1 /* 2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* Dispatch functions for RC2 cipher modes ecb, cbc, ofb, cfb */ 11 12 /* 13 * RC2 low level APIs are deprecated for public use, but still ok for internal 14 * use. 15 */ 16 #include "internal/deprecated.h" 17 18 #include <openssl/proverr.h> 19 #include "cipher_rc2.h" 20 #include "prov/implementations.h" 21 #include "prov/providercommon.h" 22 23 #define RC2_40_MAGIC 0xa0 24 #define RC2_64_MAGIC 0x78 25 #define RC2_128_MAGIC 0x3a 26 #define RC2_FLAGS PROV_CIPHER_FLAG_VARIABLE_LENGTH 27 28 static OSSL_FUNC_cipher_encrypt_init_fn rc2_einit; 29 static OSSL_FUNC_cipher_decrypt_init_fn rc2_dinit; 30 static OSSL_FUNC_cipher_freectx_fn rc2_freectx; 31 static OSSL_FUNC_cipher_dupctx_fn rc2_dupctx; 32 static OSSL_FUNC_cipher_gettable_ctx_params_fn rc2_gettable_ctx_params; 33 static OSSL_FUNC_cipher_settable_ctx_params_fn rc2_settable_ctx_params; 34 static OSSL_FUNC_cipher_set_ctx_params_fn rc2_set_ctx_params; 35 36 static void rc2_freectx(void *vctx) 37 { 38 PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; 39 40 ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); 41 OPENSSL_clear_free(ctx, sizeof(*ctx)); 42 } 43 44 static void *rc2_dupctx(void *ctx) 45 { 46 PROV_RC2_CTX *in = (PROV_RC2_CTX *)ctx; 47 PROV_RC2_CTX *ret; 48 49 if (!ossl_prov_is_running()) 50 return NULL; 51 52 ret = OPENSSL_malloc(sizeof(*ret)); 53 if (ret == NULL) 54 return NULL; 55 *ret = *in; 56 57 return ret; 58 } 59 60 static int rc2_keybits_to_magic(int keybits) 61 { 62 switch (keybits) { 63 case 128: 64 return RC2_128_MAGIC; 65 case 64: 66 return RC2_64_MAGIC; 67 case 40: 68 return RC2_40_MAGIC; 69 } 70 ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE); 71 return 0; 72 } 73 74 static int rc2_magic_to_keybits(int magic) 75 { 76 switch (magic) { 77 case RC2_128_MAGIC: 78 return 128; 79 case RC2_64_MAGIC: 80 return 64; 81 case RC2_40_MAGIC: 82 return 40; 83 } 84 ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE); 85 return 0; 86 } 87 88 static int rc2_einit(void *ctx, const unsigned char *key, size_t keylen, 89 const unsigned char *iv, size_t ivlen, 90 const OSSL_PARAM params[]) 91 { 92 if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL)) 93 return 0; 94 return rc2_set_ctx_params(ctx, params); 95 } 96 97 static int rc2_dinit(void *ctx, const unsigned char *key, size_t keylen, 98 const unsigned char *iv, size_t ivlen, 99 const OSSL_PARAM params[]) 100 { 101 if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL)) 102 return 0; 103 return rc2_set_ctx_params(ctx, params); 104 } 105 106 static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) 107 { 108 PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; 109 OSSL_PARAM *p, *p1, *p2; 110 111 if (!ossl_cipher_generic_get_ctx_params(vctx, params)) 112 return 0; 113 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RC2_KEYBITS); 114 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->key_bits)) { 115 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 116 return 0; 117 } 118 p1 = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS); 119 p2 = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD); 120 if (p1 != NULL || p2 != NULL) { 121 long num; 122 int i; 123 ASN1_TYPE *type; 124 unsigned char *d1 = (p1 == NULL) ? NULL : p1->data; 125 unsigned char *d2 = (p2 == NULL) ? NULL : p2->data; 126 unsigned char **dd1 = d1 == NULL ? NULL : &d1; 127 unsigned char **dd2 = d2 == NULL ? NULL : &d2; 128 129 if ((p1 != NULL && p1->data_type != OSSL_PARAM_OCTET_STRING) 130 || (p2 != NULL && p2->data_type != OSSL_PARAM_OCTET_STRING)) { 131 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 132 return 0; 133 } 134 if ((type = ASN1_TYPE_new()) == NULL) { 135 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 136 return 0; 137 } 138 139 /* Is this the original IV or the running IV? */ 140 num = rc2_keybits_to_magic(ctx->key_bits); 141 if (!ASN1_TYPE_set_int_octetstring(type, num, 142 ctx->base.iv, ctx->base.ivlen)) { 143 ASN1_TYPE_free(type); 144 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); 145 return 0; 146 } 147 148 /* 149 * IF the caller has a buffer, we pray to the gods they got the 150 * size right. There's no way to tell the i2d functions... 151 */ 152 i = i2d_ASN1_TYPE(type, dd1); 153 if (p1 != NULL && i >= 0) 154 p1->return_size = (size_t)i; 155 156 /* 157 * If the buffers differ, redo the i2d on the second buffer. 