|
|
|
|
return md;
|
|
|
|
|
}
|
2019-04-03 22:38:07 +08:00
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
|
|
|
|
|
{
|
2019-09-03 23:47:13 +08:00
|
|
|
EVP_MD *to = NULL;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Non-legacy EVP_MDs can't be duplicated like this.
|
|
|
|
|
* Use EVP_MD_up_ref() instead.
|
|
|
|
|
*/
|
|
|
|
|
if (md->prov != NULL)
|
|
|
|
|
return NULL;
|
2016-02-08 23:11:56 +08:00
|
|
|
|
2019-09-03 23:47:13 +08:00
|
|
|
if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
|
2019-04-03 22:38:07 +08:00
|
|
|
CRYPTO_RWLOCK *lock = to->lock;
|
2019-09-03 23:47:13 +08:00
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
memcpy(to, md, sizeof(*to));
|
2019-04-03 22:38:07 +08:00
|
|
|
to->lock = lock;
|
|
|
|
|
}
|
2015-11-30 03:09:34 +08:00
|
|
|
return to;
|
|
|
|
|
}
|
2019-03-13 22:49:40 +08:00
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
void EVP_MD_meth_free(EVP_MD *md)
|
|
|
|
|
{
|
2019-09-03 23:47:13 +08:00
|
|
|
EVP_MD_free(md);
|
2015-11-30 03:09:34 +08:00
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->block_size != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->block_size = blocksize;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize)
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->md_size != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->md_size = resultsize;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->ctx_size != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->ctx_size = datasize;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->flags != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->flags = flags;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->init != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->init = init;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
|
|
|
|
|
const void *data,
|
|
|
|
|
size_t count))
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->update != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->update = update;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
|
|
|
|
|
unsigned char *md))
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->final != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->final = final;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
|
|
|
|
|
const EVP_MD_CTX *from))
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->copy != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->copy = copy;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->cleanup != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->cleanup = cleanup;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
|
|
|
|
|
int p1, void *p2))
|
|
|
|
|
{
|
2019-09-05 03:49:09 +08:00
|
|
|
if (md->md_ctrl != NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2015-11-30 03:09:34 +08:00
|
|
|
md->md_ctrl = ctrl;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int EVP_MD_meth_get_input_blocksize(const EVP_MD *md)
|
|
|
|
|
{
|
|
|
|
|
return md->block_size;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_get_result_size(const EVP_MD *md)
|
|
|
|
|
{
|
|
|
|
|
return md->md_size;
|
|
|
|
|
}
|
|
|
|
|
int EVP_MD_meth_get_app_datasize(const EVP_MD *md)
|
|
|
|
|
{
|
|
|
|
|
return md->ctx_size;
|
|
|
|
|
}
|
|
|
|
|
unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
|
|
|
|
|
{
|
2016-12-22 22:06:59 +08:00
|
|
|
return md->flags;
|
2015-11-30 03:09:34 +08:00
|
|
|
}
|
|
|
|
|
int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return md->init;
|
|
|
|
|
}
|
|
|
|
|
int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
|
|
|
|
|
const void *data,
|
|
|
|
|
size_t count)
|
|
|
|
|
{
|
|
|
|
|
return md->update;
|
|
|
|
|
}
|
|
|
|
|
int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
|
|
|
|
|
unsigned char *md)
|
|
|
|
|
{
|
|
|
|
|
return md->final;
|
|
|
|
|
}
|
|
|
|
|
int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
|
|
|
|
|
const EVP_MD_CTX *from)
|
|
|
|
|
{
|
|
|
|
|
return md->copy;
|
|
|
|
|
}
|
|
|
|
|
int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return md->cleanup;
|
|
|
|
|
}
|
|
|
|
|
int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
|
|
|
|
|
int p1, void *p2)
|
|
|
|
|
{
|
|
|
|
|
return md->md_ctrl;
|
|
|
|
|
}
|
|
|
|
|
|
2006-11-30 04:54:57 +08:00
|
|
|
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2019-03-30 00:28:07 +08:00
|
|
|
if (ctx == NULL)
|
2015-01-22 11:40:55 +08:00
|
|
|
return NULL;
|
2019-03-30 00:28:07 +08:00
|
|
|
return ctx->reqdigest;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
2015-11-27 20:35:02 +08:00
|
|
|
EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return ctx->pctx;
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-13 13:41:06 +08:00
|
|
|
#if !defined(FIPS_MODE)
|
|
|
|
|
/* TODO(3.0): EVP_DigestSign* not yet supported in FIPS module */
|
2018-09-03 23:56:41 +08:00
|
|
|
void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
|
|
|
|
|
{
|
2018-09-05 22:01:33 +08:00
|
|
|
/*
|
|
|
|
|
* it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
|
|
|
|
|
* we have to deal with the cleanup job here.
