1 /*
2 * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * EVP _meth_ APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include <string.h>
18 #include "internal/cryptlib.h"
19 #include <openssl/evp.h>
20 #include <openssl/x509.h>
21 #include <openssl/objects.h>
22 #include <openssl/params.h>
23 #include <openssl/core_names.h>
24 #include <openssl/rsa.h>
25 #include <openssl/dh.h>
26 #include <openssl/ec.h>
27 #include "crypto/evp.h"
28 #include "crypto/cryptlib.h"
29 #include "internal/provider.h"
30 #include "evp_local.h"
31
32 #if !defined(FIPS_MODULE)
33 # include "crypto/asn1.h"
34
EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX * c,ASN1_TYPE * type)35 int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
36 {
37 return evp_cipher_param_to_asn1_ex(c, type, NULL);
38 }
39
EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX * c,ASN1_TYPE * type)40 int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
41 {
42 return evp_cipher_asn1_to_param_ex(c, type, NULL);
43 }
44
EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX * ctx,ASN1_TYPE * type)45 int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type)
46 {
47 int i = 0;
48 unsigned int l;
49
50 if (type != NULL) {
51 unsigned char iv[EVP_MAX_IV_LENGTH];
52
53 l = EVP_CIPHER_CTX_get_iv_length(ctx);
54 if (!ossl_assert(l <= sizeof(iv)))
55 return -1;
56 i = ASN1_TYPE_get_octetstring(type, iv, l);
57 if (i != (int)l)
58 return -1;
59
60 if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1))
61 return -1;
62 }
63 return i;
64 }
65
EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX * c,ASN1_TYPE * type)66 int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
67 {
68 int i = 0;
69 unsigned int j;
70 unsigned char *oiv = NULL;
71
72 if (type != NULL) {
73 oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c);
74 j = EVP_CIPHER_CTX_get_iv_length(c);
75 OPENSSL_assert(j <= sizeof(c->iv));
76 i = ASN1_TYPE_set_octetstring(type, oiv, j);
77 }
78 return i;
79 }
80
evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX * c,ASN1_TYPE * type,evp_cipher_aead_asn1_params * asn1_params)81 int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
82 evp_cipher_aead_asn1_params *asn1_params)
83 {
84 int ret = -1; /* Assume the worst */
85 const EVP_CIPHER *cipher;
86
87 if (c == NULL || c->cipher == NULL)
88 goto err;
89
90 cipher = c->cipher;
91 /*
92 * For legacy implementations, we detect custom AlgorithmIdentifier
93 * parameter handling by checking if the function pointer
94 * cipher->set_asn1_parameters is set. We know that this pointer
95 * is NULL for provided implementations.
96 *
97 * Otherwise, for any implementation, we check the flag
98 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
99 * default AI parameter extraction.
100 *
101 * Otherwise, for provided implementations, we convert |type| to
102 * a DER encoded blob and pass to the implementation in OSSL_PARAM
103 * form.
104 *
105 * If none of the above applies, this operation is unsupported.
106 */
107 if (cipher->set_asn1_parameters != NULL) {
108 ret = cipher->set_asn1_parameters(c, type);
109 } else if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
110 switch (EVP_CIPHER_get_mode(cipher)) {
111 case EVP_CIPH_WRAP_MODE:
112 if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap))
113 ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
114 ret = 1;
115 break;
116
117 case EVP_CIPH_GCM_MODE:
118 ret = evp_cipher_set_asn1_aead_params(c, type, asn1_params);
119 break;
120
121 case EVP_CIPH_CCM_MODE:
122 case EVP_CIPH_XTS_MODE:
123 case EVP_CIPH_OCB_MODE:
124 ret = -2;
125 break;
126
127 default:
128 ret = EVP_CIPHER_set_asn1_iv(c, type);
129 }
130 } else if (cipher->prov != NULL) {
131 /* We cheat, there's no need for an object ID for this use */
132 X509_ALGOR alg;
133
134 alg.algorithm = NULL;
135 alg.parameter = type;
136
137 ret = EVP_CIPHER_CTX_get_algor_params(c, &alg);
138 } else {
139 ret = -2;
140 }
141
142 err:
143 if (ret == -2)
144 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER);
145 else if (ret <= 0)
146 ERR_raise(ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR);
147 if (ret < -1)
148 ret = -1;
149 return ret;
150 }
151
evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX * c,ASN1_TYPE * type,evp_cipher_aead_asn1_params * asn1_params)152 int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
153 evp_cipher_aead_asn1_params *asn1_params)
154 {
155 int ret = -1; /* Assume the worst */
156 const EVP_CIPHER *cipher;
157
158 if (c == NULL || c->cipher == NULL)
159 goto err;
160
161 cipher = c->cipher;
162 /*
163 * For legacy implementations, we detect custom AlgorithmIdentifier
164 * parameter handling by checking if there the function pointer
165 * cipher->get_asn1_parameters is set. We know that this pointer
166 * is NULL for provided implementations.
167 *
168 * Otherwise, for any implementation, we check the flag
169 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
170 * default AI parameter creation.
171 *
172 * Otherwise, for provided implementations, we get the AI parameter
173 * in DER encoded form from the implementation by requesting the
174 * appropriate OSSL_PARAM and converting the result to a ASN1_TYPE.
175 *
176 * If none of the above applies, this operation is unsupported.