158 * Otherwise, just use |i| as computed above 159 */ 160 if (d1 != d2) 161 i = i2d_ASN1_TYPE(type, dd2); 162 if (p2 != NULL && i >= 0) 163 p2->return_size = (size_t)i; 164 165 ASN1_TYPE_free(type); 166 if (i < 0) { 167 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 168 return 0; 169 } 170 } 171 return 1; 172 } 173 174 static int rc2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 175 { 176 PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; 177 const OSSL_PARAM *p; 178 179 if (ossl_param_is_empty(params)) 180 return 1; 181 182 if (!ossl_cipher_var_keylen_set_ctx_params(vctx, params)) 183 return 0; 184 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_RC2_KEYBITS); 185 if (p != NULL) { 186 if (!OSSL_PARAM_get_size_t(p, &ctx->key_bits)) { 187 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 188 return 0; 189 } 190 } 191 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS); 192 if (p != NULL) { 193 ASN1_TYPE *type = NULL; 194 long num = 0; 195 const unsigned char *d = p->data; 196 int ret = 1; 197 unsigned char iv[16]; 198 199 if (p->data_type != OSSL_PARAM_OCTET_STRING 200 || ctx->base.ivlen > sizeof(iv) 201 || (type = d2i_ASN1_TYPE(NULL, &d, p->data_size)) == NULL 202 || ((size_t)ASN1_TYPE_get_int_octetstring(type, &num, iv, 203 ctx->base.ivlen) 204 != ctx->base.ivlen) 205 || !ossl_cipher_generic_initiv(&ctx->base, iv, ctx->base.ivlen) 206 || (ctx->key_bits = rc2_magic_to_keybits(num)) == 0) { 207 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 208 ret = 0; 209 } 210 ASN1_TYPE_free(type); 211 if (ret == 0) 212 return 0; 213 /* 214 * This code assumes that the caller will call 215 * EVP_CipherInit_ex() with a non NULL key in order to setup a key that 216 * uses the keylen and keybits that were set here. 217 */ 218 ctx->base.keylen = ctx->key_bits / 8; 219 } 220 return 1; 221 } 222 223 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(rc2) 224 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL), 225 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0), 226 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc2) 227 228 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc2) 229 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 230 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL), 231 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0), 232 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc2) 233 234 #define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, blkbits, \ 235 ivbits, typ) \ 236 static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ 237 static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ 238 { \ 239 return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ 240 flags, kbits, blkbits, ivbits); \ 241 } \ 242 static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ 243 static void *alg##_##kbits##_##lcmode##_newctx(void *provctx) \ 244 { \ 245 PROV_##UCALG##_CTX *ctx; \ 246 if (!ossl_prov_is_running()) \ 247 return NULL; \ 248 ctx = OPENSSL_zalloc(sizeof(*ctx)); \ 249 if (ctx != NULL) { \ 250 ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ 251 EVP_CIPH_##UCMODE##_MODE, flags, \ 252 ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ 253 NULL); \ 254 ctx->key_bits = kbits; \ 255 } \ 256 return ctx; \ 257 } \ 258 const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ 259 { OSSL_FUNC_CIPHER_NEWCTX, \ 260 (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ 261 { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ 262 { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ 263 { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc2_einit }, \ 264 { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc2_dinit }, \ 265 { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ 266 { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ 267 { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ 268 { OSSL_FUNC_CIPHER_GET_PARAMS, \ 269 (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ 270 { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ 271 (void (*)(void))ossl_cipher_generic_gettable_params }, \ 272 { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ 273 (void (*)(void))rc2_get_ctx_params }, \ 274 { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ 275 (void (*)(void))rc2_gettable_ctx_params }, \ 276 { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ 277 (void (*)(void))rc2_set_ctx_params }, \ 278 { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ 279 (void (*)(void))rc2_settable_ctx_params }, \ 280 OSSL_DISPATCH_END \ 281 }; 282 283 /* ossl_rc2128ecb_functions */ 284 IMPLEMENT_cipher(rc2, RC2, ecb, ECB, RC2_FLAGS, 128, 64, 0, block) 285 /* ossl_rc2128cbc_functions */ 286 IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 128, 64, 64, block) 287 /* ossl_rc240cbc_functions */ 288 IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 40, 64, 64, block) 289 /* ossl_rc264cbc_functions */ 290 IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 64, 64, 64, block) 291 292 /* ossl_rc2128ofb128_functions */ 293 IMPLEMENT_cipher(rc2, RC2, ofb128, OFB, RC2_FLAGS, 128, 8, 64, stream) 294 /* ossl_rc2128cfb128_functions */ 295 IMPLEMENT_cipher(rc2, RC2, cfb128, CFB, RC2_FLAGS, 128, 8, 64, stream) 296