[thirdparty/openssl.git] / test / tls-provider.c

/*
 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/core_names.h>
#include <openssl/core_dispatch.h>
#include <openssl/rand.h>
#include <openssl/params.h>
/* For TLS1_3_VERSION */
#include <openssl/ssl.h>

int tls_provider_init(const OSSL_CORE_HANDLE *handle,
                      const OSSL_DISPATCH *in,
                      const OSSL_DISPATCH **out,
                      void **provctx);

#define XOR_KEY_SIZE 32

/*
 * Top secret. This algorithm only works if no one knows what this number is.
 * Please don't tell anyone what it is.
 * 
 * This algorithm is for testing only - don't really use it!
 */
static const unsigned char private_constant[XOR_KEY_SIZE] = {
    0xd3, 0x6b, 0x54, 0xec, 0x5b, 0xac, 0x89, 0x96, 0x8c, 0x2c, 0x66, 0xa5,
    0x67, 0x0d, 0xe3, 0xdd, 0x43, 0x69, 0xbc, 0x83, 0x3d, 0x60, 0xc7, 0xb8,
    0x2b, 0x1c, 0x5a, 0xfd, 0xb5, 0xcd, 0xd0, 0xf8
};

typedef struct xorkey_st {
    unsigned char privkey[XOR_KEY_SIZE];
    unsigned char pubkey[XOR_KEY_SIZE];
    int hasprivkey;
    int haspubkey;
} XORKEY;

/* We define a dummy TLS group called "xorgroup" for test purposes */

static unsigned int group_id = 0; /* IANA reserved for private use */
static unsigned int secbits = 128;
static unsigned int mintls = TLS1_3_VERSION;
static unsigned int maxtls = 0;
static unsigned int mindtls = -1;
static unsigned int maxdtls = -1;

#define GROUP_NAME "xorgroup"
#define GROUP_NAME_INTERNAL "xorgroup-int"
#define ALGORITHM "XOR"

static const OSSL_PARAM xor_group_params[] = {
    OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME,
                           GROUP_NAME, sizeof(GROUP_NAME)),
    OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL,
                           GROUP_NAME_INTERNAL, sizeof(GROUP_NAME_INTERNAL)),
    OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_ALG, ALGORITHM,
                           sizeof(ALGORITHM)),
    OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, &group_id),
    OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, &secbits),
    OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, &mintls),
    OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, &maxtls),
    OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, &mindtls),
    OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, &maxdtls),
    OSSL_PARAM_END
};

static int tls_prov_get_capabilities(void *provctx, const char *capability,
                                     OSSL_CALLBACK *cb, void *arg)
{
    /* We're only adding one group so we only call the callback once */
    if (strcmp(capability, "TLS-GROUP") == 0)
        return cb(xor_group_params, arg);

    /* We don't support this capability */
    return 0;
}

/*
 * Dummy "XOR" Key Exchange algorithm. We just xor the private and public keys
 * together. Don't use this!
 */

static OSSL_FUNC_keyexch_newctx_fn xor_newctx;
static OSSL_FUNC_keyexch_init_fn xor_init;
static OSSL_FUNC_keyexch_set_peer_fn xor_set_peer;
static OSSL_FUNC_keyexch_derive_fn xor_derive;
static OSSL_FUNC_keyexch_freectx_fn xor_freectx;
static OSSL_FUNC_keyexch_dupctx_fn xor_dupctx;

typedef struct {
    XORKEY *key;
    XORKEY *peerkey;
} PROV_XOR_CTX;

static void *xor_newctx(void *provctx)
{
    PROV_XOR_CTX *pxorctx = OPENSSL_zalloc(sizeof(PROV_XOR_CTX));

    if (pxorctx == NULL)
        return NULL;

    return pxorctx;
}

static int xor_init(void *vpxorctx, void *vkey)
{
    PROV_XOR_CTX *pxorctx = (PROV_XOR_CTX *)vpxorctx;

