]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/evp/evp_lib.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Support cipher provider "iv state"
[thirdparty/openssl.git] / crypto / evp / evp_lib.c
CommitLineData
62867571 1/*
33388b44 2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
58964a49 3 *
4a8b0c55 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
62867571
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
58964a49
RE		 8 */
9
41bbba53
P		 10/*
11 * EVP _meth_ APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14#include "internal/deprecated.h"
15
58964a49 16#include <stdio.h>
b39fc560 17#include "internal/cryptlib.h"
ec577822
BM		 18#include <openssl/evp.h>
19#include <openssl/objects.h>
718b133a
MC		 20#include <openssl/params.h>
21#include <openssl/core_names.h>
ff64702b 22#include <openssl/dh.h>
023b188c 23#include <openssl/ec.h>
25f2138b 24#include "crypto/evp.h"
3653d0c2 25#include "internal/provider.h"
706457b7 26#include "evp_local.h"
58964a49 27
f844f9eb 28#if !defined(FIPS_MODULE)
6b691a5c 29int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
0f113f3e 30{
c96399e2 31 int ret = -1; /* Assume the worst */
718b133a 32 const EVP_CIPHER *cipher = c->cipher;
0f113f3e 33
c96399e2
RL		 34 /*
35 * For legacy implementations, we detect custom AlgorithmIdentifier
36 * parameter handling by checking if the function pointer
37 * cipher->set_asn1_parameters is set. We know that this pointer
38 * is NULL for provided implementations.
39 *
40 * Otherwise, for any implementation, we check the flag
41 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
42 * default AI parameter extraction.
43 *
44 * Otherwise, for provided implementations, we convert |type| to
45 * a DER encoded blob and pass to the implementation in OSSL_PARAM
46 * form.
47 *
48 * If none of the above applies, this operation is unsupported.
49 */
50 if (cipher->set_asn1_parameters != NULL) {
718b133a 51 ret = cipher->set_asn1_parameters(c, type);
c96399e2 52 } else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
718b133a 53 switch (EVP_CIPHER_mode(cipher)) {
2acdef5e 54 case EVP_CIPH_WRAP_MODE:
c96399e2 55 if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap))
4ec36aff 56 ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
0f113f3e 57 ret = 1;
2acdef5e
DSH		 58 break;
59
60 case EVP_CIPH_GCM_MODE:
61 case EVP_CIPH_CCM_MODE:
62 case EVP_CIPH_XTS_MODE:
63 case EVP_CIPH_OCB_MODE:
49c9c1b3 64 ret = -2;
2acdef5e
DSH		 65 break;
66
67 default:
0f113f3e 68 ret = EVP_CIPHER_set_asn1_iv(c, type);
2acdef5e 69 }
c96399e2
RL		 70 } else if (cipher->prov != NULL) {
71 OSSL_PARAM params[3], *p = params;
72 unsigned char *der = NULL, *derp;
73
74 /*
75 * We make two passes, the first to get the appropriate buffer size,
76 * and the second to get the actual value.
77 */
78 *p++ = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
79 NULL, 0);
80 *p = OSSL_PARAM_construct_end();
81
82 if (!EVP_CIPHER_CTX_get_params(c, params))
83 goto err;
84
85 /* ... but, we should get a return size too! */
99ea4f02
P		 86 if (OSSL_PARAM_modified(params)
87 && params[0].return_size != 0
c96399e2
RL		 88 && (der = OPENSSL_malloc(params[0].return_size)) != NULL) {
89 params[0].data = der;
90 params[0].data_size = params[0].return_size;
99ea4f02 91 OSSL_PARAM_set_all_unmodified(params);
c96399e2
RL		 92 derp = der;
93 if (EVP_CIPHER_CTX_get_params(c, params)
99ea4f02 94 && OSSL_PARAM_modified(params)
c96399e2
RL		 95 && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
96 params[0].return_size) != NULL) {
97 ret = 1;
98 }
99 OPENSSL_free(der);
100 }
101 } else {
102 ret = -2;
103 }
104
105 err:
51ba9ebd
RS		 106 if (ret == -2)
107 EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, ASN1_R_UNSUPPORTED_CIPHER);
108 else if (ret <= 0)
109 EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, EVP_R_CIPHER_PARAMETER_ERROR);
49c9c1b3
DO		 110 if (ret < -1)
111 ret = -1;
26a7d938 112 return ret;
0f113f3e 113}
58964a49 114
6b691a5c 115int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
0f113f3e 116{
c96399e2 117 int ret = -1; /* Assume the worst */
718b133a
MC		 118 const EVP_CIPHER *cipher = c->cipher;
119
c96399e2
RL		 120 /*
121 * For legacy implementations, we detect custom AlgorithmIdentifier
122 * parameter handling by checking if there the function pointer
123 * cipher->get_asn1_parameters is set. We know that this pointer
124 * is NULL for provided implementations.
