From 42281f26174dcc6ef4847894f17627f305bdfa2b Mon Sep 17 00:00:00 2001 From: Shane Lontis Date: Thu, 12 Aug 2021 18:20:48 +1000 Subject: [PATCH] Refactor cipher aes_cts code so that it can be used by other 128bit ciphers Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/16286) --- providers/implementations/ciphers/build.info | 2 +- .../implementations/ciphers/cipher_aes_cts.h | 16 --- .../ciphers/cipher_aes_cts.inc | 50 ++-------- .../{cipher_aes_cts.c => cipher_cts.c} | 99 ++++++++++--------- .../implementations/ciphers/cipher_cts.h | 52 ++++++++++ 5 files changed, 110 insertions(+), 109 deletions(-) delete mode 100644 providers/implementations/ciphers/cipher_aes_cts.h rename providers/implementations/ciphers/{cipher_aes_cts.c => cipher_cts.c} (78%) create mode 100644 providers/implementations/ciphers/cipher_cts.h diff --git a/providers/implementations/ciphers/build.info b/providers/implementations/ciphers/build.info index cb87ea62d9..e4c5f4f051 100644 --- a/providers/implementations/ciphers/build.info +++ b/providers/implementations/ciphers/build.info @@ -47,7 +47,7 @@ SOURCE[$AES_GOAL]=\ cipher_aes_wrp.c \ cipher_aes_cbc_hmac_sha.c \ cipher_aes_cbc_hmac_sha256_hw.c cipher_aes_cbc_hmac_sha1_hw.c \ - cipher_aes_cts.c + cipher_cts.c # Extra code to satisfy the FIPS and non-FIPS separation. # When the AES-xxx-XTS moves to legacy, cipher_aes_xts_fips.c can be removed. diff --git a/providers/implementations/ciphers/cipher_aes_cts.h b/providers/implementations/ciphers/cipher_aes_cts.h deleted file mode 100644 index 37dd3df329..0000000000 --- a/providers/implementations/ciphers/cipher_aes_cts.h +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include "crypto/evp.h" - -OSSL_FUNC_cipher_update_fn ossl_aes_cbc_cts_block_update; -OSSL_FUNC_cipher_final_fn ossl_aes_cbc_cts_block_final; - -const char *ossl_aes_cbc_cts_mode_id2name(unsigned int id); -int ossl_aes_cbc_cts_mode_name2id(const char *name); diff --git a/providers/implementations/ciphers/cipher_aes_cts.inc b/providers/implementations/ciphers/cipher_aes_cts.inc index 2a3b88b2c0..1fb5ec3553 100644 --- a/providers/implementations/ciphers/cipher_aes_cts.inc +++ b/providers/implementations/ciphers/cipher_aes_cts.inc @@ -10,9 +10,9 @@ /* Dispatch functions for AES CBC CTS ciphers */ #include -#include "cipher_aes_cts.h" +#include "cipher_cts.h" -#define AES_CTS_FLAGS PROV_CIPHER_FLAG_CTS +#define CTS_FLAGS PROV_CIPHER_FLAG_CTS static OSSL_FUNC_cipher_encrypt_init_fn aes_cbc_cts_einit; static OSSL_FUNC_cipher_decrypt_init_fn aes_cbc_cts_dinit; @@ -50,7 +50,7 @@ static int aes_cbc_cts_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CTS_MODE); if (p != NULL) { - const char *name = ossl_aes_cbc_cts_mode_id2name(ctx->cts_mode); + const char *name = ossl_cipher_cbc_cts_mode_id2name(ctx->cts_mode); if (name == NULL || !OSSL_PARAM_set_utf8_string(p, name)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); @@ -74,7 +74,7 @@ static int aes_cbc_cts_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) goto err; - id = ossl_aes_cbc_cts_mode_name2id(p->data); + id = ossl_cipher_cbc_cts_mode_name2id(p->data); if (id < 0) goto err; @@ -86,45 +86,9 @@ err: return 0; } -/* NOTE: The underlying block cipher is AES CBC so we reuse most of the code */ -#define IMPLEMENT_cts_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ -static int alg##_cts_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_cts_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_cbc_cts_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_cbc_cts_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void)) ossl_##alg##_##lcmode##_cts_block_update }, \ - { OSSL_FUNC_CIPHER_FINAL, \ - (void (*)(void)) ossl_##alg##_##lcmode##_cts_block_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_cts_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))aes_cbc_cts_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))aes_cbc_cts_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))aes_cbc_cts_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))aes_cbc_cts_settable_ctx_params }, \ - { 0, NULL } \ -}; - /* ossl_aes256cbc_cts_functions */ -IMPLEMENT_cts_cipher(aes, AES, cbc, CBC, AES_CTS_FLAGS, 256, 128, 128, block) +IMPLEMENT_cts_cipher(aes, AES, cbc, CBC, CTS_FLAGS, 256, 128, 128, block) /* ossl_aes192cbc_cts_functions */ -IMPLEMENT_cts_cipher(aes, AES, cbc, CBC, AES_CTS_FLAGS, 192, 128, 128, block) +IMPLEMENT_cts_cipher(aes, AES, cbc, CBC, CTS_FLAGS, 192, 128, 128, block) /* ossl_aes128cbc_cts_functions */ -IMPLEMENT_cts_cipher(aes, AES, cbc, CBC, AES_CTS_FLAGS, 128, 128, 128, block) +IMPLEMENT_cts_cipher(aes, AES, cbc, CBC, CTS_FLAGS, 128, 128, 128, block) diff --git a/providers/implementations/ciphers/cipher_aes_cts.c b/providers/implementations/ciphers/cipher_cts.c similarity index 78% rename from providers/implementations/ciphers/cipher_aes_cts.c rename to providers/implementations/ciphers/cipher_cts.c index 1eafa39abb..3e880931c1 100644 --- a/providers/implementations/ciphers/cipher_aes_cts.c +++ b/providers/implementations/ciphers/cipher_cts.c @@ -1,5 +1,5 @@ /* - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,10 +8,10 @@ */ /* - * Helper functions for AES CBC CTS ciphers. + * Helper functions for 128 bit CBC CTS ciphers (Currently AES and Camellia). * * The function dispatch tables are embedded into cipher_aes.c - * using cipher_aes_cts.inc + * and cipher_camellia.c using cipher_aes_cts.inc and cipher_camellia_cts.inc */ /* @@ -48,19 +48,20 @@ #include "e_os.h" /* strcasecmp */ #include -#include #include "prov/ciphercommon.h" #include "internal/nelem.h" -#include "cipher_aes_cts.h" +#include "cipher_cts.h" /* The value assigned to 0 is the default */ #define CTS_CS1 0 #define CTS_CS2 1 #define CTS_CS3 2 +#define CTS_BLOCK_SIZE 16 + typedef union { size_t align; - unsigned char c[AES_BLOCK_SIZE]; + unsigned char c[CTS_BLOCK_SIZE]; } aligned_16bytes; typedef struct cts_mode_name2id_st { @@ -75,7 +76,7 @@ static CTS_MODE_NAME2ID cts_modes[] = { CTS_CS3, OSSL_CIPHER_CTS_MODE_CS3 }, }; -const char *ossl_aes_cbc_cts_mode_id2name(unsigned int id) +const char *ossl_cipher_cbc_cts_mode_id2name(unsigned int id) { size_t i; @@ -86,7 +87,7 @@ const char *ossl_aes_cbc_cts_mode_id2name(unsigned int id) return NULL; } -int ossl_aes_cbc_cts_mode_name2id(const char *name) +int ossl_cipher_cbc_cts_mode_name2id(const char *name) { size_t i; @@ -103,7 +104,7 @@ static size_t cts128_cs1_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, aligned_16bytes tmp_in; size_t residue; - residue = len % AES_BLOCK_SIZE; + residue = len % CTS_BLOCK_SIZE; len -= residue; if (!ctx->hw->cipher(ctx, out, in, len)) return 0; @@ -116,8 +117,8 @@ static size_t cts128_cs1_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, memset(tmp_in.c, 0, sizeof(tmp_in)); memcpy(tmp_in.c, in, residue); - if (!ctx->hw->cipher(ctx, out - AES_BLOCK_SIZE + residue, tmp_in.c, - AES_BLOCK_SIZE)) + if (!ctx->hw->cipher(ctx, out - CTS_BLOCK_SIZE + residue, tmp_in.c, + CTS_BLOCK_SIZE)) return 0; return len + residue; } @@ -137,7 +138,7 @@ static size_t cts128_cs1_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, aligned_16bytes mid_iv, ct_mid, pt_last; size_t residue; - residue = len % AES_BLOCK_SIZE; + residue = len % CTS_BLOCK_SIZE; if (residue == 0) { /* If there are no partial blocks then it is the same as CBC mode */ if (!ctx->hw->cipher(ctx, out, in, len)) @@ -145,7 +146,7 @@ static size_t cts128_cs1_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, return len; } /* Process blocks at the start - but leave the last 2 blocks */ - len -= AES_BLOCK_SIZE + residue; + len -= CTS_BLOCK_SIZE + residue; if (len > 0) { if (!ctx->hw->cipher(ctx, out, in, len)) return 0; @@ -153,11 +154,11 @@ static size_t cts128_cs1_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, out += len; } /* Save the iv that will be used by the second last block */ - memcpy(mid_iv.c, ctx->iv, AES_BLOCK_SIZE); + memcpy(mid_iv.c, ctx->iv, CTS_BLOCK_SIZE); /* Decrypt the last block first using an iv of zero */ - memset(ctx->iv, 0, AES_BLOCK_SIZE); - if (!ctx->hw->cipher(ctx, pt_last.c, in + residue, AES_BLOCK_SIZE)) + memset(ctx->iv, 0, CTS_BLOCK_SIZE); + if (!ctx->hw->cipher(ctx, pt_last.c, in + residue, CTS_BLOCK_SIZE)) return 