177 */
178 if (cipher->get_asn1_parameters != NULL) {
179 ret = cipher->get_asn1_parameters(c, type);
180 } else if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
181 switch (EVP_CIPHER_get_mode(cipher)) {
182 case EVP_CIPH_WRAP_MODE:
183 ret = 1;
184 break;
185
186 case EVP_CIPH_GCM_MODE:
187 ret = evp_cipher_get_asn1_aead_params(c, type, asn1_params);
188 break;
189
190 case EVP_CIPH_CCM_MODE:
191 case EVP_CIPH_XTS_MODE:
192 case EVP_CIPH_OCB_MODE:
193 ret = -2;
194 break;
195
196 default:
197 ret = EVP_CIPHER_get_asn1_iv(c, type) >= 0 ? 1 : -1;
198 }
199 } else if (cipher->prov != NULL) {
200 /* We cheat, there's no need for an object ID for this use */
201 X509_ALGOR alg;
202
203 alg.algorithm = NULL;
204 alg.parameter = type;
205
206 ret = EVP_CIPHER_CTX_set_algor_params(c, &alg);
207 } else {
208 ret = -2;
209 }
210
211 err:
212 if (ret == -2)
213 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER);
214 else if (ret <= 0)
215 ERR_raise(ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR);
216 if (ret < -1)
217 ret = -1;
218 return ret;
219 }
220
evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX * c,ASN1_TYPE * type,evp_cipher_aead_asn1_params * asn1_params)221 int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
222 evp_cipher_aead_asn1_params *asn1_params)
223 {
224 int i = 0;
225 long tl;
226 unsigned char iv[EVP_MAX_IV_LENGTH];
227
228 if (type == NULL || asn1_params == NULL)
229 return 0;
230
231 i = ossl_asn1_type_get_octetstring_int(type, &tl, NULL, EVP_MAX_IV_LENGTH);
232 if (i <= 0)
233 return -1;
234 ossl_asn1_type_get_octetstring_int(type, &tl, iv, i);
235
236 memcpy(asn1_params->iv, iv, i);
237 asn1_params->iv_len = i;
238
239 return i;
240 }
241
evp_cipher_set_asn1_aead_params(EVP_CIPHER_CTX * c,ASN1_TYPE * type,evp_cipher_aead_asn1_params * asn1_params)242 int evp_cipher_set_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
243 evp_cipher_aead_asn1_params *asn1_params)
244 {
245 if (type == NULL || asn1_params == NULL)
246 return 0;
247
248 return ossl_asn1_type_set_octetstring_int(type, asn1_params->tag_len,
249 asn1_params->iv,
250 asn1_params->iv_len);
251 }
252 #endif /* !defined(FIPS_MODULE) */
253
254 /* Convert the various cipher NIDs and dummies to a proper OID NID */
EVP_CIPHER_get_type(const EVP_CIPHER * cipher)255 int EVP_CIPHER_get_type(const EVP_CIPHER *cipher)
256 {
257 int nid;
258 nid = EVP_CIPHER_get_nid(cipher);
259
260 switch (nid) {
261
262 case NID_rc2_cbc:
263 case NID_rc2_64_cbc:
264 case NID_rc2_40_cbc:
265
266 return NID_rc2_cbc;
267
268 case NID_rc4:
269 case NID_rc4_40:
270
271 return NID_rc4;
272
273 case NID_aes_128_cfb128:
274 case NID_aes_128_cfb8:
275 case NID_aes_128_cfb1:
276
277 return NID_aes_128_cfb128;
278
279 case NID_aes_192_cfb128:
280 case NID_aes_192_cfb8:
281 case NID_aes_192_cfb1:
282
283 return NID_aes_192_cfb128;
284
285 case NID_aes_256_cfb128:
286 case NID_aes_256_cfb8:
287 case NID_aes_256_cfb1:
288
289 return NID_aes_256_cfb128;
290
291 case NID_des_cfb64:
292 case NID_des_cfb8:
293 case NID_des_cfb1:
294
295 return NID_des_cfb64;
296
297 case NID_des_ede3_cfb64:
298 case NID_des_ede3_cfb8:
299 case NID_des_ede3_cfb1:
300
301 return NID_des_cfb64;
302
303 default:
304 #ifdef FIPS_MODULE
305 return NID_undef;
306 #else
307 {
308 /* Check it has an OID and it is valid */
309 ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
310
311 if (OBJ_get0_data(otmp) == NULL)
312 nid = NID_undef;
313 ASN1_OBJECT_free(otmp);
314 return nid;
315 }
316 #endif
317 }
318 }
319
evp_cipher_cache_constants(EVP_CIPHER * cipher)320 int evp_cipher_cache_constants(EVP_CIPHER *cipher)
321 {
322 int ok, aead = 0, custom_iv = 0, cts = 0, multiblock = 0, randkey = 0;
323 size_t ivlen = 0;
324 size_t blksz = 0;
325 size_t keylen = 0;
326 unsigned int mode = 0;
327 OSSL_PARAM params[10];
328
329 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz);
330 params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen);
331 params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
332 params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
333 params[4] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_AEAD, &aead);
334 params[5] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CUSTOM_IV,
335 &custom_iv);
336 params[6] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CTS, &cts);
337 params[7] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK,
338 &multiblock);
339 params[8] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY,
340 &randkey);
341 params[9] = OSSL_PARAM_construct_end();
342 ok = evp_do_ciph_getparams(cipher, params) > 0;
343 if (ok) {
344 cipher->block_size = blksz;
345 cipher->iv_len = ivlen;
346 cipher->key_len = keylen;
347 cipher->flags = mode;
348 if (aead)
349 cipher->flags |= EVP_CIPH_FLAG_AEAD_CIPHER;
350 if (custom_iv)
351 cipher->flags |= EVP_CIPH_CUSTOM_IV;
352 if (cts)
353 cipher->flags |= EVP_CIPH_FLAG_CTS;
354 if (multiblock)
355 cipher->flags |= EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK;
356 if (cipher->ccipher != NULL)
357 cipher->flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
358 if (randkey)
359 cipher->flags |= EVP_CIPH_RAND_KEY;
360 if (OSSL_PARAM_locate_const(EVP_CIPHER_gettable_ctx_params(cipher),
361 OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS))
362 cipher->flags |= EVP_CIPH_FLAG_CUSTOM_ASN1;
363 }
364 return ok;
365 }
366
EVP_CIPHER_get_block_size(const EVP_CIPHER * cipher)367 int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher)
368 {
369 return (cipher == NULL) ? 0 : cipher->block_size;
370 }
371
EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX * ctx)372 int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx)
373 {
374 return (ctx == NULL) ? 0 : EVP_CIPHER_get_block_size(ctx->cipher);
375 }
376
EVP_CIPHER_impl_ctx_size(const EVP_CIPHER * e)377 int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
378 {
379 return e->ctx_size;
380 }
381
EVP_Cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,unsigned int inl)382 int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
383 const unsigned char *in, unsigned int inl)
384 {
385 if (ctx == NULL || ctx->cipher == NULL)
386 return 0;
387
388 if (ctx->cipher->prov != NULL) {
389 /*
390 * If the provided implementation has a ccipher function, we use it,
391 * and translate its return value like this: 0 => -1, 1 => outlen
392 *
393 * Otherwise, we call the cupdate function if in != NULL, or cfinal
394 * if in == NULL. Regardless of which, we return what we got.
