]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
fecb3aae | 2 | * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. |
5da2f69f | 3 | * |
4a8b0c55 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
aa6bb135 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
5da2f69f DSH |
8 | */ |
9 | ||
23c48d94 | 10 | #include <openssl/core_dispatch.h> |
15dfa092 | 11 | #include "internal/refcount.h" |
ff64702b | 12 | |
e870791a SL |
13 | #define EVP_CTRL_RET_UNSUPPORTED -1 |
14 | ||
15 | ||
7638370c | 16 | struct evp_md_ctx_st { |
b7c913c8 | 17 | const EVP_MD *reqdigest; /* The original requested digest */ |
7638370c RL |
18 | const EVP_MD *digest; |
19 | ENGINE *engine; /* functional reference if 'digest' is | |
20 | * ENGINE-provided */ | |
21 | unsigned long flags; | |
22 | void *md_data; | |
23 | /* Public key context for sign/verify */ | |
24 | EVP_PKEY_CTX *pctx; | |
25 | /* Update function: usually copied from EVP_MD */ | |
26 | int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); | |
8c8cf0d9 | 27 | |
7c14d0c1 SL |
28 | /* |
29 | * Opaque ctx returned from a providers digest algorithm implementation | |
30 | * OSSL_FUNC_digest_newctx() | |
31 | */ | |
32 | void *algctx; | |
8c8cf0d9 | 33 | EVP_MD *fetched_digest; |
7638370c RL |
34 | } /* EVP_MD_CTX */ ; |
35 | ||
8baf9968 RL |
36 | struct evp_cipher_ctx_st { |
37 | const EVP_CIPHER *cipher; | |
38 | ENGINE *engine; /* functional reference if 'cipher' is | |
39 | * ENGINE-provided */ | |
40 | int encrypt; /* encrypt or decrypt */ | |
41 | int buf_len; /* number we have left */ | |
42 | unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ | |
43 | unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ | |
44 | unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */ | |
45 | int num; /* used by cfb/ofb/ctr mode */ | |
46 | /* FIXME: Should this even exist? It appears unused */ | |
47 | void *app_data; /* application stuff */ | |
48 | int key_len; /* May change for variable length cipher */ | |
b30b45b7 | 49 | int iv_len; /* IV length */ |
8baf9968 RL |
50 | unsigned long flags; /* Various flags */ |
51 | void *cipher_data; /* per EVP data */ | |
52 | int final_used; | |
53 | int block_mask; | |
54 | unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ | |
df05f2ce | 55 | |
7c14d0c1 SL |
56 | /* |
57 | * Opaque ctx returned from a providers cipher algorithm implementation | |
58 | * OSSL_FUNC_cipher_newctx() | |
59 | */ | |
60 | void *algctx; | |
df05f2ce | 61 | EVP_CIPHER *fetched_cipher; |
8baf9968 RL |
62 | } /* EVP_CIPHER_CTX */ ; |
63 | ||
567db2c1 | 64 | struct evp_mac_ctx_st { |
e74bd290 | 65 | EVP_MAC *meth; /* Method structure */ |
7c14d0c1 SL |
66 | /* |
67 | * Opaque ctx returned from a providers MAC algorithm implementation | |
68 | * OSSL_FUNC_mac_newctx() | |
69 | */ | |
70 | void *algctx; | |
567db2c1 RL |
71 | } /* EVP_MAC_CTX */; |
72 | ||
5a285add | 73 | struct evp_kdf_ctx_st { |
fb9e6dd6 | 74 | EVP_KDF *meth; /* Method structure */ |
7c14d0c1 SL |
75 | /* |
76 | * Opaque ctx returned from a providers KDF algorithm implementation | |
