2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* We need to use some engine deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
13 #include <openssl/evp.h>
14 #include <openssl/core_names.h>
15 #include <openssl/err.h>
16 #include "prov/provider_util.h"
18 void ossl_prov_cipher_reset(PROV_CIPHER
*pc
)
20 EVP_CIPHER_free(pc
->alloc_cipher
);
21 pc
->alloc_cipher
= NULL
;
26 int ossl_prov_cipher_copy(PROV_CIPHER
*dst
, const PROV_CIPHER
*src
)
28 if (src
->alloc_cipher
!= NULL
&& !EVP_CIPHER_up_ref(src
->alloc_cipher
))
30 dst
->engine
= src
->engine
;
31 dst
->cipher
= src
->cipher
;
32 dst
->alloc_cipher
= src
->alloc_cipher
;
36 static int load_common(const OSSL_PARAM params
[], const char **propquery
,
42 p
= OSSL_PARAM_locate_const(params
, OSSL_ALG_PARAM_PROPERTIES
);
44 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
50 /* TODO legacy stuff, to be removed */
51 /* Inside the FIPS module, we don't support legacy ciphers */
52 #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE)
53 p
= OSSL_PARAM_locate_const(params
, "engine");
55 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
57 ENGINE_finish(*engine
);
58 *engine
= ENGINE_by_id(p
->data
);
66 int ossl_prov_cipher_load_from_params(PROV_CIPHER
*pc
,
67 const OSSL_PARAM params
[],
71 const char *propquery
;
73 if (!load_common(params
, &propquery
, &pc
->engine
))
76 p
= OSSL_PARAM_locate_const(params
, OSSL_ALG_PARAM_CIPHER
);
79 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
82 EVP_CIPHER_free(pc
->alloc_cipher
);
84 pc
->cipher
= pc
->alloc_cipher
= EVP_CIPHER_fetch(ctx
, p
->data
, propquery
);
85 /* TODO legacy stuff, to be removed */
86 #ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy ciphers */
87 if (pc
->cipher
== NULL
)
88 pc
->cipher
= EVP_get_cipherbyname(p
->data
);
90 if (pc
->cipher
!= NULL
)
93 ERR_clear_last_mark();
94 return pc
->cipher
!= NULL
;
97 const EVP_CIPHER
*ossl_prov_cipher_cipher(const PROV_CIPHER
*pc
)
102 ENGINE
*ossl_prov_cipher_engine(const PROV_CIPHER
*pc
)
107 void ossl_prov_digest_reset(PROV_DIGEST
*pd
)
109 EVP_MD_free(pd
->alloc_md
);
115 int ossl_prov_digest_copy(PROV_DIGEST
*dst
, const PROV_DIGEST
*src
)
117 if (src
->alloc_md
!= NULL
&& !EVP_MD_up_ref(src
->alloc_md
))
119 dst
->engine
= src
->engine
;
121 dst
->alloc_md
= src
->alloc_md
;
125 int ossl_prov_digest_load_from_params(PROV_DIGEST
*pd
,
126 const OSSL_PARAM params
[],
130 const char *propquery
;
132 if (!load_common(params
, &propquery
, &pd
->engine
))
136 p
= OSSL_PARAM_locate_const(params
, OSSL_ALG_PARAM_DIGEST
);
139 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
142 EVP_MD_free(pd
->alloc_md
);
144 pd
->md
= pd
->alloc_md
= EVP_MD_fetch(ctx
, p
->data
, propquery
);
145 /* TODO legacy stuff, to be removed */
146 #ifndef FIPS_MODULE /* Inside the FIPS module, we don't support legacy digests */
148 pd
->md
= EVP_get_digestbyname(p
->data
);
153 ERR_clear_last_mark();
154 return pd
->md
!= NULL
;
157 const EVP_MD
*ossl_prov_digest_md(const PROV_DIGEST
*pd
)
162 ENGINE
*ossl_prov_digest_engine(const PROV_DIGEST
*pd
)
167 int ossl_prov_macctx_load_from_params(EVP_MAC_CTX
**macctx
,
168 const OSSL_PARAM params
[],
170 const char *ciphername
,
175 OSSL_PARAM mac_params
[5], *mp
= mac_params
;
176 const char *properties
= NULL
;
179 && (p
= OSSL_PARAM_locate_const(params
, OSSL_ALG_PARAM_MAC
)) != NULL
) {
180 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
184 if ((p
= OSSL_PARAM_locate_const(params
,
185 OSSL_ALG_PARAM_PROPERTIES
)) != NULL
) {
186 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
188 properties
= p
->data
;
191 /* If we got a new mac name, we make a new EVP_MAC_CTX */
192 if (macname
!= NULL
) {
193 EVP_MAC
*mac
= EVP_MAC_fetch(libctx
, macname
, properties
);
195 EVP_MAC_CTX_free(*macctx
);
196 *macctx
= mac
== NULL
? NULL
: EVP_MAC_CTX_new(mac
);
197 /* The context holds on to the MAC */
204 * If there is no MAC yet (and therefore, no MAC context), we ignore
205 * all other parameters.
210 if (mdname
== NULL
) {
211 if ((p
= OSSL_PARAM_locate_const(params
,
212 OSSL_ALG_PARAM_DIGEST
)) != NULL
) {
213 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
218 if (ciphername
== NULL
) {
219 if ((p
= OSSL_PARAM_locate_const(params
,
220 OSSL_ALG_PARAM_CIPHER
)) != NULL
) {
221 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
223 ciphername
= p
->data
;
228 *mp
++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST
,
230 if (ciphername
!= NULL
)
231 *mp
++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER
,
232 (char *)ciphername
, 0);
233 if (properties
!= NULL
)
234 *mp
++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES
,
235 (char *)properties
, 0);
237 #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
238 if ((p
= OSSL_PARAM_locate_const(params
, "engine")) != NULL
) {
239 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
241 *mp
++ = OSSL_PARAM_construct_utf8_string("engine",
242 p
->data
, p
->data_size
);
245 *mp
= OSSL_PARAM_construct_end();
247 if (EVP_MAC_CTX_set_params(*macctx
, mac_params
))
250 EVP_MAC_CTX_free(*macctx
);
255 void ossl_prov_cache_exported_algorithms(const OSSL_ALGORITHM_CAPABLE
*in
,
260 if (out
[0].algorithm_names
== NULL
) {
261 for (i
= j
= 0; in
[i
].alg
.algorithm_names
!= NULL
; ++i
) {
262 if (in
[i
].capable
== NULL
|| in
[i
].capable())
263 out
[j
++] = in
[i
].alg
;
265 out
[j
++] = in
[i
].alg
;