]>
Commit | Line | Data |
---|---|---|
a14e9ff7 | 1 | /* |
33388b44 | 2 | * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. |
a14e9ff7 | 3 | * |
ab3fa1c0 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
440e5d80 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
a14e9ff7 MC |
8 | */ |
9 | ||
85d843c8 P |
10 | /* |
11 | * SHA-1 low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. Note, that due to symbols not being exported, only the | |
13 | * #defines and strucures can be accessed, in this case SHA_CBLOCK and | |
14 | * sizeof(SHA_CTX). | |
15 | */ | |
16 | #include "internal/deprecated.h" | |
17 | ||
c5f87134 | 18 | #include <openssl/opensslconf.h> |
f1f5ee17 AP |
19 | #if defined(_WIN32) |
20 | # include <windows.h> | |
21 | #endif | |
22 | ||
a14e9ff7 MC |
23 | #include <stdio.h> |
24 | #include <string.h> | |
25 | ||
26 | #include <openssl/engine.h> | |
27 | #include <openssl/sha.h> | |
2f2c9caa | 28 | #include <openssl/aes.h> |
a14e9ff7 MC |
29 | #include <openssl/rsa.h> |
30 | #include <openssl/evp.h> | |
31 | #include <openssl/async.h> | |
32 | #include <openssl/bn.h> | |
7b9f8f7f | 33 | #include <openssl/crypto.h> |
98ee7543 MC |
34 | #include <openssl/ssl.h> |
35 | #include <openssl/modes.h> | |
a14e9ff7 | 36 | |
6ce66ce0 | 37 | #if defined(OPENSSL_SYS_UNIX) && defined(OPENSSL_THREADS) |
ff75a257 MC |
38 | # undef ASYNC_POSIX |
39 | # define ASYNC_POSIX | |
40 | # include <unistd.h> | |
41 | #elif defined(_WIN32) | |
42 | # undef ASYNC_WIN | |
43 | # define ASYNC_WIN | |
ff75a257 MC |
44 | #endif |
45 | ||
a14e9ff7 MC |
46 | #include "e_dasync_err.c" |
47 | ||
48 | /* Engine Id and Name */ | |
49 | static const char *engine_dasync_id = "dasync"; | |
50 | static const char *engine_dasync_name = "Dummy Async engine support"; | |
51 | ||
52 | ||
53 | /* Engine Lifetime functions */ | |
54 | static int dasync_destroy(ENGINE *e); | |
55 | static int dasync_init(ENGINE *e); | |
56 | static int dasync_finish(ENGINE *e); | |
b3599dbb | 57 | void engine_load_dasync_int(void); |
a14e9ff7 MC |
58 | |
59 | ||
60 | /* Set up digests. Just SHA1 for now */ | |
61 | static int dasync_digests(ENGINE *e, const EVP_MD **digest, | |
62 | const int **nids, int nid); | |
63 | ||
f4da39d2 | 64 | static void dummy_pause_job(void); |
a14e9ff7 MC |
65 | |
66 | /* SHA1 */ | |
46a283c0 MC |
67 | static int dasync_sha1_init(EVP_MD_CTX *ctx); |
68 | static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
652d4a8c | 69 | size_t count); |
46a283c0 | 70 | static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); |
a14e9ff7 | 71 | |
11780ac3 MC |
72 | /* |
73 | * Holds the EVP_MD object for sha1 in this engine. Set up once only during | |
74 | * engine bind and can then be reused many times. | |
75 | */ | |
cddcea8c RL |
76 | static EVP_MD *_hidden_sha1_md = NULL; |
77 | static const EVP_MD *dasync_sha1(void) | |
78 | { | |
cddcea8c RL |
79 | return _hidden_sha1_md; |
80 | } | |
81 | static void destroy_digests(void) | |
82 | { | |
83 | EVP_MD_meth_free(_hidden_sha1_md); | |
84 | _hidden_sha1_md = NULL; | |
85 | } | |
11780ac3 | 86 | |
cddcea8c RL |
87 | static int dasync_digest_nids(const int **nids) |
88 | { | |
89 | static int digest_nids[2] = { 0, 0 }; | |
90 | static int pos = 0; | |
91 | static int init = 0; | |
92 | ||
93 | if (!init) { | |
94 | const EVP_MD *md; | |
95 | if ((md = dasync_sha1()) != NULL) | |
96 | digest_nids[pos++] = EVP_MD_type(md); | |
97 | digest_nids[pos] = 0; | |
98 | init = 1; | |
99 | } | |
100 | *nids = digest_nids; | |
101 | return pos; | |
102 | } | |
a14e9ff7 MC |
103 | |
104 | /* RSA */ | |
c5f87134 P |
105 | static int dasync_pkey(ENGINE *e, EVP_PKEY_METHOD **pmeth, |
106 | const int **pnids, int nid); | |
107 | ||
108 | static int dasync_rsa_init(EVP_PKEY_CTX *ctx); | |
109 | static void dasync_rsa_cleanup(EVP_PKEY_CTX *ctx); | |
110 | static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx); | |
111 | static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); | |
112 | static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx); | |
113 | static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); | |
114 | static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx); | |