    if (pxorctx == NULL || vkey == NULL)
        return 0;
    pxorctx->key = vkey;
    return 1;
}

static int xor_set_peer(void *vpxorctx, void *vpeerkey)
{
    PROV_XOR_CTX *pxorctx = (PROV_XOR_CTX *)vpxorctx;

    if (pxorctx == NULL || vpeerkey == NULL)
        return 0;
    pxorctx->peerkey = vpeerkey;
    return 1;
}

static int xor_derive(void *vpxorctx, unsigned char *secret, size_t *secretlen,
                      size_t outlen)
{
    PROV_XOR_CTX *pxorctx = (PROV_XOR_CTX *)vpxorctx;
    int i;

    if (pxorctx->key == NULL || pxorctx->peerkey == NULL)
        return 0;

    *secretlen = XOR_KEY_SIZE;
    if (secret == NULL)
        return 1;

    if (outlen < XOR_KEY_SIZE)
        return 0;

    for (i = 0; i < XOR_KEY_SIZE; i++)
        secret[i] = pxorctx->key->privkey[i] ^ pxorctx->peerkey->pubkey[i];

    return 1;
}

static void xor_freectx(void *pxorctx)
{
    OPENSSL_free(pxorctx);
}

static void *xor_dupctx(void *vpxorctx)
{
    PROV_XOR_CTX *srcctx = (PROV_XOR_CTX *)vpxorctx;
    PROV_XOR_CTX *dstctx;

    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
    if (dstctx == NULL)
        return NULL;

    *dstctx = *srcctx;

    return dstctx;
}

static const OSSL_DISPATCH xor_keyexch_functions[] = {
    { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))xor_newctx },
    { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))xor_init },
    { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))xor_derive },
    { OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))xor_set_peer },
    { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))xor_freectx },
    { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))xor_dupctx },
    { 0, NULL }
};

static const OSSL_ALGORITHM tls_prov_keyexch[] = {
    /*
     * Obviously this is not FIPS approved, but in order to test in conjuction
     * with the FIPS provider we pretend that it is.
     */
    { "XOR", "provider=tls-provider,fips=yes", xor_keyexch_functions },
    { NULL, NULL, NULL }
};

/* Key Management for the dummy XOR key exchange algorithm */

static OSSL_FUNC_keymgmt_new_fn xor_newdata;
static OSSL_FUNC_keymgmt_free_fn xor_freedata;
static OSSL_FUNC_keymgmt_has_fn xor_has;
static OSSL_FUNC_keymgmt_copy_fn xor_copy;
static OSSL_FUNC_keymgmt_gen_init_fn xor_gen_init;
static OSSL_FUNC_keymgmt_gen_set_params_fn xor_gen_set_params;
static OSSL_FUNC_keymgmt_gen_settable_params_fn xor_gen_settable_params;
static OSSL_FUNC_keymgmt_gen_fn xor_gen;
static OSSL_FUNC_keymgmt_gen_cleanup_fn xor_gen_cleanup;
static OSSL_FUNC_keymgmt_get_params_fn xor_get_params;
static OSSL_FUNC_keymgmt_gettable_params_fn xor_gettable_params;
static OSSL_FUNC_keymgmt_set_params_fn xor_set_params;
static OSSL_FUNC_keymgmt_settable_params_fn xor_settable_params;

static void *xor_newdata(void *provctx)
{
    return OPENSSL_zalloc(sizeof(XORKEY));
}

static void xor_freedata(void *keydata)
{
    OPENSSL_free(keydata);
}

static int xor_has(void *vkey, int selection)
{
    XORKEY *key = vkey;
    int ok = 0;

    if (key != NULL) {
        ok = 1;

        if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
            ok = ok && key->haspubkey;
        if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
            ok = ok && key->hasprivkey;
    }
    return ok;
}

static int xor_copy(void *vtokey, const void *vfromkey, int selection)
{
    XORKEY *tokey = vtokey;
    const XORKEY *fromkey = vfromkey;
    int ok = 0;