125 *
126 * Otherwise, for any implementation, we check the flag
127 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
128 * default AI parameter creation.
129 *
130 * Otherwise, for provided implementations, we get the AI parameter
131 * in DER encoded form from the implementation by requesting the
132 * appropriate OSSL_PARAM and converting the result to a ASN1_TYPE.
133 *
134 * If none of the above applies, this operation is unsupported.
135 */
136 if (cipher->get_asn1_parameters != NULL) {
718b133a 137 ret = cipher->get_asn1_parameters(c, type);
c96399e2 138 } else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
718b133a 139 switch (EVP_CIPHER_mode(cipher)) {
2acdef5e
DSH		 140 case EVP_CIPH_WRAP_MODE:
141 ret = 1;
142 break;
143
144 case EVP_CIPH_GCM_MODE:
145 case EVP_CIPH_CCM_MODE:
146 case EVP_CIPH_XTS_MODE:
147 case EVP_CIPH_OCB_MODE:
49c9c1b3 148 ret = -2;
2acdef5e
DSH		 149 break;
150
151 default:
152 ret = EVP_CIPHER_get_asn1_iv(c, type);
2acdef5e 153 }
c96399e2
RL		 154 } else if (cipher->prov != NULL) {
155 OSSL_PARAM params[3], *p = params;
156 unsigned char *der = NULL;
157 int derl = -1;
158
159 if ((derl = i2d_ASN1_TYPE(type, &der)) >= 0) {
160 *p++ =
161 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
162 der, (size_t)derl);
163 *p = OSSL_PARAM_construct_end();
164 if (EVP_CIPHER_CTX_set_params(c, params))
165 ret = 1;
166 OPENSSL_free(der);
167 }
168 } else {
169 ret = -2;
170 }
171
51ba9ebd
RS		 172 if (ret == -2)
173 EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_UNSUPPORTED_CIPHER);
174 else if (ret <= 0)
175 EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_CIPHER_PARAMETER_ERROR);
49c9c1b3
DO		 176 if (ret < -1)
177 ret = -1;
26a7d938 178 return ret;
0f113f3e 179}
58964a49 180
718b133a 181int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type)
0f113f3e
MC		 182{
183 int i = 0;
184 unsigned int l;
185
186 if (type != NULL) {
718b133a
MC		 187 unsigned char iv[EVP_MAX_IV_LENGTH];
188
189 l = EVP_CIPHER_CTX_iv_length(ctx);
190 if (!ossl_assert(l <= sizeof(iv)))
191 return -1;
192 i = ASN1_TYPE_get_octetstring(type, iv, l);
0f113f3e 193 if (i != (int)l)
26a7d938 194 return -1;
718b133a
MC		 195
196 if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1))
197 return -1;
0f113f3e 198 }
26a7d938 199 return i;
0f113f3e 200}
58964a49 201
6b691a5c 202int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
0f113f3e
MC		 203{
204 int i = 0;
205 unsigned int j;
089cb623 206 unsigned char *oiv = NULL;
0f113f3e
MC		 207
208 if (type != NULL) {
089cb623 209 oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c);
0f113f3e
MC		 210 j = EVP_CIPHER_CTX_iv_length(c);
211 OPENSSL_assert(j <= sizeof(c->iv));
089cb623 212 i = ASN1_TYPE_set_octetstring(type, oiv, j);
0f113f3e 213 }
26a7d938 214 return i;
0f113f3e 215}
f844f9eb 216#endif /* !defined(FIPS_MODULE) */
884e8ec6
DSH		 217
218/* Convert the various cipher NIDs and dummies to a proper OID NID */
84fa704c 219int EVP_CIPHER_type(const EVP_CIPHER *ctx)
884e8ec6 220{
0f113f3e 221 int nid;
0f113f3e 222 nid = EVP_CIPHER_nid(ctx);
884e8ec6 223
0f113f3e 224 switch (nid) {
884e8ec6 225
0f113f3e
MC		 226 case NID_rc2_cbc:
227 case NID_rc2_64_cbc:
228 case NID_rc2_40_cbc:
884e8ec6 229
0f113f3e 230 return NID_rc2_cbc;