395 */
396 int ret = -1;
397 size_t outl = 0;
398 size_t blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
399
400 if (blocksize == 0)
401 return 0;
402
403 if (ctx->cipher->ccipher != NULL)
404 ret = ctx->cipher->ccipher(ctx->algctx, out, &outl,
405 inl + (blocksize == 1 ? 0 : blocksize),
406 in, (size_t)inl)
407 ? (int)outl : -1;
408 else if (in != NULL)
409 ret = ctx->cipher->cupdate(ctx->algctx, out, &outl,
410 inl + (blocksize == 1 ? 0 : blocksize),
411 in, (size_t)inl);
412 else
413 ret = ctx->cipher->cfinal(ctx->algctx, out, &outl,
414 blocksize == 1 ? 0 : blocksize);
415
416 return ret;
417 }
418
419 return ctx->cipher->do_cipher(ctx, out, in, inl);
420 }
421
422 #ifndef OPENSSL_NO_DEPRECATED_3_0
EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX * ctx)423 const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
424 {
425 if (ctx == NULL)
426 return NULL;
427 return ctx->cipher;
428 }
429 #endif
430
EVP_CIPHER_CTX_get0_cipher(const EVP_CIPHER_CTX * ctx)431 const EVP_CIPHER *EVP_CIPHER_CTX_get0_cipher(const EVP_CIPHER_CTX *ctx)
432 {
433 if (ctx == NULL)
434 return NULL;
435 return ctx->cipher;
436 }
437
EVP_CIPHER_CTX_get1_cipher(EVP_CIPHER_CTX * ctx)438 EVP_CIPHER *EVP_CIPHER_CTX_get1_cipher(EVP_CIPHER_CTX *ctx)
439 {
440 EVP_CIPHER *cipher;
441
442 if (ctx == NULL || ctx->cipher == NULL)
443 return NULL;
444 cipher = (EVP_CIPHER *)ctx->cipher;
445 if (!EVP_CIPHER_up_ref(cipher))
446 return NULL;
447 return cipher;
448 }
449
EVP_CIPHER_CTX_is_encrypting(const EVP_CIPHER_CTX * ctx)450 int EVP_CIPHER_CTX_is_encrypting(const EVP_CIPHER_CTX *ctx)
451 {
452 return ctx->encrypt;
453 }
454
EVP_CIPHER_get_flags(const EVP_CIPHER * cipher)455 unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher)
456 {
457 return cipher == NULL ? 0 : cipher->flags;
458 }
459
EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX * ctx)460 void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
461 {
462 return ctx->app_data;
463 }
464
EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX * ctx,void * data)465 void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
466 {
467 ctx->app_data = data;
468 }
469
EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX * ctx)470 void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
471 {
472 return ctx->cipher_data;
473 }
474
EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX * ctx,void * cipher_data)475 void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
476 {
477 void *old_cipher_data;
478
479 old_cipher_data = ctx->cipher_data;
480 ctx->cipher_data = cipher_data;
481
482 return old_cipher_data;
483 }
484
EVP_CIPHER_get_iv_length(const EVP_CIPHER * cipher)485 int EVP_CIPHER_get_iv_length(const EVP_CIPHER *cipher)
486 {
487 return (cipher == NULL) ? 0 : cipher->iv_len;
488 }
489
EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX * ctx)490 int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
491 {
492 if (ctx->cipher == NULL)
493 return 0;
494
495 if (ctx->iv_len < 0) {
496 int rv, len = EVP_CIPHER_get_iv_length(ctx->cipher);
497 size_t v = len;
498 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
499
500 if (ctx->cipher->get_ctx_params != NULL) {
501 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN,
502 &v);
503 rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
504 if (rv > 0) {
505 if (OSSL_PARAM_modified(params)
506 && !OSSL_PARAM_get_int(params, &len))
507 return -1;
508 } else if (rv != EVP_CTRL_RET_UNSUPPORTED) {
509 return -1;
510 }
511 }
512 /* Code below to be removed when legacy support is dropped. */
513 else if ((EVP_CIPHER_get_flags(ctx->cipher)
514 & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
515 rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
516 0, &len);
517 if (rv <= 0)
518 return -1;
519 }
520 /*-
521 * Casting away the const is annoying but required here. We need to
522 * cache the result for performance reasons.
523 */
524 ((EVP_CIPHER_CTX *)ctx)->iv_len = len;
525 }
526 return ctx->iv_len;
527 }
528
EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX * ctx)529 int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx)
530 {
531 int ret;
532 size_t v = 0;
533 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
534
535 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
536 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
537 return ret == 1 ? (int)v : 0;
538 }
539
540 #ifndef OPENSSL_NO_DEPRECATED_3_0
EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX * ctx)541 const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
542 {
543 int ok;
544 const unsigned char *v = ctx->oiv;
545 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
546
547 params[0] =
548 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
549 (void **)&v, sizeof(ctx->oiv));
550 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
551
552 return ok != 0 ? v : NULL;
553 }
554
555 /*
556 * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
557 */
EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX * ctx)558 const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
559 {
560 int ok;
561 const unsigned char *v = ctx->iv;
562 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
563
564 params[0] =
565 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
566 (void **)&v, sizeof(ctx->iv));
567 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
568
569 return ok != 0 ? v : NULL;
570 }
571
EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX * ctx)572 unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
573 {
574 int ok;
575 unsigned char *v = ctx->iv;
576 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
577
578 params[0] =
579 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
580 (void **)&v, sizeof(ctx->iv));
581 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
582
583 return ok != 0 ? v : NULL;
584 }
585 #endif /* OPENSSL_NO_DEPRECATED_3_0_0 */
586
EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX * ctx,void * buf,size_t len)587 int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
588 {
589 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
590
591 params[0] =
592 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len);
593 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0;
594 }
595
EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX * ctx,void * buf,size_t len)596 int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
597 {
598 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
599
600 params[0] =
601 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
602 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0;
603 }
604
EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX * ctx)605 unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
606 {
607 return ctx->buf;
608 }
609
EVP_CIPHER_CTX_get_num(const EVP_CIPHER_CTX * ctx)610 int EVP_CIPHER_CTX_get_num(const EVP_CIPHER_CTX *ctx)
611 {
612 int ok;
613 unsigned int v = (unsigned int)ctx->num;
614 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
615
616 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
617 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
618
619 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
620 }
621
EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX * ctx,int num)622 int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
623 {
624 int ok;
625 unsigned int n = (unsigned int)num;
626 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
627
628 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
629 ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
630
631 if (ok != 0)
632 ctx->num = (int)n;
633 return ok != 0;
634 }
635
EVP_CIPHER_get_key_length(const EVP_CIPHER * cipher)636 int EVP_CIPHER_get_key_length(const EVP_CIPHER *cipher)
637 {
638 return cipher->key_len;
639 }
640
EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX * ctx)641 int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx)
642 {
643 if (ctx->cipher == NULL)
644 return 0;
645
646 if (ctx->key_len <= 0 && ctx->cipher->prov != NULL) {
647 int ok;
648 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
649 size_t len;
650
651 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len);
652 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
653 if (ok <= 0)
654 return EVP_CTRL_RET_UNSUPPORTED;
655
656 /*-
657 * The if branch should never be taken since EVP_MAX_KEY_LENGTH is
658 * less than INT_MAX but best to be safe.