    if (tokey != NULL && fromkey != NULL) {
        ok = 1;

        if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
            if (fromkey->haspubkey) {
                memcpy(tokey->pubkey, fromkey->pubkey, XOR_KEY_SIZE);
                tokey->haspubkey = 1;
            } else {
                tokey->haspubkey = 0;
            }
        }
        if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
            if (fromkey->hasprivkey) {
                memcpy(tokey->privkey, fromkey->privkey, XOR_KEY_SIZE);
                tokey->hasprivkey = 1;
            } else {
                tokey->hasprivkey = 0;
            }
        }
    }
    return ok;
}

static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[])
{
    XORKEY *key = vkey;
    OSSL_PARAM *p;

    if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL
        && !OSSL_PARAM_set_int(p, XOR_KEY_SIZE))
        return 0;

    if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL
        && !OSSL_PARAM_set_int(p, secbits))
        return 0;

    if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
        if (p->data_type != OSSL_PARAM_OCTET_STRING)
            return 0;
        p->return_size = XOR_KEY_SIZE;
        if (p->data != NULL && p->data_size >= XOR_KEY_SIZE)
            memcpy(p->data, key->pubkey, XOR_KEY_SIZE);
    }

    return 1;
}

static const OSSL_PARAM xor_params[] = {
    OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
    OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
    OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
    OSSL_PARAM_END
};

static const OSSL_PARAM *xor_gettable_params(void *provctx)
{
    return xor_params;
}

static int xor_set_params(void *vkey, const OSSL_PARAM params[])
{
    XORKEY *key = vkey;
    const OSSL_PARAM *p;

    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT);
    if (p != NULL) {
        if (p->data_type != OSSL_PARAM_OCTET_STRING
                || p->data_size != XOR_KEY_SIZE)
            return 0;
        memcpy(key->pubkey, p->data, XOR_KEY_SIZE);
        key->haspubkey = 1;
    }

    return 1;
}

static const OSSL_PARAM xor_known_settable_params[] = {
    OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
    OSSL_PARAM_END
};

static const OSSL_PARAM *xor_settable_params(void *provctx)
{
    return xor_known_settable_params;
}

struct xor_gen_ctx {
    int selection;
    OPENSSL_CTX *libctx;
};

static void *xor_gen_init(void *provctx, int selection)
{
    struct xor_gen_ctx *gctx = NULL;

    if ((selection & (OSSL_KEYMGMT_SELECT_KEYPAIR
                      | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)) == 0)
        return NULL;

    if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL)
        gctx->selection = selection;

    /* Our provctx is really just an OPENSSL_CTX */
    gctx->libctx = (OPENSSL_CTX *)provctx;

    return gctx;
}

static int xor_gen_set_params(void *genctx, const OSSL_PARAM params[])
{
    struct xor_gen_ctx *gctx = genctx;
    const OSSL_PARAM *p;

    if (gctx == NULL)
        return 0;

    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME);
    if (p != NULL) {
        if (p->data_type != OSSL_PARAM_UTF8_STRING
                || strcmp(p->data, GROUP_NAME_INTERNAL) != 0)
            return 0;
    }

    return 1;
}

static const OSSL_PARAM *xor_gen_settable_params(void *provctx)
{
    static OSSL_PARAM settable[] = {
        OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0),
        OSSL_PARAM_END
    };
    return settable;
}

static void *xor_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
{
    struct xor_gen_ctx *gctx = genctx;
    XORKEY *key = OPENSSL_zalloc(sizeof(*key));
    size_t i;

    if (key == NULL)
        return NULL;

    if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
        if (RAND_bytes_ex(gctx->libctx, key->privkey, XOR_KEY_SIZE) <= 0) {
            OPENSSL_free(key);
            return NULL;
        }
        for (i = 0; i < XOR_KEY_SIZE; i++)
            key->pubkey[i] = key->privkey[i] ^ private_constant[i];
        key->hasprivkey = 1;
        key->haspubkey = 1;
    }