884e8ec6 231
0f113f3e
MC		 232 case NID_rc4:
233 case NID_rc4_40:
884e8ec6 234
0f113f3e 235 return NID_rc4;
884e8ec6 236
0f113f3e
MC		 237 case NID_aes_128_cfb128:
238 case NID_aes_128_cfb8:
239 case NID_aes_128_cfb1:
8d1ebe0b 240
0f113f3e 241 return NID_aes_128_cfb128;
8d1ebe0b 242
0f113f3e
MC		 243 case NID_aes_192_cfb128:
244 case NID_aes_192_cfb8:
245 case NID_aes_192_cfb1:
8d1ebe0b 246
0f113f3e 247 return NID_aes_192_cfb128;
8d1ebe0b 248
0f113f3e
MC		 249 case NID_aes_256_cfb128:
250 case NID_aes_256_cfb8:
251 case NID_aes_256_cfb1:
8d1ebe0b 252
0f113f3e 253 return NID_aes_256_cfb128;
8d1ebe0b 254
0f113f3e
MC		 255 case NID_des_cfb64:
256 case NID_des_cfb8:
257 case NID_des_cfb1:
8d1ebe0b 258
0f113f3e 259 return NID_des_cfb64;
8d1ebe0b 260
0f113f3e
MC		 261 case NID_des_ede3_cfb64:
262 case NID_des_ede3_cfb8:
263 case NID_des_ede3_cfb1:
7e765bf2 264
0f113f3e 265 return NID_des_cfb64;
7e765bf2 266
0f113f3e 267 default:
f844f9eb 268#ifdef FIPS_MODULE
319e518a
MC		 269 return NID_undef;
270#else
271 {
272 /* Check it has an OID and it is valid */
273 ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
274
275 if (OBJ_get0_data(otmp) == NULL)
276 nid = NID_undef;
277 ASN1_OBJECT_free(otmp);
278 return nid;
279 }
280#endif
0f113f3e 281 }
884e8ec6
DSH		 282}
283
3c957bcd 284int evp_cipher_cache_constants(EVP_CIPHER *cipher)
0f113f3e 285{
1c3ace68 286 int ok;
3c957bcd
SL		 287 size_t ivlen = 0;
288 size_t blksz = 0;
289 size_t keylen = 0;
290 unsigned int mode = 0;
291 unsigned long flags = 0;
292 OSSL_PARAM params[6];
293
294 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz);
295 params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen);
296 params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
297 params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
298 params[4] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &flags);
299 params[5] = OSSL_PARAM_construct_end();
459b15d4 300 ok = evp_do_ciph_getparams(cipher, params);
3c957bcd
SL		 301 if (ok) {
302 /* Provided implementations may have a custom cipher_cipher */
303 if (cipher->prov != NULL && cipher->ccipher != NULL)
304 flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
305 cipher->block_size = blksz;
306 cipher->iv_len = ivlen;
307 cipher->key_len = keylen;
308 cipher->flags = flags | mode;
309 }
310 return ok;
311}
13273237 312
3c957bcd
SL		 313int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
314{
315 return cipher->block_size;
0f113f3e 316}
7806f3dd 317
6343829a 318int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
0f113f3e 319{
718b133a 320 return EVP_CIPHER_block_size(ctx->cipher);
0f113f3e 321}
7806f3dd 322
e79f8773
RL		 323int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
324{
325 return e->ctx_size;
326}
327
0f113f3e
MC		 328int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
329 const unsigned char *in, unsigned int inl)
330{
718b133a 331 if (ctx->cipher->prov != NULL) {
f7397f0d
RL		 332 /*
333 * If the provided implementation has a ccipher function, we use it,
334 * and translate its return value like this: 0 => -1, 1 => outlen
335 *
336 * Otherwise, we call the cupdate function if in != NULL, or cfinal
337 * if in == NULL. Regardless of which, we return what we got.
