]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/evp/evp_lib.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
apps/cmp.c: Allow default HTTP path (aka CMP alias) given with -server option
[thirdparty/openssl.git] / crypto / evp / evp_lib.c
CommitLineData
62867571 1/*
33388b44 2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
58964a49 3 *
4a8b0c55 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
62867571
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
58964a49
RE		 8 */
9
41bbba53
P		 10/*
11 * EVP _meth_ APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14#include "internal/deprecated.h"
15
58964a49 16#include <stdio.h>
b39fc560 17#include "internal/cryptlib.h"
ec577822
BM		 18#include <openssl/evp.h>
19#include <openssl/objects.h>
718b133a
MC		 20#include <openssl/params.h>
21#include <openssl/core_names.h>
ff64702b 22#include <openssl/dh.h>
023b188c 23#include <openssl/ec.h>
25f2138b 24#include "crypto/evp.h"
3653d0c2 25#include "internal/provider.h"
706457b7 26#include "evp_local.h"
58964a49 27
f844f9eb 28#if !defined(FIPS_MODULE)
6b691a5c 29int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
0f113f3e 30{
c96399e2 31 int ret = -1; /* Assume the worst */
718b133a 32 const EVP_CIPHER *cipher = c->cipher;
0f113f3e 33
c96399e2
RL		 34 /*
35 * For legacy implementations, we detect custom AlgorithmIdentifier
36 * parameter handling by checking if the function pointer
37 * cipher->set_asn1_parameters is set. We know that this pointer
38 * is NULL for provided implementations.
39 *
40 * Otherwise, for any implementation, we check the flag
41 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
42 * default AI parameter extraction.
43 *
44 * Otherwise, for provided implementations, we convert |type| to
45 * a DER encoded blob and pass to the implementation in OSSL_PARAM
46 * form.
47 *
48 * If none of the above applies, this operation is unsupported.
49 */
50 if (cipher->set_asn1_parameters != NULL) {
718b133a 51 ret = cipher->set_asn1_parameters(c, type);
c96399e2 52 } else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
718b133a 53 switch (EVP_CIPHER_mode(cipher)) {
2acdef5e 54 case EVP_CIPH_WRAP_MODE:
c96399e2 55 if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap))
4ec36aff 56 ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
0f113f3e 57 ret = 1;
2acdef5e
DSH		 58 break;
59
60 case EVP_CIPH_GCM_MODE:
61 case EVP_CIPH_CCM_MODE:
62 case EVP_CIPH_XTS_MODE:
63 case EVP_CIPH_OCB_MODE:
49c9c1b3 64 ret = -2;
2acdef5e
DSH		 65 break;
66
67 default:
0f113f3e 68 ret = EVP_CIPHER_set_asn1_iv(c, type);
2acdef5e 69 }
c96399e2
RL		 70 } else if (cipher->prov != NULL) {
71 OSSL_PARAM params[3], *p = params;
72 unsigned char *der = NULL, *derp;
73
74 /*
75 * We make two passes, the first to get the appropriate buffer size,
76 * and the second to get the actual value.
77 */
78 *p++ = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
79 NULL, 0);
80 *p = OSSL_PARAM_construct_end();
81
82 if (!EVP_CIPHER_CTX_get_params(c, params))
83 goto err;
84
85 /* ... but, we should get a return size too! */
99ea4f02
P		 86 if (OSSL_PARAM_modified(params)
87 && params[0].return_size != 0
c96399e2
RL		 88 && (der = OPENSSL_malloc(params[0].return_size)) != NULL) {
89 params[0].data = der;
90 params[0].data_size = params[0].return_size;
99ea4f02 91 OSSL_PARAM_set_all_unmodified(params);
c96399e2
RL		 92 derp = der;
93 if (EVP_CIPHER_CTX_get_params(c, params)
99ea4f02 94 && OSSL_PARAM_modified(params)
c96399e2
RL		 95 && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
96 params[0].return_size) != NULL) {
97 ret = 1;
98 }
99 OPENSSL_free(der);
100 }
101 } else {
102 ret = -2;
103 }
104
105 err:
51ba9ebd
RS		 106 if (ret == -2)
107 EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, ASN1_R_UNSUPPORTED_CIPHER);
108 else if (ret <= 0)
109 EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, EVP_R_CIPHER_PARAMETER_ERROR);
49c9c1b3
DO		 110 if (ret < -1)
111 ret = -1;
26a7d938 112 return ret;
0f113f3e 113}
58964a49 114
6b691a5c 115int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
0f113f3e 116{
c96399e2 117 int ret = -1; /* Assume the worst */
718b133a
MC		 118 const EVP_CIPHER *cipher = c->cipher;
119
c96399e2
RL		 120 /*
121 * For legacy implementations, we detect custom AlgorithmIdentifier
122 * parameter handling by checking if there the function pointer
123 * cipher->get_asn1_parameters is set. We know that this pointer
124 * is NULL for provided implementations.