    return key;
}

static void xor_gen_cleanup(void *genctx)
{
    OPENSSL_free(genctx);
}

static const OSSL_DISPATCH xor_keymgmt_functions[] = {
    { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))xor_newdata },
    { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))xor_gen_init },
    { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))xor_gen_set_params },
    { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
      (void (*)(void))xor_gen_settable_params },
    { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))xor_gen },
    { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))xor_gen_cleanup },
    { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))xor_get_params },
    { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))xor_gettable_params },
    { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))xor_set_params },
    { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))xor_settable_params },
    { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))xor_has },
    { OSSL_FUNC_KEYMGMT_COPY, (void (*)(void))xor_copy },
    { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))xor_freedata },
    { 0, NULL }
};

static const OSSL_ALGORITHM tls_prov_keymgmt[] = {
    /*
     * Obviously this is not FIPS approved, but in order to test in conjuction
     * with the FIPS provider we pretend that it is.
     */
    { "XOR", "provider=tls-provider,fips=yes", xor_keymgmt_functions },
    { NULL, NULL, NULL }
};

static const OSSL_ALGORITHM *tls_prov_query(void *provctx, int operation_id,
                                            int *no_cache)
{
    *no_cache = 0;
    switch (operation_id) {
    case OSSL_OP_KEYMGMT:
        return tls_prov_keymgmt;
    case OSSL_OP_KEYEXCH:
        return tls_prov_keyexch;
    }
    return NULL;
}

/* Functions we provide to the core */
static const OSSL_DISPATCH tls_prov_dispatch_table[] = {
    { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OPENSSL_CTX_free },
    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))tls_prov_query },
    { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))tls_prov_get_capabilities },
    { 0, NULL }
};

int tls_provider_init(const OSSL_CORE_HANDLE *handle,
                      const OSSL_DISPATCH *in,
                      const OSSL_DISPATCH **out,
                      void **provctx)
{
    OPENSSL_CTX *libctx = OPENSSL_CTX_new();

    *provctx = libctx;

    /*
     * Randomise the group_id we're going to use to ensure we don't interoperate
     * with anything but ourselves.
     */
    if (!RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id)))
        return 0;
    /*
     * Ensure group_id is within the IANA Reserved for private use range
     * (65024-65279)
     */
    group_id %= 65279 - 65024;
    group_id += 65024;