338 */
339 int ret = -1;
340 size_t outl = 0;
341 size_t blocksize = EVP_CIPHER_CTX_block_size(ctx);
f79858ac 342
718b133a 343 if (ctx->cipher->ccipher != NULL)
f7397f0d
RL		 344 ret = ctx->cipher->ccipher(ctx->provctx, out, &outl,
345 inl + (blocksize == 1 ? 0 : blocksize),
346 in, (size_t)inl)
347 ? (int)outl : -1;
348 else if (in != NULL)
349 ret = ctx->cipher->cupdate(ctx->provctx, out, &outl,
350 inl + (blocksize == 1 ? 0 : blocksize),
351 in, (size_t)inl);
352 else
353 ret = ctx->cipher->cfinal(ctx->provctx, out, &outl,
354 blocksize == 1 ? 0 : blocksize);
355
356 return ret;
718b133a
MC		 357 }
358
0f113f3e
MC		 359 return ctx->cipher->do_cipher(ctx, out, in, inl);
360}
7806f3dd
NL		 361
362const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
0f113f3e
MC		 363{
364 return ctx->cipher;
365}
7806f3dd 366
83b06347
RL		 367int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
368{
369 return ctx->encrypt;
370}
371
7806f3dd 372unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
0f113f3e 373{
3c957bcd 374 return cipher->flags;
0f113f3e 375}
7806f3dd 376
7806f3dd 377void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
0f113f3e
MC		 378{
379 return ctx->app_data;
380}
7806f3dd
NL		 381
382void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
0f113f3e
MC		 383{
384 ctx->app_data = data;
385}
7806f3dd 386
44ab2dfd 387void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
83b06347
RL		 388{
389 return ctx->cipher_data;
390}
391
98ee7543
MC		 392void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
393{
394 void *old_cipher_data;
395
396 old_cipher_data = ctx->cipher_data;
397 ctx->cipher_data = cipher_data;
398
399 return old_cipher_data;
400}
401
6343829a 402int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
0f113f3e 403{
3c957bcd 404 return cipher->iv_len;
0f113f3e 405}
7806f3dd 406
6343829a 407int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
0f113f3e 408{
88d87082
SL		 409 int rv, len = EVP_CIPHER_iv_length(ctx->cipher);
410 size_t v = len;
a672a02a
SL		 411 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
412
1c3ace68 413 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
7dddf2fc
SL		 414 rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
415 if (rv == EVP_CTRL_RET_UNSUPPORTED)
416 goto legacy;
1c3ace68 417 return rv != 0 ? (int)v : -1;
7dddf2fc
SL		 418 /* TODO (3.0) Remove legacy support */
419legacy:
420 if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
421 rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
422 0, &len);
88d87082 423 return (rv == 1) ? len : -1;
7dddf2fc 424 }
88d87082 425 return len;
0f113f3e 426}
7806f3dd 427
dc64dc2e
SL		 428int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
429{
430 int ret;
431 size_t v = 0;
432 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
433
434 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
435 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
436 return ret == 1 ? (int)v : 0;
437}
438
83b06347
RL		 439const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
440{
089cb623
SL		 441 int ok;
442 const unsigned char *v = ctx->oiv;
443 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
444
445 params[0] =
446 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
447 (void **)&v, sizeof(ctx->oiv));
448 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
449
450 return ok != 0 ? v : NULL;
83b06347
RL		 451}
452
13273237
RL		 453/*
454 * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
455 */
83b06347