115 | static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, | |
116 | size_t *outlen, const unsigned char *in, | |
117 | size_t inlen); | |
118 | static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx); | |
119 | static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, | |
120 | size_t *outlen, const unsigned char *in, | |
121 | size_t inlen); | |
122 | static int dasync_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); | |
123 | static int dasync_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, | |
124 | const char *value); | |
125 | ||
126 | static EVP_PKEY_METHOD *dasync_rsa; | |
127 | static const EVP_PKEY_METHOD *dasync_rsa_orig; | |
a14e9ff7 | 128 | |
98ee7543 MC |
129 | /* AES */ |
130 | ||
131 | static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
132 | void *ptr); | |
98ee7543 MC |
133 | static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
134 | const unsigned char *iv, int enc); | |
98ee7543 MC |
135 | static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
136 | const unsigned char *in, size_t inl); | |
98ee7543 MC |
137 | static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx); |
138 | ||
2f2c9caa MC |
139 | static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, |
140 | int arg, void *ptr); | |
141 | static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, | |
142 | const unsigned char *key, | |
143 | const unsigned char *iv, | |
144 | int enc); | |
145 | static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, | |
146 | unsigned char *out, | |
147 | const unsigned char *in, | |
148 | size_t inl); | |
149 | static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx); | |
150 | ||
e38c2e85 | 151 | struct dasync_pipeline_ctx { |
98ee7543 | 152 | void *inner_cipher_data; |
98ee7543 MC |
153 | unsigned int numpipes; |
154 | unsigned char **inbufs; | |
155 | unsigned char **outbufs; | |
156 | size_t *lens; | |
2f2c9caa MC |
157 | unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN]; |
158 | unsigned int aadctr; | |
98ee7543 MC |
159 | }; |
160 | ||
11780ac3 MC |
161 | /* |
162 | * Holds the EVP_CIPHER object for aes_128_cbc in this engine. Set up once only | |
163 | * during engine bind and can then be reused many times. | |
164 | */ | |
98ee7543 MC |
165 | static EVP_CIPHER *_hidden_aes_128_cbc = NULL; |
166 | static const EVP_CIPHER *dasync_aes_128_cbc(void) | |
167 | { | |
11780ac3 MC |
168 | return _hidden_aes_128_cbc; |
169 | } | |
170 | ||
171 | /* | |
172 | * Holds the EVP_CIPHER object for aes_128_cbc_hmac_sha1 in this engine. Set up | |
173 | * once only during engine bind and can then be reused many times. | |
a4a0a1eb DMSP |
174 | * |
175 | * This 'stitched' cipher depends on the EVP_aes_128_cbc_hmac_sha1() cipher, | |
176 | * which is implemented only if the AES-NI instruction set extension is available | |
177 | * (see OPENSSL_IA32CAP(3)). If that's not the case, then this cipher will not | |
178 | * be available either. | |
179 | * | |
180 | * Note: Since it is a legacy mac-then-encrypt cipher, modern TLS peers (which | |
181 | * negotiate the encrypt-then-mac extension) won't negotiate it anyway. | |
11780ac3 MC |
182 | */ |
183 | static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; | |
184 | static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) | |
185 | { | |
186 | return _hidden_aes_128_cbc_hmac_sha1; | |
187 | } | |
188 | ||
189 | static void destroy_ciphers(void) | |
190 | { | |
191 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
192 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); | |
193 | _hidden_aes_128_cbc = NULL; | |
194 | _hidden_aes_128_cbc_hmac_sha1 = NULL; | |
195 | } | |
196 | ||
197 | static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
198 | const int **nids, int nid); | |
199 | ||
200 | static int dasync_cipher_nids[] = { | |
201 | NID_aes_128_cbc, | |
202 | NID_aes_128_cbc_hmac_sha1, | |
203 | 0 | |
204 | }; | |
205 | ||
206 | static int bind_dasync(ENGINE *e) | |
207 | { | |
c5f87134 P |
208 | /* Setup RSA */ |
209 | ; | |
210 | if ((dasync_rsa_orig = EVP_PKEY_meth_find(EVP_PKEY_RSA)) == NULL | |
211 | || (dasync_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL) | |