659 *
660 * Casting away the const is annoying but required here. We need to
661 * cache the result for performance reasons.
662 */
663 if (!OSSL_PARAM_get_int(params, &((EVP_CIPHER_CTX *)ctx)->key_len))
664 return -1;
665 ((EVP_CIPHER_CTX *)ctx)->key_len = (int)len;
666 }
667 return ctx->key_len;
668 }
669
EVP_CIPHER_get_nid(const EVP_CIPHER * cipher)670 int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher)
671 {
672 return (cipher == NULL) ? NID_undef : cipher->nid;
673 }
674
EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX * ctx)675 int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx)
676 {
677 return EVP_CIPHER_get_nid(ctx->cipher);
678 }
679
EVP_CIPHER_is_a(const EVP_CIPHER * cipher,const char * name)680 int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
681 {
682 if (cipher == NULL)
683 return 0;
684 if (cipher->prov != NULL)
685 return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
686 return evp_is_a(NULL, 0, EVP_CIPHER_get0_name(cipher), name);
687 }
688
evp_cipher_get_number(const EVP_CIPHER * cipher)689 int evp_cipher_get_number(const EVP_CIPHER *cipher)
690 {
691 return cipher->name_id;
692 }
693
EVP_CIPHER_get0_name(const EVP_CIPHER * cipher)694 const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher)
695 {
696 if (cipher->type_name != NULL)
697 return cipher->type_name;
698 #ifndef FIPS_MODULE
699 return OBJ_nid2sn(EVP_CIPHER_get_nid(cipher));
700 #else
701 return NULL;
702 #endif
703 }
704
EVP_CIPHER_get0_description(const EVP_CIPHER * cipher)705 const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher)
706 {
707 if (cipher->description != NULL)
708 return cipher->description;
709 #ifndef FIPS_MODULE
710 return OBJ_nid2ln(EVP_CIPHER_get_nid(cipher));
711 #else
712 return NULL;
713 #endif
714 }
715
EVP_CIPHER_names_do_all(const EVP_CIPHER * cipher,void (* fn)(const char * name,void * data),void * data)716 int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
717 void (*fn)(const char *name, void *data),
718 void *data)
719 {
720 if (cipher->prov != NULL)
721 return evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
722
723 return 1;
724 }
725
EVP_CIPHER_get0_provider(const EVP_CIPHER * cipher)726 const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher)
727 {
728 return cipher->prov;
729 }
730
EVP_CIPHER_get_mode(const EVP_CIPHER * cipher)731 int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher)
732 {
733 return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE;
734 }
735
EVP_MD_is_a(const EVP_MD * md,const char * name)736 int EVP_MD_is_a(const EVP_MD *md, const char *name)
737 {
738 if (md == NULL)
739 return 0;
740 if (md->prov != NULL)
741 return evp_is_a(md->prov, md->name_id, NULL, name);
742 return evp_is_a(NULL, 0, EVP_MD_get0_name(md), name);
743 }
744
evp_md_get_number(const EVP_MD * md)745 int evp_md_get_number(const EVP_MD *md)
746 {
747 return md->name_id;
748 }
749
EVP_MD_get0_description(const EVP_MD * md)750 const char *EVP_MD_get0_description(const EVP_MD *md)
751 {
752 if (md->description != NULL)
753 return md->description;
754 #ifndef FIPS_MODULE
755 return OBJ_nid2ln(EVP_MD_nid(md));
756 #else
757 return NULL;
758 #endif
759 }
760
EVP_MD_get0_name(const EVP_MD * md)761 const char *EVP_MD_get0_name(const EVP_MD *md)
762 {
763 if (md == NULL)
764 return NULL;
765 if (md->type_name != NULL)
766 return md->type_name;
767 #ifndef FIPS_MODULE
768 return OBJ_nid2sn(EVP_MD_nid(md));
769 #else
770 return NULL;
771 #endif
772 }
773
EVP_MD_names_do_all(const EVP_MD * md,void (* fn)(const char * name,void * data),void * data)774 int EVP_MD_names_do_all(const EVP_MD *md,
775 void (*fn)(const char *name, void *data),
776 void *data)
777 {
778 if (md->prov != NULL)
779 return evp_names_do_all(md->prov, md->name_id, fn, data);
780
781 return 1;
782 }
783
EVP_MD_get0_provider(const EVP_MD * md)784 const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md)
785 {
786 return md->prov;
787 }
788
EVP_MD_get_type(const EVP_MD * md)789 int EVP_MD_get_type(const EVP_MD *md)
790 {
791 return md->type;
792 }
793
EVP_MD_get_pkey_type(const EVP_MD * md)794 int EVP_MD_get_pkey_type(const EVP_MD *md)
795 {
796 return md->pkey_type;
797 }
798
EVP_MD_get_block_size(const EVP_MD * md)799 int EVP_MD_get_block_size(const EVP_MD *md)
800 {
801 if (md == NULL) {
802 ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL);
803 return -1;
804 }
805 return md->block_size;
806 }
807
EVP_MD_get_size(const EVP_MD * md)808 int EVP_MD_get_size(const EVP_MD *md)
809 {
810 if (md == NULL) {
811 ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL);
812 return -1;
813 }
814 return md->md_size;
815 }
816
EVP_MD_xof(const EVP_MD * md)817 int EVP_MD_xof(const EVP_MD *md)
818 {
819 return md != NULL && ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0);
820 }
821
EVP_MD_get_flags(const EVP_MD * md)822 unsigned long EVP_MD_get_flags(const EVP_MD *md)
823 {
824 return md->flags;
825 }
826
EVP_MD_meth_new(int md_type,int pkey_type)827 EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
828 {
829 EVP_MD *md = evp_md_new();
830
831 if (md != NULL) {
832 md->type = md_type;
833 md->pkey_type = pkey_type;
834 md->origin = EVP_ORIG_METH;
835 }
836 return md;
837 }
838
EVP_MD_meth_dup(const EVP_MD * md)839 EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
840 {
841 EVP_MD *to = NULL;
842
843 /*
844 * Non-legacy EVP_MDs can't be duplicated like this.