RL		 456const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
457{
459b15d4 458 int ok;
13273237 459 const unsigned char *v = ctx->iv;
459b15d4 460 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
13273237 461
459b15d4 462 params[0] =
84890268 463 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
459b15d4
SL		 464 sizeof(ctx->iv));
465 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
466
467 return ok != 0 ? v : NULL;
83b06347
RL		 468}
469
470unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
471{
459b15d4 472 int ok;
13273237 473 unsigned char *v = ctx->iv;
459b15d4
SL		 474 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
475
476 params[0] =
84890268 477 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
459b15d4
SL		 478 sizeof(ctx->iv));
479 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
13273237 480
459b15d4 481 return ok != 0 ? v : NULL;
83b06347
RL		 482}
483
484unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
485{
486 return ctx->buf;
487}
488
489int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
490{
1c3ace68
SL		 491 int ok;
492 unsigned int v = (unsigned int)ctx->num;
459b15d4 493 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
13273237 494
1c3ace68 495 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
459b15d4
SL		 496 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
497
1c3ace68 498 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
83b06347
RL		 499}
500
13273237 501int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
83b06347 502{
459b15d4 503 int ok;
1c3ace68 504 unsigned int n = (unsigned int)num;
459b15d4 505 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
13273237 506
1c3ace68 507 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
459b15d4
SL		 508 ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
509
510 if (ok != 0)
1c3ace68 511 ctx->num = (int)n;
13273237 512 return ok != 0;
83b06347
RL		 513}
514
6343829a 515int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
0f113f3e 516{
3c957bcd 517 return cipher->key_len;
0f113f3e 518}
7806f3dd 519
6343829a 520int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
0f113f3e 521{
1c3ace68
SL		 522 int ok;
523 size_t v = ctx->key_len;
459b15d4
SL		 524 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
525
1c3ace68 526 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
459b15d4 527 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
13273237 528
1c3ace68 529 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
0f113f3e 530}
7806f3dd
NL		 531
532int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
0f113f3e
MC		 533{
534 return cipher->nid;
535}
7806f3dd
NL		 536
537int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
0f113f3e
MC		 538{
539 return ctx->cipher->nid;
540}
7806f3dd 541
7cfa1717
RL		 542int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
543{
e4a1d023
RL		 544 if (cipher->prov != NULL)
545 return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
546 return evp_is_a(NULL, 0, EVP_CIPHER_name(cipher), name);
7cfa1717
RL		 547}
548
506cb0f6
RL		 549int EVP_CIPHER_number(const EVP_CIPHER *cipher)
550{
551 return cipher->name_id;
552}
553
c750bc08
RL		 554const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
555{
556 if (cipher->prov != NULL)
f7c16d48 557 return evp_first_name(cipher->prov, cipher->name_id);
f844f9eb 558#ifndef FIPS_MODULE
c750bc08
RL		 559 return OBJ_nid2sn(EVP_CIPHER_nid(cipher));
560#else
561 return NULL;
562#endif
563}
564
f651c727
RL		 565void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