b72c9121 | 212 | return 0; |
c5f87134 P |
213 | EVP_PKEY_meth_set_init(dasync_rsa, dasync_rsa_init); |
214 | EVP_PKEY_meth_set_cleanup(dasync_rsa, dasync_rsa_cleanup); | |
215 | EVP_PKEY_meth_set_paramgen(dasync_rsa, dasync_rsa_paramgen_init, | |
216 | dasync_rsa_paramgen); | |
217 | EVP_PKEY_meth_set_keygen(dasync_rsa, dasync_rsa_keygen_init, | |
218 | dasync_rsa_keygen); | |
219 | EVP_PKEY_meth_set_encrypt(dasync_rsa, dasync_rsa_encrypt_init, | |
220 | dasync_rsa_encrypt); | |
221 | EVP_PKEY_meth_set_decrypt(dasync_rsa, dasync_rsa_decrypt_init, | |
222 | dasync_rsa_decrypt); | |
223 | EVP_PKEY_meth_set_ctrl(dasync_rsa, dasync_rsa_ctrl, | |
224 | dasync_rsa_ctrl_str); | |
b72c9121 | 225 | |
11780ac3 MC |
226 | /* Ensure the dasync error handling is set up */ |
227 | ERR_load_DASYNC_strings(); | |
228 | ||
229 | if (!ENGINE_set_id(e, engine_dasync_id) | |
230 | || !ENGINE_set_name(e, engine_dasync_name) | |
c5f87134 | 231 | || !ENGINE_set_pkey_meths(e, dasync_pkey) |
11780ac3 MC |
232 | || !ENGINE_set_digests(e, dasync_digests) |
233 | || !ENGINE_set_ciphers(e, dasync_ciphers) | |
234 | || !ENGINE_set_destroy_function(e, dasync_destroy) | |
235 | || !ENGINE_set_init_function(e, dasync_init) | |
236 | || !ENGINE_set_finish_function(e, dasync_finish)) { | |
237 | DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); | |
238 | return 0; | |
239 | } | |
240 | ||
241 | /* | |
242 | * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests | |
243 | * supplied by this engine | |
244 | */ | |
245 | _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption); | |
246 | if (_hidden_sha1_md == NULL | |
247 | || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH) | |
248 | || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK) | |
249 | || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md, | |
250 | sizeof(EVP_MD *) + sizeof(SHA_CTX)) | |
251 | || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
252 | || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init) | |
253 | || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update) | |
254 | || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) { | |
255 | EVP_MD_meth_free(_hidden_sha1_md); | |
256 | _hidden_sha1_md = NULL; | |
257 | } | |
258 | ||
259 | _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, | |
260 | 16 /* block size */, | |
261 | 16 /* key len */); | |
98ee7543 MC |
262 | if (_hidden_aes_128_cbc == NULL |
263 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) | |
264 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, | |
265 | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
266 | | EVP_CIPH_CBC_MODE | |
267 | | EVP_CIPH_FLAG_PIPELINE) | |
268 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, | |
269 | dasync_aes128_init_key) | |
270 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, | |
271 | dasync_aes128_cbc_cipher) | |
272 | || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc, | |
273 | dasync_aes128_cbc_cleanup) | |
274 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc, | |
275 | dasync_aes128_cbc_ctrl) | |
276 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, | |
e38c2e85 | 277 | sizeof(struct dasync_pipeline_ctx))) { |
98ee7543 MC |
278 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); |
279 | _hidden_aes_128_cbc = NULL; | |
280 | } | |
98ee7543 | 281 | |
11780ac3 MC |
282 | _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( |
283 | NID_aes_128_cbc_hmac_sha1, | |
284 | 16 /* block size */, | |
285 | 16 /* key len */); | |
2f2c9caa MC |
286 | if (_hidden_aes_128_cbc_hmac_sha1 == NULL |
287 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) | |
288 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, | |
289 | EVP_CIPH_CBC_MODE | |
290 | | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
291 | | EVP_CIPH_FLAG_AEAD_CIPHER | |
292 | | EVP_CIPH_FLAG_PIPELINE) | |
293 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, | |
294 | dasync_aes128_cbc_hmac_sha1_init_key) | |
295 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, | |
296 | dasync_aes128_cbc_hmac_sha1_cipher) | |
297 | || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc_hmac_sha1, | |