845 * Use EVP_MD_up_ref() instead.
846 */
847 if (md->prov != NULL)
848 return NULL;
849
850 if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
851 CRYPTO_REF_COUNT refcnt = to->refcnt;
852
853 memcpy(to, md, sizeof(*to));
854 to->refcnt = refcnt;
855 to->origin = EVP_ORIG_METH;
856 }
857 return to;
858 }
859
evp_md_free_int(EVP_MD * md)860 void evp_md_free_int(EVP_MD *md)
861 {
862 OPENSSL_free(md->type_name);
863 ossl_provider_free(md->prov);
864 CRYPTO_FREE_REF(&md->refcnt);
865 OPENSSL_free(md);
866 }
867
EVP_MD_meth_free(EVP_MD * md)868 void EVP_MD_meth_free(EVP_MD *md)
869 {
870 if (md == NULL || md->origin != EVP_ORIG_METH)
871 return;
872
873 evp_md_free_int(md);
874 }
875
EVP_MD_meth_set_input_blocksize(EVP_MD * md,int blocksize)876 int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
877 {
878 if (md->block_size != 0)
879 return 0;
880
881 md->block_size = blocksize;
882 return 1;
883 }
EVP_MD_meth_set_result_size(EVP_MD * md,int resultsize)884 int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize)
885 {
886 if (md->md_size != 0)
887 return 0;
888
889 md->md_size = resultsize;
890 return 1;
891 }
EVP_MD_meth_set_app_datasize(EVP_MD * md,int datasize)892 int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
893 {
894 if (md->ctx_size != 0)
895 return 0;
896
897 md->ctx_size = datasize;
898 return 1;
899 }
EVP_MD_meth_set_flags(EVP_MD * md,unsigned long flags)900 int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
901 {
902 if (md->flags != 0)
903 return 0;
904
905 md->flags = flags;
906 return 1;
907 }
EVP_MD_meth_set_init(EVP_MD * md,int (* init)(EVP_MD_CTX * ctx))908 int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
909 {
910 if (md->init != NULL)
911 return 0;
912
913 md->init = init;
914 return 1;
915 }
EVP_MD_meth_set_update(EVP_MD * md,int (* update)(EVP_MD_CTX * ctx,const void * data,size_t count))916 int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
917 const void *data,
918 size_t count))
919 {
920 if (md->update != NULL)
921 return 0;
922
923 md->update = update;
924 return 1;
925 }
EVP_MD_meth_set_final(EVP_MD * md,int (* final)(EVP_MD_CTX * ctx,unsigned char * md))926 int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
927 unsigned char *md))
928 {
929 if (md->final != NULL)
930 return 0;
931
932 md->final = final;
933 return 1;
934 }
EVP_MD_meth_set_copy(EVP_MD * md,int (* copy)(EVP_MD_CTX * to,const EVP_MD_CTX * from))935 int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
936 const EVP_MD_CTX *from))
937 {
938 if (md->copy != NULL)
939 return 0;
940
941 md->copy = copy;
942 return 1;
943 }
EVP_MD_meth_set_cleanup(EVP_MD * md,int (* cleanup)(EVP_MD_CTX * ctx))944 int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
945 {
946 if (md->cleanup != NULL)
947 return 0;
948
949 md->cleanup = cleanup;
950 return 1;
951 }
EVP_MD_meth_set_ctrl(EVP_MD * md,int (* ctrl)(EVP_MD_CTX * ctx,int cmd,int p1,void * p2))952 int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
953 int p1, void *p2))
954 {
955 if (md->md_ctrl != NULL)
956 return 0;
957
958 md->md_ctrl = ctrl;
959 return 1;
960 }
961
EVP_MD_meth_get_input_blocksize(const EVP_MD * md)962 int EVP_MD_meth_get_input_blocksize(const EVP_MD *md)
963 {
964 return md->block_size;
965 }
EVP_MD_meth_get_result_size(const EVP_MD * md)966 int EVP_MD_meth_get_result_size(const EVP_MD *md)
967 {
968 return md->md_size;
969 }
EVP_MD_meth_get_app_datasize(const EVP_MD * md)970 int EVP_MD_meth_get_app_datasize(const EVP_MD *md)
971 {
972 return md->ctx_size;
973 }
EVP_MD_meth_get_flags(const EVP_MD * md)974 unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
975 {
976 return md->flags;
977 }
EVP_MD_meth_get_init(const EVP_MD * md)978 int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
979 {
980 return md->init;
981 }
EVP_MD_meth_get_update(const EVP_MD * md)982 int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
983 const void *data,
984 size_t count)
985 {
986 return md->update;
987 }
EVP_MD_meth_get_final(const EVP_MD * md)988 int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
989 unsigned char *md)
990 {
991 return md->final;
992 }
EVP_MD_meth_get_copy(const EVP_MD * md)993 int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
994 const EVP_MD_CTX *from)
995 {
996 return md->copy;
997 }
EVP_MD_meth_get_cleanup(const EVP_MD * md)998 int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
999 {
1000 return md->cleanup;
1001 }
EVP_MD_meth_get_ctrl(const EVP_MD * md)1002 int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
1003 int p1, void *p2)
1004 {
1005 return md->md_ctrl;
1006 }
1007
1008 #ifndef OPENSSL_NO_DEPRECATED_3_0
EVP_MD_CTX_md(const EVP_MD_CTX * ctx)1009 const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
1010 {
1011 if (ctx == NULL)
1012 return NULL;
1013 return ctx->reqdigest;
1014 }
1015 #endif
1016
EVP_MD_CTX_get0_md(const EVP_MD_CTX * ctx)1017 const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx)
1018 {
1019 if (ctx == NULL)
1020 return NULL;
1021 return ctx->reqdigest;
1022 }
1023
EVP_MD_CTX_get1_md(EVP_MD_CTX * ctx)1024 EVP_MD *EVP_MD_CTX_get1_md(EVP_MD_CTX *ctx)
1025 {
1026 EVP_MD *md;
1027
1028 if (ctx == NULL)
1029 return NULL;
1030 md = (EVP_MD *)ctx->reqdigest;
1031 if (md == NULL || !EVP_MD_up_ref(md))
1032 return NULL;
1033 return md;
1034 }
1035
EVP_MD_CTX_get_size_ex(const EVP_MD_CTX * ctx)1036 int EVP_MD_CTX_get_size_ex(const EVP_MD_CTX *ctx)
1037 {
1038 EVP_MD_CTX *c = (EVP_MD_CTX *)ctx;
1039 const OSSL_PARAM *gettables;
1040
1041 gettables = EVP_MD_CTX_gettable_params(c);
1042 if (gettables != NULL
1043 && OSSL_PARAM_locate_const(gettables,
1044 OSSL_DIGEST_PARAM_SIZE) != NULL) {
1045 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
1046 size_t sz = 0;
1047
1048 /*
1049 * For XOF's EVP_MD_get_size() returns 0
1050 * So try to get the xoflen instead. This will return -1 if the
1051 * xof length has not been set.