77 | * OSSL_FUNC_kdf_newctx() | |
78 | */ | |
79 | void *algctx; | |
5a285add DM |
80 | } /* EVP_KDF_CTX */ ; |
81 | ||
15dfa092 P |
82 | struct evp_rand_ctx_st { |
83 | EVP_RAND *meth; /* Method structure */ | |
7c14d0c1 SL |
84 | /* |
85 | * Opaque ctx returned from a providers rand algorithm implementation | |
86 | * OSSL_FUNC_rand_newctx() | |
87 | */ | |
88 | void *algctx; | |
4640cd00 P |
89 | EVP_RAND_CTX *parent; /* Parent EVP_RAND or NULL if none */ |
90 | CRYPTO_REF_COUNT refcnt; /* Context reference count */ | |
91 | CRYPTO_RWLOCK *refcnt_lock; | |
15dfa092 P |
92 | } /* EVP_RAND_CTX */ ; |
93 | ||
a94a3e0d RL |
94 | struct evp_keymgmt_st { |
95 | int id; /* libcrypto internal */ | |
96 | ||
f7c16d48 | 97 | int name_id; |
6c9bc258 | 98 | char *type_name; |
309a78aa | 99 | const char *description; |
a94a3e0d RL |
100 | OSSL_PROVIDER *prov; |
101 | CRYPTO_REF_COUNT refcnt; | |
102 | CRYPTO_RWLOCK *lock; | |
103 | ||
b305452f | 104 | /* Constructor(s), destructor, information */ |
363b1e5d DMSP |
105 | OSSL_FUNC_keymgmt_new_fn *new; |
106 | OSSL_FUNC_keymgmt_free_fn *free; | |
107 | OSSL_FUNC_keymgmt_get_params_fn *get_params; | |
108 | OSSL_FUNC_keymgmt_gettable_params_fn *gettable_params; | |
109 | OSSL_FUNC_keymgmt_set_params_fn *set_params; | |
110 | OSSL_FUNC_keymgmt_settable_params_fn *settable_params; | |
6508e858 | 111 | |
1a5632e0 | 112 | /* Generation, a complex constructor */ |
363b1e5d DMSP |
113 | OSSL_FUNC_keymgmt_gen_init_fn *gen_init; |
114 | OSSL_FUNC_keymgmt_gen_set_template_fn *gen_set_template; | |
115 | OSSL_FUNC_keymgmt_gen_set_params_fn *gen_set_params; | |
116 | OSSL_FUNC_keymgmt_gen_settable_params_fn *gen_settable_params; | |
117 | OSSL_FUNC_keymgmt_gen_fn *gen; | |
118 | OSSL_FUNC_keymgmt_gen_cleanup_fn *gen_cleanup; | |
1a5632e0 | 119 | |
5dacb38c RL |
120 | OSSL_FUNC_keymgmt_load_fn *load; |
121 | ||
b305452f | 122 | /* Key object checking */ |
363b1e5d DMSP |
123 | OSSL_FUNC_keymgmt_query_operation_name_fn *query_operation_name; |
124 | OSSL_FUNC_keymgmt_has_fn *has; | |
125 | OSSL_FUNC_keymgmt_validate_fn *validate; | |
126 | OSSL_FUNC_keymgmt_match_fn *match; | |
b305452f RL |
127 | |
128 | /* Import and export routines */ | |
363b1e5d DMSP |
129 | OSSL_FUNC_keymgmt_import_fn *import; |
130 | OSSL_FUNC_keymgmt_import_types_fn *import_types; | |
131 | OSSL_FUNC_keymgmt_export_fn *export; | |
132 | OSSL_FUNC_keymgmt_export_types_fn *export_types; | |
4a9fe33c | 133 | OSSL_FUNC_keymgmt_dup_fn *dup; |
a94a3e0d RL |
134 | } /* EVP_KEYMGMT */ ; |
135 | ||
ff64702b | 136 | struct evp_keyexch_st { |
f7c16d48 | 137 | int name_id; |
6c9bc258 | 138 | char *type_name; |
309a78aa | 139 | const char *description; |
ff64702b MC |
140 | OSSL_PROVIDER *prov; |
141 | CRYPTO_REF_COUNT refcnt; | |
142 | CRYPTO_RWLOCK *lock; | |
143 | ||
363b1e5d DMSP |
144 | OSSL_FUNC_keyexch_newctx_fn *newctx; |
145 | OSSL_FUNC_keyexch_init_fn *init; | |
146 | OSSL_FUNC_keyexch_set_peer_fn *set_peer; | |
147 | OSSL_FUNC_keyexch_derive_fn *derive; | |
148 | OSSL_FUNC_keyexch_freectx_fn *freectx; | |
