1 /* 2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * Generic dispatch table functions for ciphers. 12 */ 13 14 /* For SSL3_VERSION */ 15 #include <openssl/prov_ssl.h> 16 #include <openssl/proverr.h> 17 #include "ciphercommon_local.h" 18 #include "prov/provider_ctx.h" 19 #include "prov/providercommon.h" 20 21 /*- 22 * Generic cipher functions for OSSL_PARAM gettables and settables 23 */ 24 static const OSSL_PARAM cipher_known_gettable_params[] = { 25 OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL), 26 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 27 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), 28 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL), 29 OSSL_PARAM_int(OSSL_CIPHER_PARAM_AEAD, NULL), 30 OSSL_PARAM_int(OSSL_CIPHER_PARAM_CUSTOM_IV, NULL), 31 OSSL_PARAM_int(OSSL_CIPHER_PARAM_CTS, NULL), 32 OSSL_PARAM_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK, NULL), 33 OSSL_PARAM_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY, NULL), 34 OSSL_PARAM_END 35 }; 36 const OSSL_PARAM *ossl_cipher_generic_gettable_params(ossl_unused void *provctx) 37 { 38 return cipher_known_gettable_params; 39 } 40 41 int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, 42 uint64_t flags, 43 size_t kbits, size_t blkbits, size_t ivbits) 44 { 45 OSSL_PARAM *p; 46 47 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); 48 if (p != NULL && !OSSL_PARAM_set_uint(p, md)) { 49 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 50 return 0; 51 } 52 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD); 53 if (p != NULL 54 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_AEAD) != 0)) { 55 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 56 return 0; 57 } 58 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CUSTOM_IV); 59 if (p != NULL 60 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CUSTOM_IV) != 0)) { 61 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 62 return 0; 63 } 64 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CTS); 65 if (p != NULL 66 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CTS) != 0)) { 67 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 68 return 0; 69 } 70 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK); 71 if (p != NULL 72 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_TLS1_MULTIBLOCK) != 0)) { 73 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 74 return 0; 75 } 76 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_HAS_RAND_KEY); 77 if (p != NULL 78 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_RAND_KEY) != 0)) { 79 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 80 return 0; 81 } 82 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); 83 if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) { 84 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 85 return 0; 86 } 87 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); 88 if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) { 89 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 90 return 0; 91 } 92 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); 93 if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) { 94 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 95 return 0; 96 } 97 return 1; 98 } 99 100 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic) 101 { OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED }, 102 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic) 103 104 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic) 105 OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL), 106 OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL), 107 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL), 108 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic) 109 110 /* 111 * Variable key length cipher functions for OSSL_PARAM settables 112 */ 113 int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 114 { 115 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 116 const OSSL_PARAM *p; 117 118 if (params == NULL) 119 return 1; 120 121 if (!ossl_cipher_generic_set_ctx_params(vctx, params)) 122 return 0; 123 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); 124 if (p != NULL) { 125 size_t keylen; 126 127 if (!OSSL_PARAM_get_size_t(p, &keylen)) { 128 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 129 return 0; 130 } 131 if (ctx->keylen != keylen) { 132 ctx->keylen = keylen; 133 ctx->key_set = 0; 134 } 135 } 136 return 1; 137 } 138 139 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen) 140 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 141 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen) 142 143 /*- 144 * AEAD cipher functions for OSSL_PARAM gettables and settables 145 */ 146 static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = { 147 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 148 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), 149 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), 150 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), 151 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), 