1052 */
1053 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &sz);
1054 if (EVP_MD_CTX_get_params(c, params) != 1
1055 || sz == SIZE_MAX
1056 || sz == 0)
1057 return -1;
1058 return sz;
1059 }
1060 /* Normal digests have a constant fixed size output */
1061 return EVP_MD_get_size(EVP_MD_CTX_get0_md(ctx));
1062 }
1063
EVP_MD_CTX_get_pkey_ctx(const EVP_MD_CTX * ctx)1064 EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(const EVP_MD_CTX *ctx)
1065 {
1066 return ctx->pctx;
1067 }
1068
1069 #if !defined(FIPS_MODULE)
EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX * ctx,EVP_PKEY_CTX * pctx)1070 void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
1071 {
1072 /*
1073 * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
1074 * we have to deal with the cleanup job here.
1075 */
1076 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
1077 EVP_PKEY_CTX_free(ctx->pctx);
1078
1079 ctx->pctx = pctx;
1080
1081 if (pctx != NULL) {
1082 /* make sure pctx is not freed when destroying EVP_MD_CTX */
1083 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
1084 } else {
1085 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
1086 }
1087 }
1088 #endif /* !defined(FIPS_MODULE) */
1089
EVP_MD_CTX_get0_md_data(const EVP_MD_CTX * ctx)1090 void *EVP_MD_CTX_get0_md_data(const EVP_MD_CTX *ctx)
1091 {
1092 return ctx->md_data;
1093 }
1094
EVP_MD_CTX_update_fn(EVP_MD_CTX * ctx)1095 int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
1096 const void *data, size_t count)
1097 {
1098 return ctx->update;
1099 }
1100
EVP_MD_CTX_set_update_fn(EVP_MD_CTX * ctx,int (* update)(EVP_MD_CTX * ctx,const void * data,size_t count))1101 void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
1102 int (*update) (EVP_MD_CTX *ctx,
1103 const void *data, size_t count))
1104 {
1105 ctx->update = update;
1106 }
1107
EVP_MD_CTX_set_flags(EVP_MD_CTX * ctx,int flags)1108 void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
1109 {
1110 ctx->flags |= flags;
1111 }
1112
EVP_MD_CTX_clear_flags(EVP_MD_CTX * ctx,int flags)1113 void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
1114 {
1115 ctx->flags &= ~flags;
1116 }
1117
EVP_MD_CTX_test_flags(const EVP_MD_CTX * ctx,int flags)1118 int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
1119 {
1120 return (ctx->flags & flags);
1121 }
1122
evp_cipher_ctx_enable_use_bits(EVP_CIPHER_CTX * ctx,unsigned int enable)1123 static int evp_cipher_ctx_enable_use_bits(EVP_CIPHER_CTX *ctx,
1124 unsigned int enable)
1125 {
1126 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1127
1128 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_USE_BITS, &enable);
1129 return EVP_CIPHER_CTX_set_params(ctx, params);
1130 }
1131
EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX * ctx,int flags)1132 void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
1133 {
1134 int oldflags = ctx->flags;
1135
1136 ctx->flags |= flags;
1137 if (((oldflags ^ ctx->flags) & EVP_CIPH_FLAG_LENGTH_BITS) != 0)
1138 evp_cipher_ctx_enable_use_bits(ctx, 1);
1139 }
1140
EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX * ctx,int flags)1141 void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
1142 {
1143 int oldflags = ctx->flags;
1144
1145 ctx->flags &= ~flags;
1146 if (((oldflags ^ ctx->flags) & EVP_CIPH_FLAG_LENGTH_BITS) != 0)
1147 evp_cipher_ctx_enable_use_bits(ctx, 0);
1148 }
1149
EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX * ctx,int flags)1150 int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
1151 {
1152 return (ctx->flags & flags);
1153 }
1154
1155 #if !defined(FIPS_MODULE)
1156
EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX * ctx,const char * name)1157 int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name)
1158 {
1159 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1160
1161 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
1162 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1163 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1164 return -2;
1165 }
1166
1167 if (name == NULL)
1168 return -1;
1169
1170 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1171 (char *)name, 0);
1172 return EVP_PKEY_CTX_set_params(ctx, params);
1173 }
1174
EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX * ctx,char * name,size_t namelen)1175 int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
1176 {
1177 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1178 OSSL_PARAM *p = params;
1179
1180 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
1181 /* There is no legacy support for this */
1182 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1183 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1184 return -2;
1185 }
1186
1187 if (name == NULL)
1188 return -1;
1189
1190 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1191 name, namelen);
1192 if (!EVP_PKEY_CTX_get_params(ctx, params))
1193 return -1;
1194 return 1;
1195 }
1196 #endif /* !FIPS_MODULE */
1197
1198 /*
1199 * evp_pkey_keygen() abstracts from the explicit use of B<EVP_PKEY_CTX>
1200 * while providing a generic way of generating a new asymmetric key pair
1201 * of algorithm type I<name> (e.g., C<RSA> or C<EC>).
1202 * The library context I<libctx> and property query I<propq>
1203 * are used when fetching algorithms from providers.
1204 * The I<params> specify algorithm-specific parameters
1205 * such as the RSA modulus size or the name of an EC curve.