566 void (*fn)(const char *name, void *data),
567 void *data)
568{
569 if (cipher->prov != NULL)
570 evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
571}
572
1d2622d4
RL		 573const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher)
574{
575 return cipher->prov;
576}
577
718b133a
MC		 578int EVP_CIPHER_mode(const EVP_CIPHER *cipher)
579{
3c957bcd 580 return EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
459b15d4 581}
718b133a 582
251e610c
RL		 583int EVP_MD_is_a(const EVP_MD *md, const char *name)
584{
e4a1d023
RL		 585 if (md->prov != NULL)
586 return evp_is_a(md->prov, md->name_id, NULL, name);
587 return evp_is_a(NULL, 0, EVP_MD_name(md), name);
251e610c
RL		 588}
589
506cb0f6
RL		 590int EVP_MD_number(const EVP_MD *md)
591{
592 return md->name_id;
593}
594
c750bc08
RL		 595const char *EVP_MD_name(const EVP_MD *md)
596{
597 if (md->prov != NULL)
f7c16d48 598 return evp_first_name(md->prov, md->name_id);
f844f9eb 599#ifndef FIPS_MODULE
c750bc08
RL		 600 return OBJ_nid2sn(EVP_MD_nid(md));
601#else
602 return NULL;
603#endif
604}
605
f651c727
RL		 606void EVP_MD_names_do_all(const EVP_MD *md,
607 void (*fn)(const char *name, void *data),
608 void *data)
609{
610 if (md->prov != NULL)
611 evp_names_do_all(md->prov, md->name_id, fn, data);
612}
613
1d2622d4
RL		 614const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
615{
616 return md->prov;
617}
618
0f113f3e
MC		 619int EVP_MD_block_size(const EVP_MD *md)
620{
1c3ace68
SL		 621 int ok;
622 size_t v = md->block_size;
6a3b7c68
RL		 623 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
624
7556b9df
MC		 625 if (md == NULL) {
626 EVPerr(EVP_F_EVP_MD_BLOCK_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
627 return -1;
628 }
629
1c3ace68 630 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
6a3b7c68 631 ok = evp_do_md_getparams(md, params);
7556b9df 632
1c3ace68 633 return ok != 0 ? (int)v : -1;
0f113f3e 634}
7806f3dd
NL		 635
636int EVP_MD_type(const EVP_MD *md)
0f113f3e
MC		 637{
638 return md->type;
639}
7806f3dd
NL		 640
641int EVP_MD_pkey_type(const EVP_MD *md)
0f113f3e
MC		 642{
643 return md->pkey_type;
644}
7806f3dd 645
6343829a 646int EVP_MD_size(const EVP_MD *md)
0f113f3e 647{
1c3ace68
SL		 648 int ok;
649 size_t v = md->md_size;
6a3b7c68
RL		 650 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
651
652 if (md == NULL) {
0f113f3e
MC		 653 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
654 return -1;
655 }
8c8cf0d9 656
1c3ace68 657 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
6a3b7c68 658 ok = evp_do_md_getparams(md, params);
8c8cf0d9 659
1c3ace68 660 return ok != 0 ? (int)v : -1;
0f113f3e 661}
7806f3dd 662
e5fa864f 663unsigned long EVP_MD_flags(const EVP_MD *md)
0f113f3e 664{
6a3b7c68
RL		 665 int ok;
666 unsigned long v = md->flags;
667 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
668
669 params[0] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &v);
670 ok = evp_do_md_getparams(md, params);
671
672 return ok != 0 ? v : 0;
0f113f3e 673}
e5fa864f 674
2db6bf6f
RL		 675EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
676{
3fd70262 677 EVP_MD *md = evp_md_new();
43ecb9c3 678
2db6bf6f
RL		 679 if (md != NULL) {
680 md->type = md_type;
681 md->pkey_type = pkey_type;
682 }
683 return md;
684}
df05f2ce 685
2db6bf6f
RL		 686EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
687{
3fd70262
RL		 688 EVP_MD *to = NULL;
689
690 /*
691 * Non-legacy EVP_MDs can't be duplicated like this.
692 * Use EVP_MD_up_ref() instead.