125 *
126 * Otherwise, for any implementation, we check the flag
127 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
128 * default AI parameter creation.
129 *
130 * Otherwise, for provided implementations, we get the AI parameter
131 * in DER encoded form from the implementation by requesting the
132 * appropriate OSSL_PARAM and converting the result to a ASN1_TYPE.
133 *
134 * If none of the above applies, this operation is unsupported.
135 */
136 if (cipher->get_asn1_parameters != NULL) {
718b133a 137 ret = cipher->get_asn1_parameters(c, type);
c96399e2 138 } else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
718b133a 139 switch (EVP_CIPHER_mode(cipher)) {
2acdef5e
DSH		 140 case EVP_CIPH_WRAP_MODE:
141 ret = 1;
142 break;
143
144 case EVP_CIPH_GCM_MODE:
145 case EVP_CIPH_CCM_MODE:
146 case EVP_CIPH_XTS_MODE:
147 case EVP_CIPH_OCB_MODE:
49c9c1b3 148 ret = -2;
2acdef5e
DSH		 149 break;
150
151 default:
152 ret = EVP_CIPHER_get_asn1_iv(c, type);
2acdef5e 153 }
c96399e2
RL		 154 } else if (cipher->prov != NULL) {
155 OSSL_PARAM params[3], *p = params;
156 unsigned char *der = NULL;
157 int derl = -1;
158
159 if ((derl = i2d_ASN1_TYPE(type, &der)) >= 0) {
160 *p++ =
161 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
162 der, (size_t)derl);
163 *p = OSSL_PARAM_construct_end();
164 if (EVP_CIPHER_CTX_set_params(c, params))
165 ret = 1;
166 OPENSSL_free(der);
167 }
168 } else {
169 ret = -2;
170 }
171
51ba9ebd
RS		 172 if (ret == -2)
173 EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_UNSUPPORTED_CIPHER);
174 else if (ret <= 0)
175 EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_CIPHER_PARAMETER_ERROR);
49c9c1b3
DO		 176 if (ret < -1)
177 ret = -1;
26a7d938 178 return ret;
0f113f3e 179}
58964a49 180
718b133a 181int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type)
0f113f3e
MC		 182{
183 int i = 0;
184 unsigned int l;
185
186 if (type != NULL) {
718b133a
MC		 187 unsigned char iv[EVP_MAX_IV_LENGTH];
188
189 l = EVP_CIPHER_CTX_iv_length(ctx);
190 if (!ossl_assert(l <= sizeof(iv)))
191 return -1;
192 i = ASN1_TYPE_get_octetstring(type, iv, l);
0f113f3e 193 if (i != (int)l)
26a7d938 194 return -1;
718b133a
MC		 195
196 if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1))
197 return -1;
0f113f3e 198 }
26a7d938 199 return i;
0f113f3e 200}
58964a49 201
6b691a5c 202int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
0f113f3e
MC		 203{
204 int i = 0;
205 unsigned int j;
f43c947d 206 unsigned char oiv[EVP_MAX_IV_LENGTH];
0f113f3e 207
f43c947d 208 if (type != NULL && EVP_CIPHER_CTX_get_iv(c, oiv, sizeof(oiv))) {
0f113f3e
MC		 209 j = EVP_CIPHER_CTX_iv_length(c);
210 OPENSSL_assert(j <= sizeof(c->iv));
089cb623 211 i = ASN1_TYPE_set_octetstring(type, oiv, j);
0f113f3e 212 }
26a7d938 213 return i;
0f113f3e 214}
f844f9eb 215#endif /* !defined(FIPS_MODULE) */
884e8ec6
DSH		 216
217/* Convert the various cipher NIDs and dummies to a proper OID NID */
84fa704c 218int EVP_CIPHER_type(const EVP_CIPHER *ctx)
884e8ec6 219{
0f113f3e 220 int nid;
0f113f3e 221 nid = EVP_CIPHER_nid(ctx);
884e8ec6 222
0f113f3e 223 switch (nid) {
884e8ec6 224
0f113f3e
MC		 225 case NID_rc2_cbc:
226 case NID_rc2_64_cbc:
227 case NID_rc2_40_cbc:
884e8ec6 228
0f113f3e 229 return NID_rc2_cbc;