152 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), 153 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), 154 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0), 155 OSSL_PARAM_END 156 }; 157 const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params( 158 ossl_unused void *cctx, ossl_unused void *provctx 159 ) 160 { 161 return cipher_aead_known_gettable_ctx_params; 162 } 163 164 static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = { 165 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL), 166 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), 167 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), 168 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0), 169 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0), 170 OSSL_PARAM_END 171 }; 172 const OSSL_PARAM *ossl_cipher_aead_settable_ctx_params( 173 ossl_unused void *cctx, ossl_unused void *provctx 174 ) 175 { 176 return cipher_aead_known_settable_ctx_params; 177 } 178 179 void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) 180 { 181 if (ctx != NULL && ctx->alloced) { 182 OPENSSL_free(ctx->tlsmac); 183 ctx->alloced = 0; 184 ctx->tlsmac = NULL; 185 } 186 } 187 188 static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, 189 const unsigned char *key, size_t keylen, 190 const unsigned char *iv, size_t ivlen, 191 const OSSL_PARAM params[], int enc) 192 { 193 ctx->num = 0; 194 ctx->bufsz = 0; 195 ctx->updated = 0; 196 ctx->enc = enc ? 1 : 0; 197 198 if (!ossl_prov_is_running()) 199 return 0; 200 201 if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) { 202 if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) 203 return 0; 204 } 205 if (iv == NULL && ctx->iv_set 206 && (ctx->mode == EVP_CIPH_CBC_MODE 207 || ctx->mode == EVP_CIPH_CFB_MODE 208 || ctx->mode == EVP_CIPH_OFB_MODE)) 209 /* reset IV for these modes to keep compatibility with 1.1.1 */ 210 memcpy(ctx->iv, ctx->oiv, ctx->ivlen); 211 212 if (key != NULL) { 213 if (ctx->variable_keylength == 0) { 214 if (keylen != ctx->keylen) { 215 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); 216 return 0; 217 } 218 } else { 219 ctx->keylen = keylen; 220 } 221 if (!ctx->hw->init(ctx, key, ctx->keylen)) 222 return 0; 223 ctx->key_set = 1; 224 } 225 return ossl_cipher_generic_set_ctx_params(ctx, params); 226 } 227 228 int ossl_cipher_generic_einit(void *vctx, const unsigned char *key, 229 size_t keylen, const unsigned char *iv, 230 size_t ivlen, const OSSL_PARAM params[]) 231 { 232 return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, 233 iv, ivlen, params, 1); 234 } 235 236 int ossl_cipher_generic_dinit(void *vctx, const unsigned char *key, 237 size_t keylen, const unsigned char *iv, 238 size_t ivlen, const OSSL_PARAM params[]) 239 { 240 return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, 241 iv, ivlen, params, 0); 242 } 243 244 /* Max padding including padding length byte */ 245 #define MAX_PADDING 256 246 247 int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, 248 size_t *outl, size_t outsize, 249 const unsigned char *in, size_t inl) 250 { 251 size_t outlint = 0; 252 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 253 size_t blksz = ctx->blocksize; 254 size_t nextblocks; 255 256 if (!ctx->key_set) { 257 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); 258 return 0; 259 } 260 261 if (ctx->tlsversion > 0) { 262 /* 263 * Each update call corresponds to a TLS record and is individually 264 * padded 265 */ 266 267 /* Sanity check inputs */ 268 if (in == NULL 269 || in != out 270 || outsize < inl 271 || !ctx->pad) { 272 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 273 return 0; 274 } 275 276 if (ctx->enc) { 277 unsigned char padval; 278 size_t padnum, loop; 279 280 /* Add padding */ 281 282 padnum = blksz - (inl % blksz); 283 284 if (outsize < inl + padnum) { 285 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 286 return 0; 287 } 288 289 if (padnum > MAX_PADDING) { 290 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 291 return 0; 292 } 293 padval = (unsigned char)(padnum - 1); 294 if (ctx->tlsversion == SSL3_VERSION) { 295 if (padnum > 1) 296 memset(out + inl, 0, padnum - 1); 297 *(out + inl + padnum - 1) = padval; 298 } else { 299 /* we need to add 'padnum' padding bytes of value padval */ 300 for (loop = inl; loop < inl + padnum; loop++) 301 out[loop] = padval; 302 } 303 inl += padnum; 304 } 305 306 if ((inl % blksz) != 0) { 307 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 308 return 0; 309 } 310 311 312 /* Shouldn't normally fail */ 313 if (!ctx->hw->cipher(ctx, out, in, inl)) { 314 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 315 return 0; 316 } 317 318 if (ctx->alloced) { 319 OPENSSL_free(ctx->tlsmac); 320 ctx->alloced = 0; 321 ctx->tlsmac = NULL; 322 } 323 324 /* This only fails if padding is publicly invalid */ 325 *outl = inl; 326 if (!ctx->enc 327 && !ossl_cipher_tlsunpadblock(ctx->libctx, ctx->tlsversion, 328 out, outl, 329 blksz, &ctx->tlsmac, &ctx->alloced, 330 ctx->tlsmacsize, 0)) { 331 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 332 return 0; 333 } 334 return 1; 335 } 336 337 if (ctx->bufsz != 0) 338 nextblocks = ossl_cipher_fillblock(ctx->buf, &ctx->bufsz, blksz, 339 &in, &inl); 340 else 341 nextblocks = inl & ~(blksz-1); 342 343 /* 344 * If we're decrypting and we end an update on a block boundary we hold 345 * the last block back in case this is the last update call and the last 346 * block is padded. 