1206 */
evp_pkey_keygen(OSSL_LIB_CTX * libctx,const char * name,const char * propq,const OSSL_PARAM * params)1207 static EVP_PKEY *evp_pkey_keygen(OSSL_LIB_CTX *libctx, const char *name,
1208 const char *propq, const OSSL_PARAM *params)
1209 {
1210 EVP_PKEY *pkey = NULL;
1211 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(libctx, name, propq);
1212
1213 if (ctx != NULL
1214 && EVP_PKEY_keygen_init(ctx) > 0
1215 && EVP_PKEY_CTX_set_params(ctx, params))
1216 (void)EVP_PKEY_generate(ctx, &pkey);
1217
1218 EVP_PKEY_CTX_free(ctx);
1219 return pkey;
1220 }
1221
EVP_PKEY_Q_keygen(OSSL_LIB_CTX * libctx,const char * propq,const char * type,...)1222 EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq,
1223 const char *type, ...)
1224 {
1225 va_list args;
1226 size_t bits;
1227 char *name;
1228 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1229 EVP_PKEY *ret = NULL;
1230
1231 va_start(args, type);
1232
1233 if (OPENSSL_strcasecmp(type, "RSA") == 0) {
1234 bits = va_arg(args, size_t);
1235 params[0] = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_RSA_BITS, &bits);
1236 } else if (OPENSSL_strcasecmp(type, "EC") == 0) {
1237 name = va_arg(args, char *);
1238 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1239 name, 0);
1240 }
1241
1242 ret = evp_pkey_keygen(libctx, type, propq, params);
1243
1244 va_end(args);
1245 return ret;
1246 }
1247
1248 #if !defined(FIPS_MODULE)
EVP_CIPHER_CTX_set_algor_params(EVP_CIPHER_CTX * ctx,const X509_ALGOR * alg)1249 int EVP_CIPHER_CTX_set_algor_params(EVP_CIPHER_CTX *ctx, const X509_ALGOR *alg)
1250 {
1251 int ret = -1; /* Assume the worst */
1252 unsigned char *der = NULL;
1253 int derl = -1;
1254
1255 if ((derl = i2d_ASN1_TYPE(alg->parameter, &der)) >= 0) {
1256 const char *k_old = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD;
1257 const char *k_new = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS;
1258 OSSL_PARAM params[3];
1259
1260 /*
1261 * Passing the same data with both the old (deprecated) and the
1262 * new AlgID parameters OSSL_PARAM key.
1263 */
1264 params[0] = OSSL_PARAM_construct_octet_string(k_old, der, (size_t)derl);
1265 params[1] = OSSL_PARAM_construct_octet_string(k_new, der, (size_t)derl);
1266 params[2] = OSSL_PARAM_construct_end();
1267 ret = EVP_CIPHER_CTX_set_params(ctx, params);
1268 }
1269 OPENSSL_free(der);
1270 return ret;
1271 }
1272
EVP_CIPHER_CTX_get_algor_params(EVP_CIPHER_CTX * ctx,X509_ALGOR * alg)1273 int EVP_CIPHER_CTX_get_algor_params(EVP_CIPHER_CTX *ctx, X509_ALGOR *alg)
1274 {
1275 int ret = -1; /* Assume the worst */
1276 unsigned char *der = NULL;
1277 size_t derl;
1278 ASN1_TYPE *type = NULL;
1279 int i = -1;
1280 const char *k_old = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD;
1281 const char *k_new = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS;
1282 const char *derk;
1283 OSSL_PARAM params[3];
1284
1285 /*
1286 * We make two passes, the first to get the appropriate buffer size,
1287 * and the second to get the actual value.
1288 * Also, using both the old (deprecated) and the new AlgID parameters
1289 * OSSL_PARAM key, and using whichever the provider responds to.
1290 * Should the provider respond on both, the new key takes priority.
1291 */
1292 params[0] = OSSL_PARAM_construct_octet_string(k_old, NULL, 0);
1293 params[1] = OSSL_PARAM_construct_octet_string(k_new, NULL, 0);
1294 params[2] = OSSL_PARAM_construct_end();
1295
1296 if (!EVP_CIPHER_CTX_get_params(ctx, params))
1297 goto err;
1298
1299 /* ... but, we should get a return size too! */
1300 if (OSSL_PARAM_modified(¶ms[0]) && params[0].return_size != 0)
1301 i = 0;
1302 if (OSSL_PARAM_modified(¶ms[1]) && params[1].return_size != 0)
1303 i = 1;
1304 if (i < 0)
1305 goto err;
1306
1307 /*
1308 * If alg->parameter is non-NULL, it will be changed by d2i_ASN1_TYPE()
1309 * below. If it is NULL, the d2i_ASN1_TYPE() call will allocate new
1310 * space for it. Either way, alg->parameter can be safely assigned
1311 * with type after the d2i_ASN1_TYPE() call, with the safety that it
1312 * will be ok.
1313 */
1314 type = alg->parameter;
1315
1316 derk = params[i].key;
1317 derl = params[i].return_size;
1318 if ((der = OPENSSL_malloc(derl)) != NULL) {
1319 unsigned char *derp = der;
1320
1321 params[i] = OSSL_PARAM_construct_octet_string(derk, der, derl);
1322 if (EVP_CIPHER_CTX_get_params(ctx, params)
1323 && OSSL_PARAM_modified(¶ms[i])
1324 && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
1325 (int)derl) != NULL) {
1326 /*
1327 * Don't free alg->parameter, see comment further up.
1328 * Worst case, alg->parameter gets assigned its own value.