693 */
694 if (md->prov != NULL)
695 return NULL;
43ecb9c3 696
3fd70262 697 if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
df05f2ce 698 CRYPTO_RWLOCK *lock = to->lock;
3fd70262 699
2db6bf6f 700 memcpy(to, md, sizeof(*to));
df05f2ce
MC		 701 to->lock = lock;
702 }
2db6bf6f
RL		 703 return to;
704}
3653d0c2 705
2db6bf6f
RL		 706void EVP_MD_meth_free(EVP_MD *md)
707{
3fd70262 708 EVP_MD_free(md);
2db6bf6f
RL		 709}
710int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
711{
8bbc7f22
DB		 712 if (md->block_size != 0)
713 return 0;
714
2db6bf6f
RL		 715 md->block_size = blocksize;
716 return 1;
717}
718int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize)
719{
8bbc7f22
DB		 720 if (md->md_size != 0)
721 return 0;
722
2db6bf6f
RL		 723 md->md_size = resultsize;
724 return 1;
725}
726int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
727{
8bbc7f22
DB		 728 if (md->ctx_size != 0)
729 return 0;
730
2db6bf6f
RL		 731 md->ctx_size = datasize;
732 return 1;
733}
734int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
735{
8bbc7f22
DB		 736 if (md->flags != 0)
737 return 0;
738
2db6bf6f
RL		 739 md->flags = flags;
740 return 1;
741}
742int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
743{
8bbc7f22
DB		 744 if (md->init != NULL)
745 return 0;
746
2db6bf6f
RL		 747 md->init = init;
748 return 1;
749}
750int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
751 const void *data,
752 size_t count))
753{
8bbc7f22
DB		 754 if (md->update != NULL)
755 return 0;
756
2db6bf6f
RL		 757 md->update = update;
758 return 1;
759}
760int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
761 unsigned char *md))
762{
8bbc7f22
DB		 763 if (md->final != NULL)
764 return 0;
765
2db6bf6f
RL		 766 md->final = final;
767 return 1;
768}
769int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
770 const EVP_MD_CTX *from))
771{
8bbc7f22
DB		 772 if (md->copy != NULL)
773 return 0;
774
2db6bf6f
RL		 775 md->copy = copy;
776 return 1;
777}
778int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
779{
8bbc7f22
DB		 780 if (md->cleanup != NULL)
781 return 0;
782
2db6bf6f
RL		 783 md->cleanup = cleanup;
784 return 1;
785}
786int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
787 int p1, void *p2))
788{
8bbc7f22
DB		 789 if (md->md_ctrl != NULL)
790 return 0;
791
2db6bf6f
RL		 792 md->md_ctrl = ctrl;
793 return 1;
794}
795
796int EVP_MD_meth_get_input_blocksize(const EVP_MD *md)
797{
798 return md->block_size;
799}
800int EVP_MD_meth_get_result_size(const EVP_MD *md)
801{
802 return md->md_size;
803}
804int EVP_MD_meth_get_app_datasize(const EVP_MD *md)
805{
806 return md->ctx_size;
807}
808unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
809{
8bfa99f0 810 return md->flags;
2db6bf6f
RL		 811}
812int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
813{
814 return md->init;
815}
816int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
817 const void *data,
818 size_t count)
819{
820 return md->update;
821}
822int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
823 unsigned char *md)
824{
825 return md->final;
826}
827int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
828 const EVP_MD_CTX *from)
829{
830 return md->copy;
831}
832int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
833{
834 return md->cleanup;
835}
836int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
837 int p1, void *p2)
838{
839 return md->md_ctrl;
840}
841
7806f3dd 842const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
0f113f3e 843{
b7c913c8 844 if (ctx == NULL)
0f113f3e 845 return NULL;
b7c913c8 846 return ctx->reqdigest;
0f113f3e 847}
7806f3dd 848
7638370c
RL		 849EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx)
850{
851 return ctx->pctx;
852}
853
f844f9eb 854#if !defined(FIPS_MODULE)
319e518a 855/* TODO(3.0): EVP_DigestSign* not yet supported in FIPS module */
00902d94
PY		 856void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
857{
81c79453
PY		 858 /*
859 * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
860 * we have to deal with the cleanup job here.