    *out = tls_prov_dispatch_table;
    return 1;
}
Commit	Line	Data
0c13cdf8 MC	1	/*
	2	* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <string.h>
	11	#include <openssl/core_names.h>
23c48d94	12	#include <openssl/core_dispatch.h>
0c13cdf8 MC	13	#include <openssl/rand.h>
	14	#include <openssl/params.h>
	15	/* For TLS1_3_VERSION */
	16	#include <openssl/ssl.h>
	17
	18	int tls_provider_init(const OSSL_CORE_HANDLE *handle,
	19	const OSSL_DISPATCH *in,
	20	const OSSL_DISPATCH **out,
	21	void **provctx);
	22
	23	#define XOR_KEY_SIZE 32
	24
	25	/*
	26	* Top secret. This algorithm only works if no one knows what this number is.
	27	* Please don't tell anyone what it is.
	28	*
	29	* This algorithm is for testing only - don't really use it!
	30	*/
	31	static const unsigned char private_constant[XOR_KEY_SIZE] = {
	32	0xd3, 0x6b, 0x54, 0xec, 0x5b, 0xac, 0x89, 0x96, 0x8c, 0x2c, 0x66, 0xa5,
	33	0x67, 0x0d, 0xe3, 0xdd, 0x43, 0x69, 0xbc, 0x83, 0x3d, 0x60, 0xc7, 0xb8,
	34	0x2b, 0x1c, 0x5a, 0xfd, 0xb5, 0xcd, 0xd0, 0xf8
	35	};
	36
	37	typedef struct xorkey_st {
	38	unsigned char privkey[XOR_KEY_SIZE];
	39	unsigned char pubkey[XOR_KEY_SIZE];
	40	int hasprivkey;
	41	int haspubkey;
	42	} XORKEY;
	43
	44	/* We define a dummy TLS group called "xorgroup" for test purposes */
	45
	46	static unsigned int group_id = 0; /* IANA reserved for private use */
	47	static unsigned int secbits = 128;
	48	static unsigned int mintls = TLS1_3_VERSION;
	49	static unsigned int maxtls = 0;
	50	static unsigned int mindtls = -1;
	51	static unsigned int maxdtls = -1;
	52
	53	#define GROUP_NAME "xorgroup"
	54	#define GROUP_NAME_INTERNAL "xorgroup-int"
	55	#define ALGORITHM "XOR"
	56
	57	static const OSSL_PARAM xor_group_params[] = {
	58	OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME,
	59	GROUP_NAME, sizeof(GROUP_NAME)),
	60	OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL,
	61	GROUP_NAME_INTERNAL, sizeof(GROUP_NAME_INTERNAL)),
	62	OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_ALG, ALGORITHM,
	63	sizeof(ALGORITHM)),
	64	OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, &group_id),
	65	OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, &secbits),
	66	OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, &mintls),
	67	OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, &maxtls),
	68	OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, &mindtls),
	69	OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, &maxdtls),
	70	OSSL_PARAM_END
	71	};
	72
	73	static int tls_prov_get_capabilities(void provctx, const char capability,
	74	OSSL_CALLBACK cb, void arg)
	75	{
	76	/* We're only adding one group so we only call the callback once */
77	if (strcmp(capability, "TLS-GROUP") == 0)
78	return cb(xor_group_params, arg);
79
80	/* We don't support this capability */
81	return 0;
82	}
83
84	/*
85	* Dummy "XOR" Key Exchange algorithm. We just xor the private and public keys
86	* together. Don't use this!
87	*/
88
363b1e5d DMSP	89	static OSSL_FUNC_keyexch_newctx_fn xor_newctx;
	90	static OSSL_FUNC_keyexch_init_fn xor_init;
	91	static OSSL_FUNC_keyexch_set_peer_fn xor_set_peer;
	92	static OSSL_FUNC_keyexch_derive_fn xor_derive;
	93	static OSSL_FUNC_keyexch_freectx_fn xor_freectx;
	94	static OSSL_FUNC_keyexch_dupctx_fn xor_dupctx;
0c13cdf8 MC	95
	96	typedef struct {
	97	XORKEY *key;
	98	XORKEY *peerkey;
	99	} PROV_XOR_CTX;
	100
	101	static void xor_newctx(void provctx)
	102	{
	103	PROV_XOR_CTX *pxorctx = OPENSSL_zalloc(sizeof(PROV_XOR_CTX));
	104
	105	if (pxorctx == NULL)
	106	return NULL;
	107
	108	return pxorctx;
	109	}
	110
	111	static int xor_init(void vpxorctx, void vkey)
	112	{