298 | dasync_aes128_cbc_hmac_sha1_cleanup) | |
299 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, | |
300 | dasync_aes128_cbc_hmac_sha1_ctrl) | |
301 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, | |
e38c2e85 | 302 | sizeof(struct dasync_pipeline_ctx))) { |
2f2c9caa MC |
303 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); |
304 | _hidden_aes_128_cbc_hmac_sha1 = NULL; | |
305 | } | |
a14e9ff7 MC |
306 | |
307 | return 1; | |
308 | } | |
309 | ||
c5f87134 P |
310 | static void destroy_pkey(void) |
311 | { | |
312 | EVP_PKEY_meth_free(dasync_rsa); | |
313 | dasync_rsa_orig = NULL; | |
314 | dasync_rsa = NULL; | |
315 | } | |
316 | ||
a14e9ff7 MC |
317 | # ifndef OPENSSL_NO_DYNAMIC_ENGINE |
318 | static int bind_helper(ENGINE *e, const char *id) | |
319 | { | |
320 | if (id && (strcmp(id, engine_dasync_id) != 0)) | |
321 | return 0; | |
322 | if (!bind_dasync(e)) | |
323 | return 0; | |
324 | return 1; | |
325 | } | |
326 | ||
327 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
328 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
329 | # endif | |
330 | ||
331 | static ENGINE *engine_dasync(void) | |
332 | { | |
333 | ENGINE *ret = ENGINE_new(); | |
334 | if (!ret) | |
335 | return NULL; | |
336 | if (!bind_dasync(ret)) { | |
337 | ENGINE_free(ret); | |
338 | return NULL; | |
339 | } | |
340 | return ret; | |
341 | } | |
342 | ||
b3599dbb | 343 | void engine_load_dasync_int(void) |
a14e9ff7 MC |
344 | { |
345 | ENGINE *toadd = engine_dasync(); | |
346 | if (!toadd) | |
347 | return; | |
348 | ENGINE_add(toadd); | |
349 | ENGINE_free(toadd); | |
350 | ERR_clear_error(); | |
351 | } | |
352 | ||
353 | static int dasync_init(ENGINE *e) | |
354 | { | |
355 | return 1; | |
356 | } | |
357 | ||
358 | ||
359 | static int dasync_finish(ENGINE *e) | |
360 | { | |
361 | return 1; | |
362 | } | |
363 | ||
364 | ||
365 | static int dasync_destroy(ENGINE *e) | |
366 | { | |
cddcea8c | 367 | destroy_digests(); |
11780ac3 | 368 | destroy_ciphers(); |
c5f87134 | 369 | destroy_pkey(); |
a14e9ff7 MC |
370 | ERR_unload_DASYNC_strings(); |
371 | return 1; | |
372 | } | |
373 | ||
c5f87134 P |
374 | static int dasync_pkey(ENGINE *e, EVP_PKEY_METHOD **pmeth, |
375 | const int **pnids, int nid) | |
376 | { | |
377 | static const int rnid = EVP_PKEY_RSA; | |
378 | ||
379 | if (pmeth == NULL) { | |
380 | *pnids = &rnid; | |
381 | return 1; | |
382 | } | |
383 | ||
384 | if (nid == EVP_PKEY_RSA) { | |
385 | *pmeth = dasync_rsa; | |
386 | return 1; | |
387 | } | |
388 | ||
389 | *pmeth = NULL; | |
390 | return 0; | |
391 | } | |
392 | ||
a14e9ff7 MC |
393 | static int dasync_digests(ENGINE *e, const EVP_MD **digest, |
394 | const int **nids, int nid) | |
395 | { | |
396 | int ok = 1; | |
397 | if (!digest) { | |
398 | /* We are returning a list of supported nids */ | |
cddcea8c | 399 | return dasync_digest_nids(nids); |
a14e9ff7 MC |
400 | } |
401 | /* We are being asked for a specific digest */ | |
402 | switch (nid) { | |
403 | case NID_sha1: | |
cddcea8c | 404 | *digest = dasync_sha1(); |
a14e9ff7 MC |
405 | break; |
406 | default: | |
407 | ok = 0; | |
408 | *digest = NULL; | |
409 | break; | |
410 | } | |
411 | return ok; | |
412 | } | |
413 | ||
98ee7543 MC |
414 | static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
415 | const int **nids, int nid) | |
416 | { | |
417 | int ok = 1; | |
11780ac3 | 418 | if (cipher == NULL) { |
98ee7543 MC |
419 | /* We are returning a list of supported nids */ |
420 | *nids = dasync_cipher_nids; | |
421 | return (sizeof(dasync_cipher_nids) - | |
422 | 1) / sizeof(dasync_cipher_nids[0]); | |
423 | } | |
424 | /* We are being asked for a specific cipher */ | |
425 | switch (nid) { | |
426 | case NID_aes_128_cbc: | |
427 | *cipher = dasync_aes_128_cbc(); | |
428 | break; | |
2f2c9caa MC |
429 | case NID_aes_128_cbc_hmac_sha1: |
430 | *cipher = dasync_aes_128_cbc_hmac_sha1(); | |
431 | break; | |
98ee7543 MC |
432 | default: |
433 | ok = 0; | |
434 | *cipher = NULL; | |
435 | break; | |
436 | } | |
437 | return ok; | |
438 | } | |
439 | ||
ff75a257 MC |
440 | static void wait_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, |