861 */
862 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
863 EVP_PKEY_CTX_free(ctx->pctx);
864
00902d94 865 ctx->pctx = pctx;
81c79453
PY		 866
867 if (pctx != NULL) {
868 /* make sure pctx is not freed when destroying EVP_MD_CTX */
869 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
870 } else {
871 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
872 }
00902d94 873}
f844f9eb 874#endif /* !defined(FIPS_MODULE) */
00902d94 875
7638370c
RL		 876void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx)
877{
878 return ctx->md_data;
879}
880
881int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
882 const void *data, size_t count)
883{
884 return ctx->update;
885}
886
887void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
888 int (*update) (EVP_MD_CTX *ctx,
889 const void *data, size_t count))
890{
891 ctx->update = update;
892}
893
7806f3dd 894void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
0f113f3e
MC		 895{
896 ctx->flags |= flags;
897}
7806f3dd
NL		 898
899void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
0f113f3e
MC		 900{
901 ctx->flags &= ~flags;
902}
7806f3dd
NL		 903
904int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
0f113f3e
MC		 905{
906 return (ctx->flags & flags);
907}
e92f9f45
DSH		 908
909void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
0f113f3e
MC		 910{
911 ctx->flags |= flags;
912}
e92f9f45
DSH		 913
914void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
0f113f3e
MC		 915{
916 ctx->flags &= ~flags;
917}
e92f9f45
DSH		 918
919int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
0f113f3e
MC		 920{
921 return (ctx->flags & flags);
922}
f842b6b2
RL		 923
924int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
925 void *ctx, int cmd, const char *value)
926{
927 size_t len;
928
929 len = strlen(value);
930 if (len > INT_MAX)
931 return -1;
932 return cb(ctx, cmd, (void *)value, len);
933}
934
935int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
936 void *ctx, int cmd, const char *hex)
937{
938 unsigned char *bin;
939 long binlen;
940 int rv = -1;
941
942 bin = OPENSSL_hexstr2buf(hex, &binlen);
943 if (bin == NULL)
944 return 0;
945 if (binlen <= INT_MAX)
946 rv = cb(ctx, cmd, bin, binlen);
947 OPENSSL_free(bin);
948 return rv;
949}
11a1b341
MC		 950
951int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name)
952{
953 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
954 OSSL_PARAM *p = params;
955
023b188c
MC		 956 if (ctx == NULL) {
957 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
958 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
959 return -2;
960 }
961
962 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
963#ifndef FIPS_MODULE
964 int nid;
965
966 /* Could be a legacy key, try and convert to a ctrl */
967 if (ctx->pmeth != NULL && (nid = OBJ_txt2nid(name)) != NID_undef) {
968# ifndef OPENSSL_NO_DH
969 if (ctx->pmeth->pkey_id == EVP_PKEY_DH)
970 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
971 EVP_PKEY_OP_PARAMGEN
972 | EVP_PKEY_OP_KEYGEN,
973 EVP_PKEY_CTRL_DH_NID, nid, NULL);
974# endif
975# ifndef OPENSSL_NO_EC
976 if (ctx->pmeth->pkey_id == EVP_PKEY_EC)
977 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
978 EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
979 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
980 nid, NULL);
981# endif
982 }
983#endif
11a1b341
MC		 984 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
985 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
986 return -2;
987 }
988
989 if (name == NULL)
990 return -1;
991
992 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
993 (char *)name, 0);
994 return EVP_PKEY_CTX_set_params(ctx, params);
995}
996
997int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
998{
999 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1000 OSSL_PARAM *p = params;
1001
1002 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
023b188c 1003 /* There is no legacy support for this */
11a1b341
MC		 1004 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1005 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1006 return -2;
1007 }
1008
1009 if (name == NULL)
1010 return -1;
1011
1012 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1013 name, namelen);
1014 if (!EVP_PKEY_CTX_get_params(ctx, params))
1015 return -1;
1016 return 1;
1017}
A mirror of the official openssl repository