	113	PROV_XOR_CTX pxorctx = (PROV_XOR_CTX )vpxorctx;
	114
	115	if (pxorctx == NULL \|\| vkey == NULL)
	116	return 0;
	117	pxorctx->key = vkey;
	118	return 1;
	119	}
	120
	121	static int xor_set_peer(void vpxorctx, void vpeerkey)
	122	{
	123	PROV_XOR_CTX pxorctx = (PROV_XOR_CTX )vpxorctx;
	124
	125	if (pxorctx == NULL \|\| vpeerkey == NULL)
	126	return 0;
	127	pxorctx->peerkey = vpeerkey;
	128	return 1;
	129	}
	130
	131	static int xor_derive(void vpxorctx, unsigned char secret, size_t *secretlen,
	132	size_t outlen)
	133	{
	134	PROV_XOR_CTX pxorctx = (PROV_XOR_CTX )vpxorctx;
	135	int i;
	136
	137	if (pxorctx->key == NULL \|\| pxorctx->peerkey == NULL)
	138	return 0;
	139
	140	*secretlen = XOR_KEY_SIZE;
	141	if (secret == NULL)
	142	return 1;
	143
	144	if (outlen < XOR_KEY_SIZE)
	145	return 0;
	146
	147	for (i = 0; i < XOR_KEY_SIZE; i++)
	148	secret[i] = pxorctx->key->privkey[i] ^ pxorctx->peerkey->pubkey[i];
	149
	150	return 1;
	151	}
	152
	153	static void xor_freectx(void *pxorctx)
	154	{
	155	OPENSSL_free(pxorctx);
	156	}
	157
	158	static void xor_dupctx(void vpxorctx)
159	{
160	PROV_XOR_CTX srcctx = (PROV_XOR_CTX )vpxorctx;
161	PROV_XOR_CTX *dstctx;
162
163	dstctx = OPENSSL_zalloc(sizeof(*srcctx));
164	if (dstctx == NULL)
165	return NULL;
166
167	dstctx = srcctx;
168
169	return dstctx;
170	}
171
172	static const OSSL_DISPATCH xor_keyexch_functions[] = {
173	{ OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))xor_newctx },
174	{ OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))xor_init },
175	{ OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))xor_derive },
176	{ OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))xor_set_peer },
177	{ OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))xor_freectx },
178	{ OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))xor_dupctx },
179	{ 0, NULL }
180	};
181
182	static const OSSL_ALGORITHM tls_prov_keyexch[] = {
bfa6aaab MC	183	/*
	184	* Obviously this is not FIPS approved, but in order to test in conjuction
	185	* with the FIPS provider we pretend that it is.
	186	*/
	187	{ "XOR", "provider=tls-provider,fips=yes", xor_keyexch_functions },
0c13cdf8 MC	188	{ NULL, NULL, NULL }
	189	};
	190
	191	/* Key Management for the dummy XOR key exchange algorithm */
	192
363b1e5d DMSP	193	static OSSL_FUNC_keymgmt_new_fn xor_newdata;
	194	static OSSL_FUNC_keymgmt_free_fn xor_freedata;
	195	static OSSL_FUNC_keymgmt_has_fn xor_has;
	196	static OSSL_FUNC_keymgmt_copy_fn xor_copy;
	197	static OSSL_FUNC_keymgmt_gen_init_fn xor_gen_init;
	198	static OSSL_FUNC_keymgmt_gen_set_params_fn xor_gen_set_params;
	199	static OSSL_FUNC_keymgmt_gen_settable_params_fn xor_gen_settable_params;
	200	static OSSL_FUNC_keymgmt_gen_fn xor_gen;
	201	static OSSL_FUNC_keymgmt_gen_cleanup_fn xor_gen_cleanup;
	202	static OSSL_FUNC_keymgmt_get_params_fn xor_get_params;
	203	static OSSL_FUNC_keymgmt_gettable_params_fn xor_gettable_params;
	204	static OSSL_FUNC_keymgmt_set_params_fn xor_set_params;
	205	static OSSL_FUNC_keymgmt_settable_params_fn xor_settable_params;
0c13cdf8 MC	206
	207	static void xor_newdata(void provctx)
	208	{
	209	return OPENSSL_zalloc(sizeof(XORKEY));
	210	}
	211
	212	static void xor_freedata(void *keydata)
	213	{
	214	OPENSSL_free(keydata);
	215	}
	216
	217	static int xor_has(void *vkey, int selection)
	218	{
	219	XORKEY *key = vkey;
	220	int ok = 0;
	221
	222	if (key != NULL) {
	223	ok = 1;
	224
	225	if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
	226	ok = ok && key->haspubkey;
	227	if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
	228	ok = ok && key->hasprivkey;
	229	}
	230	return ok;
	231	}
	232