0; /* @@ -166,26 +167,26 @@ static size_t cts128_cs1_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, * of the partial second last block. */ memcpy(ct_mid.c, in, residue); - memcpy(ct_mid.c + residue, pt_last.c + residue, AES_BLOCK_SIZE - residue); + memcpy(ct_mid.c + residue, pt_last.c + residue, CTS_BLOCK_SIZE - residue); /* * Restore the last partial ciphertext block. * Now that we have the cipher text of the second last block, apply * that to the partial plaintext end block. We have already decrypted the * block using an IV of zero. For decryption the IV is just XORed after - * doing an AES block - so just XOR in the cipher text. + * doing an Cipher CBC block - so just XOR in the cipher text. */ - do_xor(ct_mid.c, pt_last.c, residue, out + AES_BLOCK_SIZE); + do_xor(ct_mid.c, pt_last.c, residue, out + CTS_BLOCK_SIZE); /* Restore the iv needed by the second last block */ - memcpy(ctx->iv, mid_iv.c, AES_BLOCK_SIZE); + memcpy(ctx->iv, mid_iv.c, CTS_BLOCK_SIZE); /* * Decrypt the second last plaintext block now that we have rebuilt the * ciphertext. */ - if (!ctx->hw->cipher(ctx, out, ct_mid.c, AES_BLOCK_SIZE)) + if (!ctx->hw->cipher(ctx, out, ct_mid.c, CTS_BLOCK_SIZE)) return 0; - return len + AES_BLOCK_SIZE + residue; + return len + CTS_BLOCK_SIZE + residue; } static size_t cts128_cs3_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, @@ -194,12 +195,12 @@ static size_t cts128_cs3_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, aligned_16bytes tmp_in; size_t residue; - if (len <= AES_BLOCK_SIZE) /* CS3 requires 2 blocks */ + if (len <= CTS_BLOCK_SIZE) /* CS3 requires 2 blocks */ return 0; - residue = len % AES_BLOCK_SIZE; + residue = len % CTS_BLOCK_SIZE; if (residue == 0) - residue = AES_BLOCK_SIZE; + residue = CTS_BLOCK_SIZE; len -= residue; if (!ctx->hw->cipher(ctx, out, in, len)) @@ -210,8 +211,8 @@ static size_t cts128_cs3_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, memset(tmp_in.c, 0, sizeof(tmp_in)); memcpy(tmp_in.c, in, residue); - memcpy(out, out - AES_BLOCK_SIZE, residue); - if (!ctx->hw->cipher(ctx, out - AES_BLOCK_SIZE, tmp_in.c, AES_BLOCK_SIZE)) + memcpy(out, out - CTS_BLOCK_SIZE, residue); + if (!ctx->hw->cipher(ctx, out - CTS_BLOCK_SIZE, tmp_in.c, CTS_BLOCK_SIZE)) return 0; return len + residue; } @@ -230,14 +231,14 @@ static size_t cts128_cs3_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, aligned_16bytes mid_iv, ct_mid, pt_last; size_t residue; - if (len <= AES_BLOCK_SIZE) /* CS3 requires 2 blocks */ + if (len <= CTS_BLOCK_SIZE) /* CS3 requires 2 blocks */ return 0; /* Process blocks at the start - but leave the last 2 blocks */ - residue = len % AES_BLOCK_SIZE; + residue = len % CTS_BLOCK_SIZE; if (residue == 0) - residue = AES_BLOCK_SIZE; - len -= AES_BLOCK_SIZE + residue; + residue = CTS_BLOCK_SIZE; + len -= CTS_BLOCK_SIZE + residue; if (len > 0) { if (!ctx->hw->cipher(ctx, out, in, len)) @@ -246,11 +247,11 @@ static size_t cts128_cs3_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, out += len; } /* Save the iv that will be used by the second last block */ - memcpy(mid_iv.c, ctx->iv, AES_BLOCK_SIZE); + memcpy(mid_iv.c, ctx->iv, CTS_BLOCK_SIZE); /* Decrypt the Cn block first using an iv of zero */ - memset(ctx->iv, 0, AES_BLOCK_SIZE); - if (!ctx->hw->cipher(ctx, pt_last.c, in, AES_BLOCK_SIZE)) + memset(ctx->iv, 0, CTS_BLOCK_SIZE); + if (!ctx->hw->cipher(ctx, pt_last.c, in, CTS_BLOCK_SIZE)) return 0; /* @@ -258,9 +259,9 @@ static size_t cts128_cs3_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, * the decrypted C(n) block + replace the start with the ciphertext bytes * of the partial last block. */ - memcpy(ct_mid.c, in + AES_BLOCK_SIZE, residue); - if (residue != AES_BLOCK_SIZE) - memcpy(ct_mid.c + residue, pt_last.c + residue, AES_BLOCK_SIZE - residue); + memcpy(ct_mid.c, in + CTS_BLOCK_SIZE, residue); + if (residue != CTS_BLOCK_SIZE) + memcpy(ct_mid.c + residue, pt_last.c + residue, CTS_BLOCK_SIZE - residue); /* * Restore the last partial ciphertext block. * Now that we have the cipher text of the second last block, apply @@ -268,24 +269,24 @@ static size_t