441 | OSSL_ASYNC_FD readfd, void *pvwritefd) | |
442 | { | |
443 | OSSL_ASYNC_FD *pwritefd = (OSSL_ASYNC_FD *)pvwritefd; | |
444 | #if defined(ASYNC_WIN) | |
445 | CloseHandle(readfd); | |
446 | CloseHandle(*pwritefd); | |
447 | #elif defined(ASYNC_POSIX) | |
448 | close(readfd); | |
449 | close(*pwritefd); | |
450 | #endif | |
451 | OPENSSL_free(pwritefd); | |
452 | } | |
453 | ||
454 | #define DUMMY_CHAR 'X' | |
455 | ||
f4da39d2 MC |
456 | static void dummy_pause_job(void) { |
457 | ASYNC_JOB *job; | |
ff75a257 | 458 | ASYNC_WAIT_CTX *waitctx; |
9f5a87fd PY |
459 | ASYNC_callback_fn callback; |
460 | void * callback_arg; | |
ff75a257 MC |
461 | OSSL_ASYNC_FD pipefds[2] = {0, 0}; |
462 | OSSL_ASYNC_FD *writefd; | |
463 | #if defined(ASYNC_WIN) | |
464 | DWORD numwritten, numread; | |
465 | char buf = DUMMY_CHAR; | |
466 | #elif defined(ASYNC_POSIX) | |
467 | char buf = DUMMY_CHAR; | |
468 | #endif | |
f4da39d2 MC |
469 | |
470 | if ((job = ASYNC_get_current_job()) == NULL) | |
471 | return; | |
472 | ||
ff75a257 MC |
473 | waitctx = ASYNC_get_wait_ctx(job); |
474 | ||
9f5a87fd PY |
475 | if (ASYNC_WAIT_CTX_get_callback(waitctx, &callback, &callback_arg) && callback != NULL) { |
476 | /* | |
477 | * In the Dummy async engine we are cheating. We call the callback that the job | |
478 | * is complete before the call to ASYNC_pause_job(). A real | |
479 | * async engine would only call the callback when the job was actually complete | |
480 | */ | |
481 | (*callback)(callback_arg); | |
482 | ASYNC_pause_job(); | |
483 | return; | |
484 | } | |
485 | ||
486 | ||
ff75a257 MC |
487 | if (ASYNC_WAIT_CTX_get_fd(waitctx, engine_dasync_id, &pipefds[0], |
488 | (void **)&writefd)) { | |
489 | pipefds[1] = *writefd; | |
490 | } else { | |
491 | writefd = OPENSSL_malloc(sizeof(*writefd)); | |
492 | if (writefd == NULL) | |
493 | return; | |
494 | #if defined(ASYNC_WIN) | |
495 | if (CreatePipe(&pipefds[0], &pipefds[1], NULL, 256) == 0) { | |
496 | OPENSSL_free(writefd); | |
497 | return; | |
498 | } | |
499 | #elif defined(ASYNC_POSIX) | |
500 | if (pipe(pipefds) != 0) { | |
501 | OPENSSL_free(writefd); | |
502 | return; | |
503 | } | |
504 | #endif | |
505 | *writefd = pipefds[1]; | |
506 | ||
f479eab2 F |
507 | if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_dasync_id, pipefds[0], |
508 | writefd, wait_cleanup)) { | |
ff75a257 MC |
509 | wait_cleanup(waitctx, engine_dasync_id, pipefds[0], writefd); |
510 | return; | |
511 | } | |
512 | } | |
f4da39d2 MC |
513 | /* |
514 | * In the Dummy async engine we are cheating. We signal that the job | |
515 | * is complete by waking it before the call to ASYNC_pause_job(). A real | |
516 | * async engine would only wake when the job was actually complete | |
517 | */ | |
ff75a257 MC |
518 | #if defined(ASYNC_WIN) |
519 | WriteFile(pipefds[1], &buf, 1, &numwritten, NULL); | |
520 | #elif defined(ASYNC_POSIX) | |
b8972eda AG |
521 | if (write(pipefds[1], &buf, 1) < 0) |
522 | return; | |
ff75a257 | 523 | #endif |
f4da39d2 MC |
524 | |
525 | /* Ignore errors - we carry on anyway */ | |
526 | ASYNC_pause_job(); | |
527 | ||
ff75a257 MC |
528 | /* Clear the wake signal */ |
529 | #if defined(ASYNC_WIN) | |
530 | ReadFile(pipefds[0], &buf, 1, &numread, NULL); | |
531 | #elif defined(ASYNC_POSIX) | |
b8972eda AG |
532 | if (read(pipefds[0], &buf, 1) < 0) |
533 | return; | |
ff75a257 | 534 | #endif |
f4da39d2 MC |
535 | } |
536 | ||
a14e9ff7 MC |
537 | /* |
538 | * SHA1 implementation. At the moment we just defer to the standard | |
539 | * implementation | |
540 | */ | |
46a283c0 | 541 | static int dasync_sha1_init(EVP_MD_CTX *ctx) |
a14e9ff7 | 542 | { |
f4da39d2 | 543 | dummy_pause_job(); |
a14e9ff7 | 544 | |
85d843c8 | 545 | return EVP_MD_meth_get_init(EVP_sha1())(ctx); |
a14e9ff7 MC |
546 | } |
547 | ||
46a283c0 | 548 | static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, |
652d4a8c | 549 | size_t count) |
a14e9ff7 | 550 | { |
f4da39d2 | 551 | dummy_pause_job(); |
a14e9ff7 | 552 | |
85d843c8 | 553 | return EVP_MD_meth_get_update(EVP_sha1())(ctx, data, count); |
a14e9ff7 MC |
554 | } |
555 | ||
46a283c0 | 556 | static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) |
a14e9ff7 | 557 | { |