|
|
|
|
|
*/
|
|
|
|
|
if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
|
|
|
|
|
EVP_PKEY_CTX_free(ctx->pctx);
|
|
|
|
|
|
2018-09-03 23:56:41 +08:00
|
|
|
ctx->pctx = pctx;
|
2018-09-05 22:01:33 +08:00
|
|
|
|
|
|
|
|
if (pctx != NULL) {
|
|
|
|
|
/* make sure pctx is not freed when destroying EVP_MD_CTX */
|
|
|
|
|
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
|
|
|
|
|
} else {
|
|
|
|
|
EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
|
|
|
|
|
}
|
2018-09-03 23:56:41 +08:00
|
|
|
}
|
2019-05-13 13:41:06 +08:00
|
|
|
#endif /* !defined(FIPS_MODE) */
|
2018-09-03 23:56:41 +08:00
|
|
|
|
2015-11-27 20:35:02 +08:00
|
|
|
void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return ctx->md_data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
|
|
|
|
|
const void *data, size_t count)
|
|
|
|
|
{
|
|
|
|
|
return ctx->update;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
|
|
|
|
|
int (*update) (EVP_MD_CTX *ctx,
|
|
|
|
|
const void *data, size_t count))
|
|
|
|
|
{
|
|
|
|
|
ctx->update = update;
|
|
|
|
|
}
|
|
|
|
|
|
2006-11-30 04:54:57 +08:00
|
|
|
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
ctx->flags |= flags;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
ctx->flags &= ~flags;
|
|
|
|
|
}
|
2006-11-30 04:54:57 +08:00
|
|
|
|
|
|
|
|
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return (ctx->flags & flags);
|
|
|
|
|
}
|
2010-01-26 22:29:06 +08:00
|
|
|
|
|
|
|
|
void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
ctx->flags |= flags;
|
|
|
|
|
}
|
2010-01-26 22:29:06 +08:00
|
|
|
|
|
|
|
|
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
ctx->flags &= ~flags;
|
|
|
|
|
}
|
2010-01-26 22:29:06 +08:00
|
|
|
|
|
|
|
|
int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return (ctx->flags & flags);
|
|
|
|
|
}
|
2018-10-25 02:20:00 +08:00
|
|
|
|
|
|
|
|
int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
|
|
|
|
|
void *ctx, int cmd, const char *value)
|
|
|
|
|
{
|
|
|
|
|
size_t len;
|
|
|
|
|
|
|
|
|
|
len = strlen(value);
|
|
|
|
|
if (len > INT_MAX)
|
|
|
|
|
return -1;
|
|
|
|
|
return cb(ctx, cmd, (void *)value, len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
|
|
|
|
|
void *ctx, int cmd, const char *hex)
|
|
|
|
|
{
|
|
|
|
|
unsigned char *bin;
|
|
|
|
|
long binlen;
|
|
|
|
|
int rv = -1;
|
|
|
|
|
|
|
|
|
|
bin = OPENSSL_hexstr2buf(hex, &binlen);
|
|
|
|
|
if (bin == NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
if (binlen <= INT_MAX)
|
|
|
|
|
rv = cb(ctx, cmd, bin, binlen);
|
|
|
|
|
OPENSSL_free(bin);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