347 */ 348 if (ctx->bufsz == blksz && (ctx->enc || inl > 0 || !ctx->pad)) { 349 if (outsize < blksz) { 350 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 351 return 0; 352 } 353 if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) { 354 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 355 return 0; 356 } 357 ctx->bufsz = 0; 358 outlint = blksz; 359 out += blksz; 360 } 361 if (nextblocks > 0) { 362 if (!ctx->enc && ctx->pad && nextblocks == inl) { 363 if (!ossl_assert(inl >= blksz)) { 364 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 365 return 0; 366 } 367 nextblocks -= blksz; 368 } 369 outlint += nextblocks; 370 if (outsize < outlint) { 371 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 372 return 0; 373 } 374 } 375 if (nextblocks > 0) { 376 if (!ctx->hw->cipher(ctx, out, in, nextblocks)) { 377 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 378 return 0; 379 } 380 in += nextblocks; 381 inl -= nextblocks; 382 } 383 if (inl != 0 384 && !ossl_cipher_trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) { 385 /* ERR_raise already called */ 386 return 0; 387 } 388 389 *outl = outlint; 390 return inl == 0; 391 } 392 393 int ossl_cipher_generic_block_final(void *vctx, unsigned char *out, 394 size_t *outl, size_t outsize) 395 { 396 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 397 size_t blksz = ctx->blocksize; 398 399 if (!ossl_prov_is_running()) 400 return 0; 401 402 if (!ctx->key_set) { 403 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); 404 return 0; 405 } 406 407 if (ctx->tlsversion > 0) { 408 /* We never finalize TLS, so this is an error */ 409 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 410 return 0; 411 } 412 413 if (ctx->enc) { 414 if (ctx->pad) { 415 ossl_cipher_padblock(ctx->buf, &ctx->bufsz, blksz); 416 } else if (ctx->bufsz == 0) { 417 *outl = 0; 418 return 1; 419 } else if (ctx->bufsz != blksz) { 420 ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH); 421 return 0; 422 } 423 424 if (outsize < blksz) { 425 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 426 return 0; 427 } 428 if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) { 429 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 430 return 0; 431 } 432 ctx->bufsz = 0; 433 *outl = blksz; 434 return 1; 435 } 436 437 /* Decrypting */ 438 if (ctx->bufsz != blksz) { 439 if (ctx->bufsz == 0 && !ctx->pad) { 440 *outl = 0; 441 return 1; 442 } 443 ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH); 444 return 0; 445 } 446 447 if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) { 448 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 449 return 0; 450 } 451 452 if (ctx->pad && !ossl_cipher_unpadblock(ctx->buf, &ctx->bufsz, blksz)) { 453 /* ERR_raise already called */ 454 return 0; 455 } 456 457 if (outsize < ctx->bufsz) { 458 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 459 return 0; 460 } 461 memcpy(out, ctx->buf, ctx->bufsz); 462 *outl = ctx->bufsz; 463 ctx->bufsz = 0; 464 return 1; 465 } 466 467 int ossl_cipher_generic_stream_update(void *vctx, unsigned char *out, 468 size_t *outl, size_t outsize, 469 const unsigned char *in, size_t inl) 470 { 471 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 472 473 if (!ctx->key_set) { 474 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); 475 return 0; 476 } 477 478 if (inl == 0) { 479 *outl = 0; 480 return 1; 481 } 482 483 if (outsize < inl) { 484 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 485 return 0; 486 } 487 488 if (!ctx->hw->cipher(ctx, out, in, inl)) { 489 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 490 return 0; 491 } 492 493 *outl = inl; 494 if (!ctx->enc && ctx->tlsversion > 0) { 495 /* 496 * Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and 497 * cipher_aes_cbc_hmac_sha256_hw.c 498 */ 499 if (ctx->removetlspad) { 500 /* 501 * We should have already failed in the cipher() call above if this 502 * isn't true. 503 */ 504 if (!ossl_assert(*outl >= (size_t)(out[inl - 1] + 1))) 505 return 0; 506 /* The actual padding length */ 507 *outl -= out[inl - 1] + 1; 508 } 509 510 /* TLS MAC and explicit IV if relevant. We should have already failed 511 * in the cipher() call above if *outl is too short. 