149 | OSSL_FUNC_keyexch_dupctx_fn *dupctx; | |
150 | OSSL_FUNC_keyexch_set_ctx_params_fn *set_ctx_params; | |
151 | OSSL_FUNC_keyexch_settable_ctx_params_fn *settable_ctx_params; | |
152 | OSSL_FUNC_keyexch_get_ctx_params_fn *get_ctx_params; | |
153 | OSSL_FUNC_keyexch_gettable_ctx_params_fn *gettable_ctx_params; | |
ff64702b MC |
154 | } /* EVP_KEYEXCH */; |
155 | ||
dfcb5d29 | 156 | struct evp_signature_st { |
f7c16d48 | 157 | int name_id; |
6c9bc258 | 158 | char *type_name; |
309a78aa | 159 | const char *description; |
dfcb5d29 MC |
160 | OSSL_PROVIDER *prov; |
161 | CRYPTO_REF_COUNT refcnt; | |
162 | CRYPTO_RWLOCK *lock; | |
163 | ||
363b1e5d DMSP |
164 | OSSL_FUNC_signature_newctx_fn *newctx; |
165 | OSSL_FUNC_signature_sign_init_fn *sign_init; | |
166 | OSSL_FUNC_signature_sign_fn *sign; | |
167 | OSSL_FUNC_signature_verify_init_fn *verify_init; | |
168 | OSSL_FUNC_signature_verify_fn *verify; | |
169 | OSSL_FUNC_signature_verify_recover_init_fn *verify_recover_init; | |
170 | OSSL_FUNC_signature_verify_recover_fn *verify_recover; | |
171 | OSSL_FUNC_signature_digest_sign_init_fn *digest_sign_init; | |
172 | OSSL_FUNC_signature_digest_sign_update_fn *digest_sign_update; | |
173 | OSSL_FUNC_signature_digest_sign_final_fn *digest_sign_final; | |
174 | OSSL_FUNC_signature_digest_sign_fn *digest_sign; | |
175 | OSSL_FUNC_signature_digest_verify_init_fn *digest_verify_init; | |
176 | OSSL_FUNC_signature_digest_verify_update_fn *digest_verify_update; | |
177 | OSSL_FUNC_signature_digest_verify_final_fn *digest_verify_final; | |
178 | OSSL_FUNC_signature_digest_verify_fn *digest_verify; | |
179 | OSSL_FUNC_signature_freectx_fn *freectx; | |
180 | OSSL_FUNC_signature_dupctx_fn *dupctx; | |
181 | OSSL_FUNC_signature_get_ctx_params_fn *get_ctx_params; | |
182 | OSSL_FUNC_signature_gettable_ctx_params_fn *gettable_ctx_params; | |
183 | OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params; | |
184 | OSSL_FUNC_signature_settable_ctx_params_fn *settable_ctx_params; | |
185 | OSSL_FUNC_signature_get_ctx_md_params_fn *get_ctx_md_params; | |
186 | OSSL_FUNC_signature_gettable_ctx_md_params_fn *gettable_ctx_md_params; | |
187 | OSSL_FUNC_signature_set_ctx_md_params_fn *set_ctx_md_params; | |
188 | OSSL_FUNC_signature_settable_ctx_md_params_fn *settable_ctx_md_params; | |
dfcb5d29 MC |
189 | } /* EVP_SIGNATURE */; |
190 | ||
2c938e2e MC |
191 | struct evp_asym_cipher_st { |
192 | int name_id; | |
6c9bc258 | 193 | char *type_name; |
309a78aa | 194 | const char *description; |
2c938e2e MC |
195 | OSSL_PROVIDER *prov; |
196 | CRYPTO_REF_COUNT refcnt; | |
197 | CRYPTO_RWLOCK *lock; | |
198 | ||
363b1e5d DMSP |
199 | OSSL_FUNC_asym_cipher_newctx_fn *newctx; |
200 | OSSL_FUNC_asym_cipher_encrypt_init_fn *encrypt_init; | |
201 | OSSL_FUNC_asym_cipher_encrypt_fn *encrypt; | |
202 | OSSL_FUNC_asym_cipher_decrypt_init_fn *decrypt_init; | |
203 | OSSL_FUNC_asym_cipher_decrypt_fn *decrypt; | |
204 | OSSL_FUNC_asym_cipher_freectx_fn *freectx; | |
205 | OSSL_FUNC_asym_cipher_dupctx_fn *dupctx; | |