f4da39d2 | 558 | dummy_pause_job(); |
a14e9ff7 | 559 | |
85d843c8 | 560 | return EVP_MD_meth_get_final(EVP_sha1())(ctx, md); |
a14e9ff7 MC |
561 | } |
562 | ||
e38c2e85 | 563 | /* Cipher helper functions */ |
98ee7543 | 564 | |
e38c2e85 MC |
565 | static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, |
566 | void *ptr, int aeadcapable) | |
98ee7543 MC |
567 | { |
568 | int ret; | |
e38c2e85 MC |
569 | struct dasync_pipeline_ctx *pipe_ctx = |
570 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
571 | |
572 | if (pipe_ctx == NULL) | |
573 | return 0; | |
574 | ||
575 | switch (type) { | |
576 | case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: | |
577 | pipe_ctx->numpipes = arg; | |
578 | pipe_ctx->outbufs = (unsigned char **)ptr; | |
579 | break; | |
580 | ||
581 | case EVP_CTRL_SET_PIPELINE_INPUT_BUFS: | |
582 | pipe_ctx->numpipes = arg; | |
583 | pipe_ctx->inbufs = (unsigned char **)ptr; | |
584 | break; | |
585 | ||
586 | case EVP_CTRL_SET_PIPELINE_INPUT_LENS: | |
587 | pipe_ctx->numpipes = arg; | |
588 | pipe_ctx->lens = (size_t *)ptr; | |
589 | break; | |
590 | ||
591 | case EVP_CTRL_AEAD_SET_MAC_KEY: | |
e38c2e85 MC |
592 | if (!aeadcapable) |
593 | return -1; | |
2f2c9caa MC |
594 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); |
595 | ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) | |
596 | (ctx, type, arg, ptr); | |
597 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); | |
598 | return ret; | |
599 | ||
600 | case EVP_CTRL_AEAD_TLS1_AAD: | |
601 | { | |
602 | unsigned char *p = ptr; | |
603 | unsigned int len; | |
604 | ||
e38c2e85 | 605 | if (!aeadcapable || arg != EVP_AEAD_TLS1_AAD_LEN) |
2f2c9caa MC |
606 | return -1; |
607 | ||
608 | if (pipe_ctx->aadctr >= SSL_MAX_PIPELINES) | |
609 | return -1; | |
610 | ||
611 | memcpy(pipe_ctx->tlsaad[pipe_ctx->aadctr], ptr, | |
612 | EVP_AEAD_TLS1_AAD_LEN); | |
613 | pipe_ctx->aadctr++; | |
614 | ||
615 | len = p[arg - 2] << 8 | p[arg - 1]; | |
616 | ||
695dd3a3 | 617 | if (EVP_CIPHER_CTX_encrypting(ctx)) { |
2f2c9caa | 618 | if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) { |
a68d3505 RS |
619 | if (len < AES_BLOCK_SIZE) |
620 | return 0; | |
2f2c9caa MC |
621 | len -= AES_BLOCK_SIZE; |
622 | } | |
623 | ||
624 | return ((len + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) | |
625 | & -AES_BLOCK_SIZE) - len; | |
626 | } else { | |
627 | return SHA_DIGEST_LENGTH; | |
628 | } | |
629 | } | |
630 | ||
2f2c9caa MC |
631 | default: |
632 | return 0; | |
633 | } | |
634 | ||
635 | return 1; | |
636 | } | |
637 | ||
e38c2e85 MC |
638 | static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx, |
639 | const unsigned char *key, | |
640 | const unsigned char *iv, int enc, | |
641 | const EVP_CIPHER *cipher) | |
2f2c9caa MC |
642 | { |
643 | int ret; | |
e38c2e85 MC |
644 | struct dasync_pipeline_ctx *pipe_ctx = |
645 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
646 | |
647 | if (pipe_ctx->inner_cipher_data == NULL | |
e38c2e85 MC |
648 | && EVP_CIPHER_impl_ctx_size(cipher) != 0) { |
649 | pipe_ctx->inner_cipher_data = OPENSSL_zalloc( | |
650 | EVP_CIPHER_impl_ctx_size(cipher)); | |
2f2c9caa | 651 | if (pipe_ctx->inner_cipher_data == NULL) { |
2f781956 | 652 | DASYNCerr(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, |
2f2c9caa MC |
653 | ERR_R_MALLOC_FAILURE); |
654 | return 0; | |
655 | } | |
656 | } | |
657 | ||
658 | pipe_ctx->numpipes = 0; | |
e38c2e85 | 659 | pipe_ctx->aadctr = 0; |
2f2c9caa MC |
660 | |
661 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); | |
e38c2e85 | 662 | ret = EVP_CIPHER_meth_get_init(cipher)(ctx, key, iv, enc); |
2f2c9caa MC |
663 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); |
664 | ||
665 | return ret; | |
666 | } | |
667 | ||
e38c2e85 MC |
668 | static int dasync_cipher_helper(EVP_CIPHER_CTX *ctx, unsigned char *out, |
669 | const unsigned char *in, size_t inl, | |
670 | const EVP_CIPHER *cipher) | |
2f2c9caa MC |
671 | { |
672 | int ret = 1; | |
673 | unsigned int i, pipes; | |
e38c2e85 MC |
674 | struct dasync_pipeline_ctx *pipe_ctx = |
675 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
676 | |
677 | pipes = pipe_ctx->numpipes; | |