1329 */
1330 alg->parameter = type;
1331 ret = 1;
1332 }
1333 }
1334 err:
1335 OPENSSL_free(der);
1336 return ret;
1337 }
1338
EVP_CIPHER_CTX_get_algor(EVP_CIPHER_CTX * ctx,X509_ALGOR ** alg)1339 int EVP_CIPHER_CTX_get_algor(EVP_CIPHER_CTX *ctx, X509_ALGOR **alg)
1340 {
1341 int ret = -1; /* Assume the worst */
1342 OSSL_PARAM params[2];
1343 size_t aid_len = 0;
1344 const char *k_aid = OSSL_SIGNATURE_PARAM_ALGORITHM_ID;
1345
1346 params[0] = OSSL_PARAM_construct_octet_string(k_aid, NULL, 0);
1347 params[1] = OSSL_PARAM_construct_end();
1348
1349 if (EVP_CIPHER_CTX_get_params(ctx, params) <= 0)
1350 goto err;
1351
1352 if (OSSL_PARAM_modified(¶ms[0]))
1353 aid_len = params[0].return_size;
1354 if (aid_len == 0) {
1355 ERR_raise(ERR_LIB_EVP, EVP_R_GETTING_ALGORITHMIDENTIFIER_NOT_SUPPORTED);
1356 ret = -2;
1357 goto err;
1358 }
1359 if (alg != NULL) {
1360 unsigned char *aid = NULL;
1361 const unsigned char *pp = NULL;
1362
1363 if ((aid = OPENSSL_malloc(aid_len)) != NULL) {
1364 params[0] = OSSL_PARAM_construct_octet_string(k_aid, aid, aid_len);
1365 pp = aid;
1366 if (EVP_CIPHER_CTX_get_params(ctx, params)
1367 && OSSL_PARAM_modified(¶ms[0])
1368 && d2i_X509_ALGOR(alg, &pp, aid_len) != NULL)
1369 ret = 1;
1370 }
1371 OPENSSL_free(aid);
1372 }
1373 err:
1374 return ret;
1375 }
1376
EVP_PKEY_CTX_set_algor_params(EVP_PKEY_CTX * ctx,const X509_ALGOR * alg)1377 int EVP_PKEY_CTX_set_algor_params(EVP_PKEY_CTX *ctx, const X509_ALGOR *alg)
1378 {
1379 int ret = -1; /* Assume the worst */
1380 unsigned char *der = NULL;
1381 int derl = -1;
1382
1383 if ((derl = i2d_ASN1_TYPE(alg->parameter, &der)) >= 0) {
1384 const char *k = OSSL_PKEY_PARAM_ALGORITHM_ID_PARAMS;
1385 OSSL_PARAM params[2];
1386
1387 /*
1388 * Passing the same data with both the old (deprecated) and the
1389 * new AlgID parameters OSSL_PARAM key.
1390 */
1391 params[0] = OSSL_PARAM_construct_octet_string(k, der, (size_t)derl);
1392 params[1] = OSSL_PARAM_construct_end();
1393 ret = EVP_PKEY_CTX_set_params(ctx, params);
1394 }
1395 OPENSSL_free(der);
1396 return ret;
1397 }
1398
EVP_PKEY_CTX_get_algor_params(EVP_PKEY_CTX * ctx,X509_ALGOR * alg)1399 int EVP_PKEY_CTX_get_algor_params(EVP_PKEY_CTX *ctx, X509_ALGOR *alg)
1400 {
1401 int ret = -1; /* Assume the worst */
1402 OSSL_PARAM params[2];
1403 unsigned char *der = NULL;
1404 size_t derl;
1405 ASN1_TYPE *type = NULL;
1406 const char *k = OSSL_PKEY_PARAM_ALGORITHM_ID_PARAMS;
1407
1408 /*
1409 * We make two passes, the first to get the appropriate buffer size,
1410 * and the second to get the actual value.
1411 * Also, using both the old (deprecated) and the new AlgID parameters
1412 * OSSL_PARAM key, and using whichever the provider responds to.
1413 * Should the provider respond on both, the new key takes priority.
1414 */
1415 params[0] = OSSL_PARAM_construct_octet_string(k, NULL, 0);
1416 params[1] = OSSL_PARAM_construct_end();
1417
1418 if (!EVP_PKEY_CTX_get_params(ctx, params))
1419 goto err;
1420
1421 /*
1422 * If alg->parameter is non-NULL, it will be changed by d2i_ASN1_TYPE()
1423 * below. If it is NULL, the d2i_ASN1_TYPE() call will allocate new
1424 * space for it. Either way, alg->parameter can be safely assigned
1425 * with type after the d2i_ASN1_TYPE() call, with the safety that it
1426 * will be ok.
1427 */
1428 type = alg->parameter;
1429
1430 derl = params[0].return_size;
1431 if (OSSL_PARAM_modified(¶ms[0])
1432 /* ... but, we should get a return size too! */
1433 && derl != 0
1434 && (der = OPENSSL_malloc(derl)) != NULL) {
1435 unsigned char *derp = der;
1436
1437 params[0] = OSSL_PARAM_construct_octet_string(k, der, derl);
1438 if (EVP_PKEY_CTX_get_params(ctx, params)
1439 && OSSL_PARAM_modified(¶ms[0])
1440 && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
1441 derl) != NULL) {
1442 /*
1443 * Don't free alg->parameter, see comment further up.
1444 * Worst case, alg->parameter gets assigned its own value.
1445 */
1446 alg->parameter = type;
1447 ret = 1;
1448 }
1449 }
1450 err:
1451 OPENSSL_free(der);
1452 return ret;
1453 }
1454
EVP_PKEY_CTX_get_algor(EVP_PKEY_CTX * ctx,X509_ALGOR ** alg)1455 int EVP_PKEY_CTX_get_algor(EVP_PKEY_CTX *ctx, X509_ALGOR **alg)
1456 {
1457 int ret = -1; /* Assume the worst */
1458 OSSL_PARAM params[2];
1459 size_t aid_len = 0;
1460 const char *k_aid = OSSL_SIGNATURE_PARAM_ALGORITHM_ID;
1461
1462 params[0] = OSSL_PARAM_construct_octet_string(k_aid, NULL, 0);
1463 params[1] = OSSL_PARAM_construct_end();
1464
1465 if (EVP_PKEY_CTX_get_params(ctx, params) <= 0)
1466 goto err;
1467
1468 if (OSSL_PARAM_modified(¶ms[0]))
1469 aid_len = params[0].return_size;
1470 if (aid_len == 0) {
1471 ERR_raise(ERR_LIB_EVP, EVP_R_GETTING_ALGORITHMIDENTIFIER_NOT_SUPPORTED);
1472 ret = -2;
1473 goto err;
1474 }
1475 if (alg != NULL) {
1476 unsigned char *aid = NULL;
1477 const unsigned char *pp = NULL;
1478
1479 if ((aid = OPENSSL_malloc(aid_len)) != NULL) {
1480 params[0] = OSSL_PARAM_construct_octet_string(k_aid, aid, aid_len);
1481 pp = aid;
1482 if (EVP_PKEY_CTX_get_params(ctx, params)
1483 && OSSL_PARAM_modified(¶ms[0])
1484 && d2i_X509_ALGOR(alg, &pp, aid_len) != NULL)
1485 ret = 1;
1486 }
1487 OPENSSL_free(aid);
1488 }
1489 err:
1490 return ret;
1491 }
1492
1493 #endif /* !defined(FIPS_MODULE) */
1494