	233	static int xor_copy(void vtokey, const void vfromkey, int selection)
	234	{
	235	XORKEY *tokey = vtokey;
	236	const XORKEY *fromkey = vfromkey;
	237	int ok = 0;
	238
	239	if (tokey != NULL && fromkey != NULL) {
	240	ok = 1;
	241
	242	if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
	243	if (fromkey->haspubkey) {
	244	memcpy(tokey->pubkey, fromkey->pubkey, XOR_KEY_SIZE);
	245	tokey->haspubkey = 1;
	246	} else {
	247	tokey->haspubkey = 0;
	248	}
	249	}
	250	if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
	251	if (fromkey->hasprivkey) {
	252	memcpy(tokey->privkey, fromkey->privkey, XOR_KEY_SIZE);
	253	tokey->hasprivkey = 1;
	254	} else {
	255	tokey->hasprivkey = 0;
	256	}
	257	}
	258	}
	259	return ok;
	260	}
	261
	262	static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[])
	263	{
	264	XORKEY *key = vkey;
	265	OSSL_PARAM *p;
	266
	267	if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL
	268	&& !OSSL_PARAM_set_int(p, XOR_KEY_SIZE))
	269	return 0;
270
271	if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL
272	&& !OSSL_PARAM_set_int(p, secbits))
273	return 0;
274
275	if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) {
276	if (p->data_type != OSSL_PARAM_OCTET_STRING)
277	return 0;
278	p->return_size = XOR_KEY_SIZE;
279	if (p->data != NULL && p->data_size >= XOR_KEY_SIZE)
280	memcpy(p->data, key->pubkey, XOR_KEY_SIZE);
281	}
282
283	return 1;
284	}
285
286	static const OSSL_PARAM xor_params[] = {
287	OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
288	OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
289	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
290	OSSL_PARAM_END
291	};
292
132b6160	293	static const OSSL_PARAM xor_gettable_params(void provctx)
0c13cdf8 MC	294	{
	295	return xor_params;
	296	}
	297
	298	static int xor_set_params(void *vkey, const OSSL_PARAM params[])
	299	{
	300	XORKEY *key = vkey;
	301	const OSSL_PARAM *p;
	302
	303	p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT);
	304	if (p != NULL) {
	305	if (p->data_type != OSSL_PARAM_OCTET_STRING
	306	\|\| p->data_size != XOR_KEY_SIZE)
	307	return 0;
	308	memcpy(key->pubkey, p->data, XOR_KEY_SIZE);
	309	key->haspubkey = 1;
	310	}
	311
	312	return 1;
	313	}
	314
	315	static const OSSL_PARAM xor_known_settable_params[] = {
	316	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0),
	317	OSSL_PARAM_END
	318	};
	319
132b6160	320	static const OSSL_PARAM xor_settable_params(void provctx)
0c13cdf8 MC	321	{
	322	return xor_known_settable_params;
	323	}
	324
	325	struct xor_gen_ctx {
	326	int selection;
	327	OPENSSL_CTX *libctx;
	328	};
	329
	330	static void xor_gen_init(void provctx, int selection)
	331	{
	332	struct xor_gen_ctx *gctx = NULL;
	333
	334	if ((selection & (OSSL_KEYMGMT_SELECT_KEYPAIR
	335	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)) == 0)
	336	return NULL;
	337
	338	if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL)
	339	gctx->selection = selection;
	340
	341	/* Our provctx is really just an OPENSSL_CTX */
	342	gctx->libctx = (OPENSSL_CTX *)provctx;
	343
	344	return gctx;
	345	}
	346
	347	static int xor_gen_set_params(void *genctx, const OSSL_PARAM params[])
	348	{
	349	struct xor_gen_ctx *gctx = genctx;
	350	const OSSL_PARAM *p;
	351
	352	if (gctx == NULL)
	353	return 0;
	354
	355	p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME);
	356	if (p != NULL) {
	357	if (p->data_type != OSSL_PARAM_UTF8_STRING
	358	\|\| strcmp(p->data, GROUP_NAME_INTERNAL) != 0)
	359	return 0;
	360	}
	361
	362	return 1;
	363	}
	364
	365	static const OSSL_PARAM xor_gen_settable_params(void provctx)
	366	{
	367	static OSSL_PARAM settable[] = {