884e8ec6 230
0f113f3e
MC		 231 case NID_rc4:
232 case NID_rc4_40:
884e8ec6 233
0f113f3e 234 return NID_rc4;
884e8ec6 235
0f113f3e
MC		 236 case NID_aes_128_cfb128:
237 case NID_aes_128_cfb8:
238 case NID_aes_128_cfb1:
8d1ebe0b 239
0f113f3e 240 return NID_aes_128_cfb128;
8d1ebe0b 241
0f113f3e
MC		 242 case NID_aes_192_cfb128:
243 case NID_aes_192_cfb8:
244 case NID_aes_192_cfb1:
8d1ebe0b 245
0f113f3e 246 return NID_aes_192_cfb128;
8d1ebe0b 247
0f113f3e
MC		 248 case NID_aes_256_cfb128:
249 case NID_aes_256_cfb8:
250 case NID_aes_256_cfb1:
8d1ebe0b 251
0f113f3e 252 return NID_aes_256_cfb128;
8d1ebe0b 253
0f113f3e
MC		 254 case NID_des_cfb64:
255 case NID_des_cfb8:
256 case NID_des_cfb1:
8d1ebe0b 257
0f113f3e 258 return NID_des_cfb64;
8d1ebe0b 259
0f113f3e
MC		 260 case NID_des_ede3_cfb64:
261 case NID_des_ede3_cfb8:
262 case NID_des_ede3_cfb1:
7e765bf2 263
0f113f3e 264 return NID_des_cfb64;
7e765bf2 265
0f113f3e 266 default:
f844f9eb 267#ifdef FIPS_MODULE
319e518a
MC		 268 return NID_undef;
269#else
270 {
271 /* Check it has an OID and it is valid */
272 ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
273
274 if (OBJ_get0_data(otmp) == NULL)
275 nid = NID_undef;
276 ASN1_OBJECT_free(otmp);
277 return nid;
278 }
279#endif
0f113f3e 280 }
884e8ec6
DSH		 281}
282
3c957bcd 283int evp_cipher_cache_constants(EVP_CIPHER *cipher)
0f113f3e 284{
1c3ace68 285 int ok;
3c957bcd
SL		 286 size_t ivlen = 0;
287 size_t blksz = 0;
288 size_t keylen = 0;
289 unsigned int mode = 0;
290 unsigned long flags = 0;
291 OSSL_PARAM params[6];
292
293 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz);
294 params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen);
295 params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
296 params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
297 params[4] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &flags);
298 params[5] = OSSL_PARAM_construct_end();
459b15d4 299 ok = evp_do_ciph_getparams(cipher, params);
3c957bcd
SL		 300 if (ok) {
301 /* Provided implementations may have a custom cipher_cipher */
302 if (cipher->prov != NULL && cipher->ccipher != NULL)
303 flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
304 cipher->block_size = blksz;
305 cipher->iv_len = ivlen;
306 cipher->key_len = keylen;
307 cipher->flags = flags | mode;
308 }
309 return ok;
310}
13273237 311
3c957bcd
SL		 312int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
313{
314 return cipher->block_size;
0f113f3e 315}
7806f3dd 316
6343829a 317int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
0f113f3e 318{
718b133a 319 return EVP_CIPHER_block_size(ctx->cipher);
0f113f3e 320}
7806f3dd 321
e79f8773
RL		 322int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
323{
324 return e->ctx_size;
325}
326
0f113f3e
MC		 327int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
328 const unsigned char *in, unsigned int inl)
329{
718b133a 330 if (ctx->cipher->prov != NULL) {
f7397f0d
RL		 331 /*
332 * If the provided implementation has a ccipher function, we use it,
333 * and translate its return value like this: 0 => -1, 1 => outlen
334 *
335 * Otherwise, we call the cupdate function if in != NULL, or cfinal
336 * if in == NULL. Regardless of which, we return what we got.
