1 /* 2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * DES low level APIs are deprecated for public use, but still ok for internal 12 * use. 13 */ 14 #include "internal/deprecated.h" 15 16 #include <openssl/rand.h> 17 #include <openssl/proverr.h> 18 #include "prov/ciphercommon.h" 19 #include "cipher_tdes.h" 20 #include "prov/implementations.h" 21 #include "prov/providercommon.h" 22 23 void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, 24 size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw) 25 { 26 PROV_TDES_CTX *tctx; 27 28 if (!ossl_prov_is_running()) 29 return NULL; 30 31 tctx = OPENSSL_zalloc(sizeof(*tctx)); 32 if (tctx != NULL) 33 ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags, 34 hw, provctx); 35 return tctx; 36 } 37 38 void *ossl_tdes_dupctx(void *ctx) 39 { 40 PROV_TDES_CTX *in = (PROV_TDES_CTX *)ctx; 41 PROV_TDES_CTX *ret; 42 43 if (!ossl_prov_is_running()) 44 return NULL; 45 46 ret = OPENSSL_malloc(sizeof(*ret)); 47 if (ret == NULL) { 48 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); 49 return NULL; 50 } 51 in->base.hw->copyctx(&ret->base, &in->base); 52 53 return ret; 54 } 55 56 void ossl_tdes_freectx(void *vctx) 57 { 58 PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx; 59 60 ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); 61 OPENSSL_clear_free(ctx, sizeof(*ctx)); 62 } 63 64 static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, 65 const unsigned char *iv, size_t ivlen, 66 const OSSL_PARAM params[], int enc) 67 { 68 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 69 70 if (!ossl_prov_is_running()) 71 return 0; 72 73 ctx->num = 0; 74 ctx->bufsz = 0; 75 ctx->enc = enc; 76 77 if (iv != NULL) { 78 if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) 79 return 0; 80 } else if (ctx->iv_set 81 && (ctx->mode == EVP_CIPH_CBC_MODE 82 || ctx->mode == EVP_CIPH_CFB_MODE 83 || ctx->mode == EVP_CIPH_OFB_MODE)) { 84 /* reset IV to keep compatibility with 1.1.1 */ 85 memcpy(ctx->iv, ctx->oiv, ctx->ivlen); 86 } 87 88 if (key != NULL) { 89 if (keylen != ctx->keylen) { 90 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); 91 return 0; 92 } 93 if (!ctx->hw->init(ctx, key, ctx->keylen)) 94 return 0; 95 ctx->key_set = 1; 96 } 97 return ossl_cipher_generic_set_ctx_params(ctx, params); 98 } 99 100 int ossl_tdes_einit(void *vctx, const unsigned char *key, size_t keylen, 101 const unsigned char *iv, size_t ivlen, 102 const OSSL_PARAM params[]) 103 { 104 return tdes_init(vctx, key, keylen, iv, ivlen, params, 1); 105 } 106 107 int ossl_tdes_dinit(void *vctx, const unsigned char *key, size_t keylen, 108 const unsigned char *iv, size_t ivlen, 109 const OSSL_PARAM params[]) 110 { 111 return tdes_init(vctx, key, keylen, iv, ivlen, params, 0); 112 } 113 114 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_tdes) 115 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0), 116 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes) 117 118 static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) 119 { 120 121 DES_cblock *deskey = ptr; 122 size_t kl = ctx->keylen; 123 124 if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl, 0) <= 0) 125 return 0; 126 DES_set_odd_parity(deskey); 127 if (kl >= 16) { 128 DES_set_odd_parity(deskey + 1); 129 if (kl >= 24) 130 DES_set_odd_parity(deskey + 2); 131 } 132 return 1; 133 } 134 135 int ossl_tdes_get_ctx_params(void *vctx, OSSL_PARAM params[]) 136 { 137 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 138 OSSL_PARAM *p; 139 140 if (!ossl_cipher_generic_get_ctx_params(vctx, params)) 141 return 0; 142 143 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY); 144 if (p != NULL && !tdes_generatekey(ctx, p->data)) { 145 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY); 146 return 0; 147 } 148 return 1; 149 } 150