2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* We need to use some engine deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
13 #include <openssl/crypto.h>
14 #include <openssl/evp.h>
15 #include <openssl/core_dispatch.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/err.h>
19 #include <openssl/proverr.h>
21 # include <openssl/engine.h>
23 #include "prov/implementations.h"
24 #include "prov/provider_ctx.h"
25 #include "prov/macsignature.h"
26 #include "prov/providercommon.h"
28 static OSSL_FUNC_signature_newctx_fn mac_hmac_newctx
;
29 static OSSL_FUNC_signature_newctx_fn mac_siphash_newctx
;
30 static OSSL_FUNC_signature_newctx_fn mac_poly1305_newctx
;
31 static OSSL_FUNC_signature_newctx_fn mac_cmac_newctx
;
32 static OSSL_FUNC_signature_digest_sign_init_fn mac_digest_sign_init
;
33 static OSSL_FUNC_signature_digest_sign_update_fn mac_digest_sign_update
;
34 static OSSL_FUNC_signature_digest_sign_final_fn mac_digest_sign_final
;
35 static OSSL_FUNC_signature_freectx_fn mac_freectx
;
36 static OSSL_FUNC_signature_dupctx_fn mac_dupctx
;
37 static OSSL_FUNC_signature_set_ctx_params_fn mac_set_ctx_params
;
38 static OSSL_FUNC_signature_settable_ctx_params_fn mac_hmac_settable_ctx_params
;
39 static OSSL_FUNC_signature_settable_ctx_params_fn mac_siphash_settable_ctx_params
;
40 static OSSL_FUNC_signature_settable_ctx_params_fn mac_poly1305_settable_ctx_params
;
41 static OSSL_FUNC_signature_settable_ctx_params_fn mac_cmac_settable_ctx_params
;
50 static void *mac_newctx(void *provctx
, const char *propq
, const char *macname
)
52 PROV_MAC_CTX
*pmacctx
;
55 if (!ossl_prov_is_running())
58 pmacctx
= OPENSSL_zalloc(sizeof(PROV_MAC_CTX
));
62 pmacctx
->libctx
= PROV_LIBCTX_OF(provctx
);
63 if (propq
!= NULL
&& (pmacctx
->propq
= OPENSSL_strdup(propq
)) == NULL
)
66 mac
= EVP_MAC_fetch(pmacctx
->libctx
, macname
, propq
);
70 pmacctx
->macctx
= EVP_MAC_CTX_new(mac
);
71 if (pmacctx
->macctx
== NULL
)
79 OPENSSL_free(pmacctx
->propq
);
80 OPENSSL_free(pmacctx
);
85 #define MAC_NEWCTX(funcname, macname) \
86 static void *mac_##funcname##_newctx(void *provctx, const char *propq) \
88 return mac_newctx(provctx, propq, macname); \
91 MAC_NEWCTX(hmac
, "HMAC")
92 MAC_NEWCTX(siphash
, "SIPHASH")
93 MAC_NEWCTX(poly1305
, "POLY1305")
94 MAC_NEWCTX(cmac
, "CMAC")
96 static int mac_digest_sign_init(void *vpmacctx
, const char *mdname
, void *vkey
,
97 const OSSL_PARAM params
[])
99 PROV_MAC_CTX
*pmacctx
= (PROV_MAC_CTX
*)vpmacctx
;
100 const char *ciphername
= NULL
, *engine
= NULL
;
102 if (!ossl_prov_is_running()
106 if (pmacctx
->key
== NULL
&& vkey
== NULL
) {
107 ERR_raise(ERR_LIB_PROV
, PROV_R_NO_KEY_SET
);
112 if (!ossl_mac_key_up_ref(vkey
))
114 ossl_mac_key_free(pmacctx
->key
);
118 if (pmacctx
->key
->cipher
.cipher
!= NULL
)
119 ciphername
= (char *)EVP_CIPHER_get0_name(pmacctx
->key
->cipher
.cipher
);
120 #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
121 if (pmacctx
->key
->cipher
.engine
!= NULL
)
122 engine
= (char *)ENGINE_get_id(pmacctx
->key
->cipher
.engine
);
125 if (!ossl_prov_set_macctx(pmacctx
->macctx
, NULL
,
129 pmacctx
->key
->properties
,
133 if (!EVP_MAC_init(pmacctx
->macctx
, pmacctx
->key
->priv_key
,
134 pmacctx
->key