337 */
338 int ret = -1;
339 size_t outl = 0;
340 size_t blocksize = EVP_CIPHER_CTX_block_size(ctx);
f79858ac 341
718b133a 342 if (ctx->cipher->ccipher != NULL)
f7397f0d
RL		 343 ret = ctx->cipher->ccipher(ctx->provctx, out, &outl,
344 inl + (blocksize == 1 ? 0 : blocksize),
345 in, (size_t)inl)
346 ? (int)outl : -1;
347 else if (in != NULL)
348 ret = ctx->cipher->cupdate(ctx->provctx, out, &outl,
349 inl + (blocksize == 1 ? 0 : blocksize),
350 in, (size_t)inl);
351 else
352 ret = ctx->cipher->cfinal(ctx->provctx, out, &outl,
353 blocksize == 1 ? 0 : blocksize);
354
355 return ret;
718b133a
MC		 356 }
357
0f113f3e
MC		 358 return ctx->cipher->do_cipher(ctx, out, in, inl);
359}
7806f3dd
NL		 360
361const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
0f113f3e
MC		 362{
363 return ctx->cipher;
364}
7806f3dd 365
83b06347
RL		 366int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
367{
368 return ctx->encrypt;
369}
370
7806f3dd 371unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
0f113f3e 372{
3c957bcd 373 return cipher->flags;
0f113f3e 374}
7806f3dd 375
7806f3dd 376void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
0f113f3e
MC		 377{
378 return ctx->app_data;
379}
7806f3dd
NL		 380
381void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
0f113f3e
MC		 382{
383 ctx->app_data = data;
384}
7806f3dd 385
44ab2dfd 386void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
83b06347
RL		 387{
388 return ctx->cipher_data;
389}
390
98ee7543
MC		 391void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
392{
393 void *old_cipher_data;
394
395 old_cipher_data = ctx->cipher_data;
396 ctx->cipher_data = cipher_data;
397
398 return old_cipher_data;
399}
400
6343829a 401int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
0f113f3e 402{
3c957bcd 403 return cipher->iv_len;
0f113f3e 404}
7806f3dd 405
6343829a 406int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
0f113f3e 407{
88d87082
SL		 408 int rv, len = EVP_CIPHER_iv_length(ctx->cipher);
409 size_t v = len;
a672a02a
SL		 410 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
411
1c3ace68 412 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
7dddf2fc
SL		 413 rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
414 if (rv == EVP_CTRL_RET_UNSUPPORTED)
415 goto legacy;
1c3ace68 416 return rv != 0 ? (int)v : -1;
7dddf2fc
SL		 417 /* TODO (3.0) Remove legacy support */
418legacy:
419 if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
420 rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
421 0, &len);
88d87082 422 return (rv == 1) ? len : -1;
7dddf2fc 423 }
88d87082 424 return len;
0f113f3e 425}
7806f3dd 426
dc64dc2e
SL		 427int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
428{
429 int ret;
430 size_t v = 0;
431 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
432
433 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
434 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
435 return ret == 1 ? (int)v : 0;
436}
437
79f4417e 438#ifndef OPENSSL_NO_DEPRECATED_3_0
83b06347
RL		 439const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
440{
089cb623
SL		 441 int ok;
442 const unsigned char *v = ctx->oiv;
443 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
444
445 params[0] =
446 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
447 (void **)&v, sizeof(ctx->oiv));
448 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
449
450 return ok != 0 ? v : NULL;
83b06347
RL		 451}
452
13273237
RL		 453/*
454 * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
455 */
83b06347
RL		 456const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
457{
459b15d4 458 int ok;
13273237 459 const unsigned char *v = ctx->iv;
459b15d4 460 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
13273237 461