	368	OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0),
	369	OSSL_PARAM_END
	370	};
	371	return settable;
	372	}
	373
	374	static void xor_gen(void genctx, OSSL_CALLBACK osslcb, void cbarg)
	375	{
	376	struct xor_gen_ctx *gctx = genctx;
	377	XORKEY key = OPENSSL_zalloc(sizeof(key));
	378	size_t i;
	379
	380	if (key == NULL)
	381	return NULL;
	382
	383	if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) {
	384	if (RAND_bytes_ex(gctx->libctx, key->privkey, XOR_KEY_SIZE) <= 0) {
385	OPENSSL_free(key);
386	return NULL;
387	}
388	for (i = 0; i < XOR_KEY_SIZE; i++)
389	key->pubkey[i] = key->privkey[i] ^ private_constant[i];
390	key->hasprivkey = 1;
391	key->haspubkey = 1;
392	}
393
394	return key;
395	}
396
397	static void xor_gen_cleanup(void *genctx)
398	{
399	OPENSSL_free(genctx);
400	}
401
402	static const OSSL_DISPATCH xor_keymgmt_functions[] = {
403	{ OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))xor_newdata },
404	{ OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))xor_gen_init },
405	{ OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))xor_gen_set_params },
406	{ OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
407	(void (*)(void))xor_gen_settable_params },
408	{ OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))xor_gen },
409	{ OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))xor_gen_cleanup },
410	{ OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))xor_get_params },
411	{ OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))xor_gettable_params },
412	{ OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))xor_set_params },
413	{ OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))xor_settable_params },
414	{ OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))xor_has },
415	{ OSSL_FUNC_KEYMGMT_COPY, (void (*)(void))xor_copy },
416	{ OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))xor_freedata },
417	{ 0, NULL }
418	};
419
420	static const OSSL_ALGORITHM tls_prov_keymgmt[] = {
bfa6aaab MC	421	/*
	422	* Obviously this is not FIPS approved, but in order to test in conjuction
	423	* with the FIPS provider we pretend that it is.
	424	*/
	425	{ "XOR", "provider=tls-provider,fips=yes", xor_keymgmt_functions },
0c13cdf8 MC	426	{ NULL, NULL, NULL }
	427	};
	428
	429	static const OSSL_ALGORITHM tls_prov_query(void provctx, int operation_id,
	430	int *no_cache)
	431	{
	432	*no_cache = 0;
	433	switch (operation_id) {
	434	case OSSL_OP_KEYMGMT:
	435	return tls_prov_keymgmt;
	436	case OSSL_OP_KEYEXCH:
	437	return tls_prov_keyexch;
	438	}
	439	return NULL;
	440	}
	441
	442	/* Functions we provide to the core */
	443	static const OSSL_DISPATCH tls_prov_dispatch_table[] = {
	444	{ OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OPENSSL_CTX_free },
	445	{ OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))tls_prov_query },
	446	{ OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))tls_prov_get_capabilities },
	447	{ 0, NULL }
	448	};
	449
	450	int tls_provider_init(const OSSL_CORE_HANDLE *handle,
	451	const OSSL_DISPATCH *in,
	452	const OSSL_DISPATCH **out,
	453	void **provctx)
	454	{
	455	OPENSSL_CTX *libctx = OPENSSL_CTX_new();
	456
	457	*provctx = libctx;
	458
	459	/*
	460	* Randomise the group_id we're going to use to ensure we don't interoperate
	461	* with anything but ourselves.
	462	*/
	463	if (!RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id)))
	464	return 0;
	465	/*
	466	* Ensure group_id is within the IANA Reserved for private use range
	467	* (65024-65279)
	468	*/
	469	group_id %= 65279 - 65024;
	470	group_id += 65024;
	471
	472	*out = tls_prov_dispatch_table;
	473	return 1;
	474	}