->priv_key_len
, params
))
140 int mac_digest_sign_update(void *vpmacctx
, const unsigned char *data
,
143 PROV_MAC_CTX
*pmacctx
= (PROV_MAC_CTX
*)vpmacctx
;
145 if (pmacctx
== NULL
|| pmacctx
->macctx
== NULL
)
148 return EVP_MAC_update(pmacctx
->macctx
, data
, datalen
);
151 int mac_digest_sign_final(void *vpmacctx
, unsigned char *mac
, size_t *maclen
,
154 PROV_MAC_CTX
*pmacctx
= (PROV_MAC_CTX
*)vpmacctx
;
156 if (!ossl_prov_is_running() || pmacctx
== NULL
|| pmacctx
->macctx
== NULL
)
159 return EVP_MAC_final(pmacctx
->macctx
, mac
, maclen
, macsize
);
162 static void mac_freectx(void *vpmacctx
)
164 PROV_MAC_CTX
*ctx
= (PROV_MAC_CTX
*)vpmacctx
;
166 OPENSSL_free(ctx
->propq
);
167 EVP_MAC_CTX_free(ctx
->macctx
);
168 ossl_mac_key_free(ctx
->key
);
172 static void *mac_dupctx(void *vpmacctx
)
174 PROV_MAC_CTX
*srcctx
= (PROV_MAC_CTX
*)vpmacctx
;
175 PROV_MAC_CTX
*dstctx
;
177 if (!ossl_prov_is_running())
180 dstctx
= OPENSSL_zalloc(sizeof(*srcctx
));
185 dstctx
->propq
= NULL
;
187 dstctx
->macctx
= NULL
;
189 if (srcctx
->propq
!= NULL
&& (dstctx
->propq
= OPENSSL_strdup(srcctx
->propq
)) == NULL
)
192 if (srcctx
->key
!= NULL
&& !ossl_mac_key_up_ref(srcctx
->key
))
194 dstctx
->key
= srcctx
->key
;
196 if (srcctx
->macctx
!= NULL
) {
197 dstctx
->macctx
= EVP_MAC_CTX_dup(srcctx
->macctx
);
198 if (dstctx
->macctx
== NULL
)
208 static int mac_set_ctx_params(void *vpmacctx
, const OSSL_PARAM params
[])
210 PROV_MAC_CTX
*ctx
= (PROV_MAC_CTX
*)vpmacctx
;
212 return EVP_MAC_CTX_set_params(ctx
->macctx
, params
);
215 static const OSSL_PARAM
*mac_settable_ctx_params(ossl_unused
void *ctx
,
219 EVP_MAC
*mac
= EVP_MAC_fetch(PROV_LIBCTX_OF(provctx
), macname
,
221 const OSSL_PARAM
*params
;
226 params
= EVP_MAC_settable_ctx_params(mac
);
232 #define MAC_SETTABLE_CTX_PARAMS(funcname, macname) \
233 static const OSSL_PARAM *mac_##funcname##_settable_ctx_params(void *ctx, \
236 return mac_settable_ctx_params(ctx, provctx, macname); \
239 MAC_SETTABLE_CTX_PARAMS(hmac
, "HMAC")
240 MAC_SETTABLE_CTX_PARAMS(siphash
, "SIPHASH")
241 MAC_SETTABLE_CTX_PARAMS(poly1305
, "POLY1305")
242 MAC_SETTABLE_CTX_PARAMS(cmac
, "CMAC")
244 #define MAC_SIGNATURE_FUNCTIONS(funcname) \
245 const OSSL_DISPATCH ossl_mac_legacy_##funcname##_signature_functions[] = { \
246 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))mac_##funcname##_newctx }, \
247 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, \
248 (void (*)(void))mac_digest_sign_init }, \
249 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, \
250 (void (*)(void))mac_digest_sign_update }, \
251 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, \
252 (void (*)(void))mac_digest_sign_final }, \
253 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))mac_freectx }, \
254 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))mac_dupctx }, \
255 { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, \
256 (void (*)(void))mac_set_ctx_params }, \
257 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \
258 (void (*)(void))mac_##funcname##_settable_ctx_params }, \
262 MAC_SIGNATURE_FUNCTIONS(hmac
)
263 MAC_SIGNATURE_FUNCTIONS(siphash
)
264 MAC_SIGNATURE_FUNCTIONS(poly1305
)
265 MAC_SIGNATURE_FUNCTIONS(cmac
)