459b15d4 462 params[0] =
84890268 463 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
459b15d4
SL		 464 sizeof(ctx->iv));
465 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
466
467 return ok != 0 ? v : NULL;
83b06347
RL		 468}
469
470unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
471{
459b15d4 472 int ok;
13273237 473 unsigned char *v = ctx->iv;
459b15d4
SL		 474 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
475
476 params[0] =
84890268 477 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
459b15d4
SL		 478 sizeof(ctx->iv));
479 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
13273237 480
459b15d4 481 return ok != 0 ? v : NULL;
83b06347 482}
79f4417e
BK		 483#endif /* OPENSSL_NO_DEPRECATED_3_0_0 */
484
485int EVP_CIPHER_CTX_get_iv_state(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
486{
487 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
488
489 params[0] =
490 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV_STATE, buf, len);
491 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
492}
493
494int EVP_CIPHER_CTX_get_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
495{
496 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
497
498 params[0] =
499 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
500 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
501}
83b06347
RL		 502
503unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
504{
505 return ctx->buf;
506}
507
508int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
509{
1c3ace68
SL		 510 int ok;
511 unsigned int v = (unsigned int)ctx->num;
459b15d4 512 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
13273237 513
1c3ace68 514 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
459b15d4
SL		 515 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
516
1c3ace68 517 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
83b06347
RL		 518}
519
13273237 520int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
83b06347 521{
459b15d4 522 int ok;
1c3ace68 523 unsigned int n = (unsigned int)num;
459b15d4 524 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
13273237 525
1c3ace68 526 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
459b15d4
SL		 527 ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
528
529 if (ok != 0)
1c3ace68 530 ctx->num = (int)n;
13273237 531 return ok != 0;
83b06347
RL		 532}
533
6343829a 534int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
0f113f3e 535{
3c957bcd 536 return cipher->key_len;
0f113f3e 537}
7806f3dd 538
6343829a 539int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
0f113f3e 540{
1c3ace68
SL		 541 int ok;
542 size_t v = ctx->key_len;
459b15d4
SL		 543 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
544
1c3ace68 545 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
459b15d4 546 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
13273237 547
1c3ace68 548 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
0f113f3e 549}
7806f3dd
NL		 550
551int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
0f113f3e
MC		 552{
553 return cipher->nid;
554}
7806f3dd
NL		 555
556int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
0f113f3e
MC		 557{
558 return ctx->cipher->nid;
559}
7806f3dd 560
7cfa1717
RL		 561int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
562{
e4a1d023
RL		 563 if (cipher->prov != NULL)
564 return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
565 return evp_is_a(NULL, 0, EVP_CIPHER_name(cipher), name);
7cfa1717
RL		 566}
567
506cb0f6
RL		 568int EVP_CIPHER_number(const EVP_CIPHER *cipher)
569{
570 return cipher->name_id;
571}
572
c750bc08
RL		 573const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
574{
575 if (cipher->prov != NULL)
f7c16d48 576 return evp_first_name(cipher->prov, cipher->name_id);