cts128_cs3_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, * block using an IV of zero. For decryption the IV is just XORed after * doing an AES block - so just XOR in the ciphertext. */ - do_xor(ct_mid.c, pt_last.c, residue, out + AES_BLOCK_SIZE); + do_xor(ct_mid.c, pt_last.c, residue, out + CTS_BLOCK_SIZE); /* Restore the iv needed by the second last block */ - memcpy(ctx->iv, mid_iv.c, AES_BLOCK_SIZE); + memcpy(ctx->iv, mid_iv.c, CTS_BLOCK_SIZE); /* * Decrypt the second last plaintext block now that we have rebuilt the * ciphertext. */ - if (!ctx->hw->cipher(ctx, out, ct_mid.c, AES_BLOCK_SIZE)) + if (!ctx->hw->cipher(ctx, out, ct_mid.c, CTS_BLOCK_SIZE)) return 0; - return len + AES_BLOCK_SIZE + residue; + return len + CTS_BLOCK_SIZE + residue; } static size_t cts128_cs2_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, unsigned char *out, size_t len) { - if (len % AES_BLOCK_SIZE == 0) { + if (len % CTS_BLOCK_SIZE == 0) { /* If there are no partial blocks then it is the same as CBC mode */ if (!ctx->hw->cipher(ctx, out, in, len)) return 0; @@ -298,7 +299,7 @@ static size_t cts128_cs2_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, static size_t cts128_cs2_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, unsigned char *out, size_t len) { - if (len % AES_BLOCK_SIZE == 0) { + if (len % CTS_BLOCK_SIZE == 0) { /* If there are no partial blocks then it is the same as CBC mode */ if (!ctx->hw->cipher(ctx, out, in, len)) return 0; @@ -308,14 +309,14 @@ static size_t cts128_cs2_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, return cts128_cs3_decrypt(ctx, in, out, len); } -int ossl_aes_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) +int ossl_cipher_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, + size_t outsize, const unsigned char *in, + size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; size_t sz = 0; - if (inl < AES_BLOCK_SIZE) /* There must be at least one block for CTS mode */ + if (inl < CTS_BLOCK_SIZE) /* There must be at least one block for CTS mode */ return 0; if (outsize < inl) return 0; @@ -353,8 +354,8 @@ int ossl_aes_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, return 1; } -int ossl_aes_cbc_cts_block_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) +int ossl_cipher_cbc_cts_block_final(void *vctx, unsigned char *out, size_t *outl, + size_t outsize) { *outl = 0; return 1; diff --git a/providers/implementations/ciphers/cipher_cts.h b/providers/implementations/ciphers/cipher_cts.h new file mode 100644 index 0000000000..9473fbde88 --- /dev/null +++ b/providers/implementations/ciphers/cipher_cts.h @@ -0,0 +1,52 @@ +/* + * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "crypto/evp.h" + +/* NOTE: The underlying block cipher is CBC so we reuse most of the code */ +#define IMPLEMENT_cts_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ +static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ +static int alg##_cts_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ +{ \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ +} \ +const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_cts_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) alg##_cbc_cts_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) alg##_cbc_cts_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, \ + (void (*)(void)) ossl_cipher_cbc_cts_block_update }, \ + { OSSL_FUNC_CIPHER_FINAL, \ + (void (*)(void)) ossl_cipher_cbc_cts_block_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void)) alg##_cts_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void)) alg##_cbc_cts_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void)) alg##_cbc_cts_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void)) alg##_cbc_cts_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void)) alg##_cbc_cts_settable_ctx_params }, \ + { 0, NULL } \ +}; + +OSSL_FUNC_cipher_update_fn ossl_cipher_cbc_cts_block_update; +OSSL_FUNC_cipher_final_fn ossl_cipher_cbc_cts_block_final; + +const char *ossl_cipher_cbc_cts_mode_id2name(unsigned int id); +int ossl_cipher_cbc_cts_mode_name2id(const char *name);