512 */ 513 if (!ossl_assert(*outl >= ctx->removetlsfixed)) 514 return 0; 515 *outl -= ctx->removetlsfixed; 516 517 /* Extract the MAC if there is one */ 518 if (ctx->tlsmacsize > 0) { 519 if (*outl < ctx->tlsmacsize) 520 return 0; 521 522 ctx->tlsmac = out + *outl - ctx->tlsmacsize; 523 *outl -= ctx->tlsmacsize; 524 } 525 } 526 527 return 1; 528 } 529 int ossl_cipher_generic_stream_final(void *vctx, unsigned char *out, 530 size_t *outl, size_t outsize) 531 { 532 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 533 534 if (!ossl_prov_is_running()) 535 return 0; 536 537 if (!ctx->key_set) { 538 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); 539 return 0; 540 } 541 542 *outl = 0; 543 return 1; 544 } 545 546 int ossl_cipher_generic_cipher(void *vctx, unsigned char *out, size_t *outl, 547 size_t outsize, const unsigned char *in, 548 size_t inl) 549 { 550 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 551 552 if (!ossl_prov_is_running()) 553 return 0; 554 555 if (!ctx->key_set) { 556 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); 557 return 0; 558 } 559 560 if (outsize < inl) { 561 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 562 return 0; 563 } 564 565 if (!ctx->hw->cipher(ctx, out, in, inl)) { 566 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 567 return 0; 568 } 569 570 *outl = inl; 571 return 1; 572 } 573 574 int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) 575 { 576 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 577 OSSL_PARAM *p; 578 579 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); 580 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) { 581 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 582 return 0; 583 } 584 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING); 585 if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) { 586 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 587 return 0; 588 } 589 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); 590 if (p != NULL 591 && !OSSL_PARAM_set_octet_ptr(p, &ctx->oiv, ctx->ivlen) 592 && !OSSL_PARAM_set_octet_string(p, &ctx->oiv, ctx->ivlen)) { 593 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 594 return 0; 595 } 596 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); 597 if (p != NULL 598 && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen) 599 && !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) { 600 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 601 return 0; 602 } 603 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM); 604 if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) { 605 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 606 return 0; 607 } 608 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); 609 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { 610 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 611 return 0; 612 } 613 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS_MAC); 614 if (p != NULL 615 && !OSSL_PARAM_set_octet_ptr(p, ctx->tlsmac, ctx->tlsmacsize)) { 616 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 617 return 0; 618 } 619 return 1; 620 } 621 622 int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 623 { 624 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 625 const OSSL_PARAM *p; 626 627 if (params == NULL) 628 return 1; 629 630 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING); 631 if (p != NULL) { 632 unsigned int pad; 633 634 if (!OSSL_PARAM_get_uint(p, &pad)) { 635 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 636 return 0; 637 } 638 ctx->pad = pad ? 1 : 0; 639 } 640 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_USE_BITS); 641 if (p != NULL) { 642 unsigned int bits; 643 644 if (!OSSL_PARAM_get_uint(p, &bits)) { 645 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 646 return 0; 647 } 648 ctx->use_bits = bits ? 1 : 0; 649 } 650 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION); 651 if (p != NULL) { 652 if (!OSSL_PARAM_get_uint(p, &ctx->tlsversion)) { 653 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 654 return 0; 655 } 656 } 657 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_MAC_SIZE); 658 if (p != NULL) { 659 if (!OSSL_PARAM_get_size_t(p, &ctx->tlsmacsize)) { 660 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 661 return 0; 662 } 663 } 664 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM); 665 if (p != NULL) { 666 unsigned int num; 667 668 if (!OSSL_PARAM_get_uint(p, &num)) { 669 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 670 return 0; 671 } 672 ctx->num = num; 673 } 674 return 1; 675 } 676 677 int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, 678 size_t ivlen) 679 { 680 if (ivlen != ctx->ivlen 681 || ivlen > sizeof(ctx->iv)) { 682 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); 683 return 0; 684 } 685 ctx->iv_set = 1; 686 memcpy(ctx->iv, iv, ivlen); 687 memcpy(ctx->oiv, iv, ivlen); 688 return 1; 689 } 690 691 void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, 692 size_t ivbits, unsigned int mode, 693 uint64_t flags, const PROV_CIPHER_HW *hw, 694 void *provctx) 695 { 696 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 697 698 if ((flags & PROV_CIPHER_FLAG_INVERSE_CIPHER) != 0) 699 ctx->inverse_cipher = 1; 700 if ((flags & PROV_CIPHER_FLAG_VARIABLE_LENGTH) != 0) 701 ctx->variable_keylength = 1; 702 703 ctx->pad = 1; 704 ctx->keylen = ((kbits) / 8); 705 ctx->ivlen = ((ivbits) / 8); 706 ctx->hw = hw; 707 ctx->mode = mode; 708 ctx->blocksize = blkbits / 8; 709 if (provctx != NULL) 710 ctx->libctx = PROV_LIBCTX_OF(provctx); /* used for rand */ 711 } 712