f844f9eb 577#ifndef FIPS_MODULE
c750bc08
RL		 578 return OBJ_nid2sn(EVP_CIPHER_nid(cipher));
579#else
580 return NULL;
581#endif
582}
583
f651c727
RL		 584void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
585 void (*fn)(const char *name, void *data),
586 void *data)
587{
588 if (cipher->prov != NULL)
589 evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
590}
591
1d2622d4
RL		 592const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher)
593{
594 return cipher->prov;
595}
596
718b133a
MC		 597int EVP_CIPHER_mode(const EVP_CIPHER *cipher)
598{
3c957bcd 599 return EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
459b15d4 600}
718b133a 601
251e610c
RL		 602int EVP_MD_is_a(const EVP_MD *md, const char *name)
603{
e4a1d023
RL		 604 if (md->prov != NULL)
605 return evp_is_a(md->prov, md->name_id, NULL, name);
606 return evp_is_a(NULL, 0, EVP_MD_name(md), name);
251e610c
RL		 607}
608
506cb0f6
RL		 609int EVP_MD_number(const EVP_MD *md)
610{
611 return md->name_id;
612}
613
c750bc08
RL		 614const char *EVP_MD_name(const EVP_MD *md)
615{
616 if (md->prov != NULL)
f7c16d48 617 return evp_first_name(md->prov, md->name_id);
f844f9eb 618#ifndef FIPS_MODULE
c750bc08
RL		 619 return OBJ_nid2sn(EVP_MD_nid(md));
620#else
621 return NULL;
622#endif
623}
624
f651c727
RL		 625void EVP_MD_names_do_all(const EVP_MD *md,
626 void (*fn)(const char *name, void *data),
627 void *data)
628{
629 if (md->prov != NULL)
630 evp_names_do_all(md->prov, md->name_id, fn, data);
631}
632
1d2622d4
RL		 633const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
634{
635 return md->prov;
636}
637
0f113f3e
MC		 638int EVP_MD_block_size(const EVP_MD *md)
639{
1c3ace68 640 int ok;
1f9ad4f9 641 size_t v;
6a3b7c68
RL		 642 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
643
7556b9df
MC		 644 if (md == NULL) {
645 EVPerr(EVP_F_EVP_MD_BLOCK_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
646 return -1;
647 }
1f9ad4f9 648 v = md->block_size;
1c3ace68 649 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
6a3b7c68 650 ok = evp_do_md_getparams(md, params);
7556b9df 651
1c3ace68 652 return ok != 0 ? (int)v : -1;
0f113f3e 653}
7806f3dd
NL		 654
655int EVP_MD_type(const EVP_MD *md)
0f113f3e
MC		 656{
657 return md->type;
658}
7806f3dd
NL		 659
660int EVP_MD_pkey_type(const EVP_MD *md)
0f113f3e
MC		 661{
662 return md->pkey_type;
663}
7806f3dd 664
6343829a 665int EVP_MD_size(const EVP_MD *md)
0f113f3e 666{
1c3ace68 667 int ok;
1f9ad4f9 668 size_t v;
6a3b7c68
RL		 669 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
670
671 if (md == NULL) {
0f113f3e
MC		 672 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
673 return -1;
674 }
1f9ad4f9 675 v = md->md_size;
1c3ace68 676 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
6a3b7c68 677 ok = evp_do_md_getparams(md, params);
8c8cf0d9 678
1c3ace68 679 return ok != 0 ? (int)v : -1;
0f113f3e 680}
7806f3dd 681
e5fa864f 682unsigned long EVP_MD_flags(const EVP_MD *md)
0f113f3e 683{
6a3b7c68
RL		 684 int ok;
685 unsigned long v = md->flags;
686 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
687
688 params[0] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &v);
689 ok = evp_do_md_getparams(md, params);
690
691 return ok != 0 ? v : 0;
0f113f3e 692}
e5fa864f 693
2db6bf6f
RL		 694EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
695{
3fd70262 696 EVP_MD *md = evp_md_new();
43ecb9c3 697
2db6bf6f
RL		 698 if (md != NULL) {
699 md->type = md_type;
700 md->pkey_type = pkey_type;
701 }
702 return md;
703}
df05f2ce 704
2db6bf6f
RL		 705EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
706{
3fd70262
RL		 707 EVP_MD *to = NULL;
708
709 /*
710 * Non-legacy EVP_MDs can't be duplicated like this.
711 * Use EVP_MD_up_ref() instead.