678 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); | |
679 | if (pipes == 0) { | |
680 | if (pipe_ctx->aadctr != 0) { | |
681 | if (pipe_ctx->aadctr != 1) | |
682 | return -1; | |
e38c2e85 | 683 | EVP_CIPHER_meth_get_ctrl(cipher) |
2f2c9caa MC |
684 | (ctx, EVP_CTRL_AEAD_TLS1_AAD, |
685 | EVP_AEAD_TLS1_AAD_LEN, | |
686 | pipe_ctx->tlsaad[0]); | |
687 | } | |
e38c2e85 | 688 | ret = EVP_CIPHER_meth_get_do_cipher(cipher) |
2f2c9caa MC |
689 | (ctx, out, in, inl); |
690 | } else { | |
691 | if (pipe_ctx->aadctr > 0 && pipe_ctx->aadctr != pipes) | |
692 | return -1; | |
693 | for (i = 0; i < pipes; i++) { | |
694 | if (pipe_ctx->aadctr > 0) { | |
e38c2e85 | 695 | EVP_CIPHER_meth_get_ctrl(cipher) |
2f2c9caa MC |
696 | (ctx, EVP_CTRL_AEAD_TLS1_AAD, |
697 | EVP_AEAD_TLS1_AAD_LEN, | |
698 | pipe_ctx->tlsaad[i]); | |
699 | } | |
e38c2e85 | 700 | ret = ret && EVP_CIPHER_meth_get_do_cipher(cipher) |
2f2c9caa MC |
701 | (ctx, pipe_ctx->outbufs[i], pipe_ctx->inbufs[i], |
702 | pipe_ctx->lens[i]); | |
703 | } | |
704 | pipe_ctx->numpipes = 0; | |
705 | } | |
706 | pipe_ctx->aadctr = 0; | |
707 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); | |
708 | return ret; | |
709 | } | |
710 | ||
e38c2e85 MC |
711 | static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, |
712 | const EVP_CIPHER *cipher) | |
2f2c9caa | 713 | { |
e38c2e85 MC |
714 | struct dasync_pipeline_ctx *pipe_ctx = |
715 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
716 | |
717 | OPENSSL_clear_free(pipe_ctx->inner_cipher_data, | |
e38c2e85 | 718 | EVP_CIPHER_impl_ctx_size(cipher)); |
2f2c9caa MC |
719 | |
720 | return 1; | |
721 | } | |
e38c2e85 MC |
722 | |
723 | /* | |
724 | * AES128 CBC Implementation | |
725 | */ | |
726 | ||
727 | static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
728 | void *ptr) | |
729 | { | |
730 | return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); | |
731 | } | |
732 | ||
733 | static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
734 | const unsigned char *iv, int enc) | |
735 | { | |
736 | return dasync_cipher_init_key_helper(ctx, key, iv, enc, EVP_aes_128_cbc()); | |
737 | } | |
738 | ||
739 | static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
740 | const unsigned char *in, size_t inl) | |
741 | { | |
742 | return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc()); | |
743 | } | |
744 | ||
745 | static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) | |
746 | { | |
747 | return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc()); | |
748 | } | |
749 | ||
750 | ||
751 | /* | |
752 | * AES128 CBC HMAC SHA1 Implementation | |
753 | */ | |
754 | ||
755 | static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, | |
756 | int arg, void *ptr) | |
757 | { | |
758 | return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); | |
759 | } | |
760 | ||
761 | static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, | |
762 | const unsigned char *key, | |
763 | const unsigned char *iv, | |
764 | int enc) | |
765 | { | |
a4a0a1eb DMSP |
766 | /* |
767 | * We can safely assume that EVP_aes_128_cbc_hmac_sha1() != NULL, | |
768 | * see comment before the definition of dasync_aes_128_cbc_hmac_sha1(). | |
769 | */ | |
e38c2e85 MC |
770 | return dasync_cipher_init_key_helper(ctx, key, iv, enc, |
771 | EVP_aes_128_cbc_hmac_sha1()); | |
772 | } | |
773 | ||
774 | static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, | |
775 | unsigned char *out, | |
776 | const unsigned char *in, | |
777 | size_t inl) | |
778 | { | |
779 | return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc_hmac_sha1()); | |
780 | } | |
781 | ||
782 | static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx) | |
783 | { | |
a4a0a1eb DMSP |
784 | /* |
785 | * We can safely assume that EVP_aes_128_cbc_hmac_sha1() != NULL, | |
786 | * see comment before the definition of dasync_aes_128_cbc_hmac_sha1(). | |
787 | */ | |
e38c2e85 MC |
788 | return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1()); |
789 | } | |
c5f87134 P |
790 | |
791 | ||
792 | /* | |
793 | * RSA implementation | |
794 | */ | |
795 | static int dasync_rsa_init(EVP_PKEY_CTX *ctx) | |
796 | { | |