712 */
713 if (md->prov != NULL)
714 return NULL;
43ecb9c3 715
3fd70262 716 if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
df05f2ce 717 CRYPTO_RWLOCK *lock = to->lock;
3fd70262 718
2db6bf6f 719 memcpy(to, md, sizeof(*to));
df05f2ce
MC		 720 to->lock = lock;
721 }
2db6bf6f
RL		 722 return to;
723}
3653d0c2 724
2db6bf6f
RL		 725void EVP_MD_meth_free(EVP_MD *md)
726{
3fd70262 727 EVP_MD_free(md);
2db6bf6f
RL		 728}
729int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
730{
8bbc7f22
DB		 731 if (md->block_size != 0)
732 return 0;
733
2db6bf6f
RL		 734 md->block_size = blocksize;
735 return 1;
736}
737int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize)
738{
8bbc7f22
DB		 739 if (md->md_size != 0)
740 return 0;
741
2db6bf6f
RL		 742 md->md_size = resultsize;
743 return 1;
744}
745int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
746{
8bbc7f22
DB		 747 if (md->ctx_size != 0)
748 return 0;
749
2db6bf6f
RL		 750 md->ctx_size = datasize;
751 return 1;
752}
753int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
754{
8bbc7f22
DB		 755 if (md->flags != 0)
756 return 0;
757
2db6bf6f
RL		 758 md->flags = flags;
759 return 1;
760}
761int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
762{
8bbc7f22
DB		 763 if (md->init != NULL)
764 return 0;
765
2db6bf6f
RL		 766 md->init = init;
767 return 1;
768}
769int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
770 const void *data,
771 size_t count))
772{
8bbc7f22
DB		 773 if (md->update != NULL)
774 return 0;
775
2db6bf6f
RL		 776 md->update = update;
777 return 1;
778}
779int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
780 unsigned char *md))
781{
8bbc7f22
DB		 782 if (md->final != NULL)
783 return 0;
784
2db6bf6f
RL		 785 md->final = final;
786 return 1;
787}
788int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
789 const EVP_MD_CTX *from))
790{
8bbc7f22
DB		 791 if (md->copy != NULL)
792 return 0;
793
2db6bf6f
RL		 794 md->copy = copy;
795 return 1;
796}
797int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
798{
8bbc7f22
DB		 799 if (md->cleanup != NULL)
800 return 0;
801
2db6bf6f
RL		 802 md->cleanup = cleanup;
803 return 1;
804}
805int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
806 int p1, void *p2))
807{
8bbc7f22
DB		 808 if (md->md_ctrl != NULL)
809 return 0;
810
2db6bf6f
RL		 811 md->md_ctrl = ctrl;
812 return 1;
813}
814
815int EVP_MD_meth_get_input_blocksize(const EVP_MD *md)
816{
817 return md->block_size;
818}
819int EVP_MD_meth_get_result_size(const EVP_MD *md)
820{
821 return md->md_size;
822}
823int EVP_MD_meth_get_app_datasize(const EVP_MD *md)
824{
825 return md->ctx_size;
826}
827unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
828{
8bfa99f0 829 return md->flags;
2db6bf6f
RL		 830}
831int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
832{
833 return md->init;
834}
835int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
836 const void *data,
837 size_t count)
838{
839 return md->update;
840}
841int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
842 unsigned char *md)
843{
844 return md->final;
845}
846int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
847 const EVP_MD_CTX *from)
848{
849 return md->copy;
850}
851int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
852{
853 return md->cleanup;
854}
855int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
856 int p1, void *p2)
857{
858 return md->md_ctrl;
859}
860
7806f3dd 861const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
0f113f3e 862{
b7c913c8 863 if (ctx == NULL)
0f113f3e 864 return NULL;
b7c913c8 865 return ctx->reqdigest;
0f113f3e 866}
7806f3dd 867
7638370c
RL		 868EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx)
869{
870 return ctx->pctx;
871}
872
f844f9eb 873#if !defined(FIPS_MODULE)
319e518a 874/* TODO(3.0): EVP_DigestSign* not yet supported in FIPS module */
00902d94
PY		 875void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
876{
81c79453
PY		 877 /*
878 * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
879 * we have to deal with the cleanup job here.