797 | static int (*pinit)(EVP_PKEY_CTX *ctx); | |
798 | ||
799 | if (pinit == NULL) | |
800 | EVP_PKEY_meth_get_init(dasync_rsa_orig, &pinit); | |
801 | return pinit(ctx); | |
802 | } | |
803 | ||
804 | static void dasync_rsa_cleanup(EVP_PKEY_CTX *ctx) | |
805 | { | |
806 | static void (*pcleanup)(EVP_PKEY_CTX *ctx); | |
807 | ||
808 | if (pcleanup == NULL) | |
809 | EVP_PKEY_meth_get_cleanup(dasync_rsa_orig, &pcleanup); | |
810 | pcleanup(ctx); | |
811 | } | |
812 | ||
813 | static int dasync_rsa_paramgen_init(EVP_PKEY_CTX *ctx) | |
814 | { | |
815 | static int (*pparamgen_init)(EVP_PKEY_CTX *ctx); | |
816 | ||
817 | if (pparamgen_init == NULL) | |
818 | EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, &pparamgen_init, NULL); | |
819 | return pparamgen_init(ctx); | |
820 | } | |
821 | ||
822 | static int dasync_rsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |
823 | { | |
824 | static int (*pparamgen)(EVP_PKEY_CTX *c, EVP_PKEY *pkey); | |
825 | ||
826 | if (pparamgen == NULL) | |
827 | EVP_PKEY_meth_get_paramgen(dasync_rsa_orig, NULL, &pparamgen); | |
828 | return pparamgen(ctx, pkey); | |
829 | } | |
830 | ||
831 | static int dasync_rsa_keygen_init(EVP_PKEY_CTX *ctx) | |
832 | { | |
833 | static int (*pkeygen_init)(EVP_PKEY_CTX *ctx); | |
834 | ||
835 | if (pkeygen_init == NULL) | |
836 | EVP_PKEY_meth_get_keygen(dasync_rsa_orig, &pkeygen_init, NULL); | |
837 | return pkeygen_init(ctx); | |
838 | } | |
839 | ||
840 | static int dasync_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |
841 | { | |
842 | static int (*pkeygen)(EVP_PKEY_CTX *c, EVP_PKEY *pkey); | |
843 | ||
844 | if (pkeygen == NULL) | |
845 | EVP_PKEY_meth_get_keygen(dasync_rsa_orig, NULL, &pkeygen); | |
846 | return pkeygen(ctx, pkey); | |
847 | } | |
848 | ||
849 | static int dasync_rsa_encrypt_init(EVP_PKEY_CTX *ctx) | |
850 | { | |
851 | static int (*pencrypt_init)(EVP_PKEY_CTX *ctx); | |
852 | ||
853 | if (pencrypt_init == NULL) | |
854 | EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, &pencrypt_init, NULL); | |
855 | return pencrypt_init(ctx); | |
856 | } | |
857 | ||
858 | static int dasync_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, | |
859 | size_t *outlen, const unsigned char *in, | |
860 | size_t inlen) | |
861 | { | |
862 | static int (*pencryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, | |
863 | size_t *outlen, const unsigned char *in, | |
864 | size_t inlen); | |
865 | ||
866 | if (pencryptfn == NULL) | |
867 | EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, NULL, &pencryptfn); | |
868 | return pencryptfn(ctx, out, outlen, in, inlen); | |
869 | } | |
870 | ||
871 | static int dasync_rsa_decrypt_init(EVP_PKEY_CTX *ctx) | |
872 | { | |
873 | static int (*pdecrypt_init)(EVP_PKEY_CTX *ctx); | |
874 | ||
875 | if (pdecrypt_init == NULL) | |
876 | EVP_PKEY_meth_get_decrypt(dasync_rsa_orig, &pdecrypt_init, NULL); | |
877 | return pdecrypt_init(ctx); | |
878 | } | |
879 | ||
880 | static int dasync_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, | |
881 | size_t *outlen, const unsigned char *in, | |
882 | size_t inlen) | |
883 | { | |
884 | static int (*pdecrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, | |
885 | size_t *outlen, const unsigned char *in, | |
886 | size_t inlen); | |
887 | ||
888 | if (pdecrypt == NULL) | |
889 | EVP_PKEY_meth_get_encrypt(dasync_rsa_orig, NULL, &pdecrypt); | |
890 | return pdecrypt(ctx, out, outlen, in, inlen); | |
891 | } | |
892 | ||
893 | static int dasync_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | |
894 | { | |
895 | static int (*pctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); | |
896 | ||
897 | if (pctrl == NULL) | |
898 | EVP_PKEY_meth_get_ctrl(dasync_rsa_orig, &pctrl, NULL); | |
899 | return pctrl(ctx, type, p1, p2); | |
900 | } | |
901 | ||
902 | static int dasync_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, | |
903 | const char *value) | |
904 | { | |
905 | static int (*pctrl_str)(EVP_PKEY_CTX *ctx, const char *type, | |
906 | const char *value); | |
907 | ||
908 | if (pctrl_str == NULL) | |
909 | EVP_PKEY_meth_get_ctrl(dasync_rsa_orig, NULL, &pctrl_str); | |
910 | return pctrl_str(ctx, type, value); | |
911 | } |