880 */
881 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
882 EVP_PKEY_CTX_free(ctx->pctx);
883
00902d94 884 ctx->pctx = pctx;
81c79453
PY		 885
886 if (pctx != NULL) {
887 /* make sure pctx is not freed when destroying EVP_MD_CTX */
888 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
889 } else {
890 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
891 }
00902d94 892}
f844f9eb 893#endif /* !defined(FIPS_MODULE) */
00902d94 894
7638370c
RL		 895void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx)
896{
897 return ctx->md_data;
898}
899
900int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
901 const void *data, size_t count)
902{
903 return ctx->update;
904}
905
906void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
907 int (*update) (EVP_MD_CTX *ctx,
908 const void *data, size_t count))
909{
910 ctx->update = update;
911}
912
7806f3dd 913void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
0f113f3e
MC		 914{
915 ctx->flags |= flags;
916}
7806f3dd
NL		 917
918void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
0f113f3e
MC		 919{
920 ctx->flags &= ~flags;
921}
7806f3dd
NL		 922
923int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
0f113f3e
MC		 924{
925 return (ctx->flags & flags);
926}
e92f9f45
DSH		 927
928void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
0f113f3e
MC		 929{
930 ctx->flags |= flags;
931}
e92f9f45
DSH		 932
933void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
0f113f3e
MC		 934{
935 ctx->flags &= ~flags;
936}
e92f9f45
DSH		 937
938int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
0f113f3e
MC		 939{
940 return (ctx->flags & flags);
941}
f842b6b2
RL		 942
943int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
944 void *ctx, int cmd, const char *value)
945{
946 size_t len;
947
948 len = strlen(value);
949 if (len > INT_MAX)
950 return -1;
951 return cb(ctx, cmd, (void *)value, len);
952}
953
954int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
955 void *ctx, int cmd, const char *hex)
956{
957 unsigned char *bin;
958 long binlen;
959 int rv = -1;
960
961 bin = OPENSSL_hexstr2buf(hex, &binlen);
962 if (bin == NULL)
963 return 0;
964 if (binlen <= INT_MAX)
965 rv = cb(ctx, cmd, bin, binlen);
966 OPENSSL_free(bin);
967 return rv;
968}
11a1b341
MC		 969
970int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name)
971{
972 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
973 OSSL_PARAM *p = params;
974
023b188c
MC		 975 if (ctx == NULL) {
976 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
977 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
978 return -2;
979 }
980
981 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
982#ifndef FIPS_MODULE
983 int nid;
984
985 /* Could be a legacy key, try and convert to a ctrl */
986 if (ctx->pmeth != NULL && (nid = OBJ_txt2nid(name)) != NID_undef) {
987# ifndef OPENSSL_NO_DH
988 if (ctx->pmeth->pkey_id == EVP_PKEY_DH)
989 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
990 EVP_PKEY_OP_PARAMGEN
991 | EVP_PKEY_OP_KEYGEN,
992 EVP_PKEY_CTRL_DH_NID, nid, NULL);
993# endif
994# ifndef OPENSSL_NO_EC
995 if (ctx->pmeth->pkey_id == EVP_PKEY_EC)
996 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
997 EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
998 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
999 nid, NULL);
1000# endif
1001 }
1002#endif
11a1b341
MC		 1003 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1004 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1005 return -2;
1006 }
1007
1008 if (name == NULL)
1009 return -1;
1010
1011 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1012 (char *)name, 0);
1013 return EVP_PKEY_CTX_set_params(ctx, params);
1014}
1015
1016int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
1017{
1018 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1019 OSSL_PARAM *p = params;
1020
1021 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
023b188c 1022 /* There is no legacy support for this */
11a1b341
MC		 1023 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1024 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1025 return -2;
1026 }
1027
1028 if (name == NULL)
1029 return -1;
1030
1031 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1032 name, namelen);
1033 if (!EVP_PKEY_CTX_get_params(ctx, params))
1034 return -1;
1035 return 1;
1036}
A mirror of the official openssl repository