206 | OSSL_FUNC_asym_cipher_get_ctx_params_fn *get_ctx_params; | |
207 | OSSL_FUNC_asym_cipher_gettable_ctx_params_fn *gettable_ctx_params; | |
208 | OSSL_FUNC_asym_cipher_set_ctx_params_fn *set_ctx_params; | |
209 | OSSL_FUNC_asym_cipher_settable_ctx_params_fn *settable_ctx_params; | |
2c938e2e MC |
210 | } /* EVP_ASYM_CIPHER */; |
211 | ||
80f4fd18 SL |
212 | struct evp_kem_st { |
213 | int name_id; | |
6c9bc258 | 214 | char *type_name; |
309a78aa | 215 | const char *description; |
80f4fd18 SL |
216 | OSSL_PROVIDER *prov; |
217 | CRYPTO_REF_COUNT refcnt; | |
218 | CRYPTO_RWLOCK *lock; | |
219 | ||
220 | OSSL_FUNC_kem_newctx_fn *newctx; | |
221 | OSSL_FUNC_kem_encapsulate_init_fn *encapsulate_init; | |
222 | OSSL_FUNC_kem_encapsulate_fn *encapsulate; | |
223 | OSSL_FUNC_kem_decapsulate_init_fn *decapsulate_init; | |
224 | OSSL_FUNC_kem_decapsulate_fn *decapsulate; | |
225 | OSSL_FUNC_kem_freectx_fn *freectx; | |
226 | OSSL_FUNC_kem_dupctx_fn *dupctx; | |
227 | OSSL_FUNC_kem_get_ctx_params_fn *get_ctx_params; | |
228 | OSSL_FUNC_kem_gettable_ctx_params_fn *gettable_ctx_params; | |
229 | OSSL_FUNC_kem_set_ctx_params_fn *set_ctx_params; | |
230 | OSSL_FUNC_kem_settable_ctx_params_fn *settable_ctx_params; | |
231 | } /* EVP_KEM */; | |
232 | ||
0f113f3e MC |
233 | int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, |
234 | int passlen, ASN1_TYPE *param, | |
235 | const EVP_CIPHER *c, const EVP_MD *md, | |
236 | int en_de); | |
b536880c JS |
237 | int PKCS5_v2_PBKDF2_keyivgen_ex(EVP_CIPHER_CTX *ctx, const char *pass, |
238 | int passlen, ASN1_TYPE *param, | |
239 | const EVP_CIPHER *c, const EVP_MD *md, | |
240 | int en_de, OSSL_LIB_CTX *libctx, const char *propq); | |
a0be4fd1 RL |
241 | |
242 | struct evp_Encode_Ctx_st { | |
243 | /* number saved in a partial encode/decode */ | |
244 | int num; | |
245 | /* | |
246 | * The length is either the output line length (in input bytes) or the | |
247 | * shortest input line length that is ok. Once decoding begins, the | |
248 | * length is adjusted up each time a longer line is decoded | |
249 | */ | |
250 | int length; | |
251 | /* data to encode */ | |
252 | unsigned char enc_data[80]; | |
253 | /* number read on current line */ | |
254 | int line_num; | |
c0804614 | 255 | unsigned int flags; |
a0be4fd1 | 256 | }; |
4a1f3f27 DSH |
257 | |
258 | typedef struct evp_pbe_st EVP_PBE_CTL; | |
259 | DEFINE_STACK_OF(EVP_PBE_CTL) | |
7141ba31 | 260 | |
6d777689 | 261 | int ossl_is_partially_overlapping(const void *ptr1, const void *ptr2, int len); |
c13d2ab4 | 262 | |
50cd4768 | 263 | #include <openssl/types.h> |
c13d2ab4 RL |
264 | #include <openssl/core.h> |
265 | ||
b4250010 | 266 | void *evp_generic_fetch(OSSL_LIB_CTX *ctx, int operation_id, |
f7c16d48 RL |
267 | const char *name, const char *properties, |
268 | void *(*new_method)(int name_id, | |
309a78aa | 269 | const OSSL_ALGORITHM *algodef, |
0ddf74bf | 270 | OSSL_PROVIDER *prov), |
7c95390e | 271 | int (*up_ref_method)(void *), |
0211740f | 272 | void (*free_method)(void *)); |
2fd3392c RL |
273 | void *evp_generic_fetch_from_prov(OSSL_PROVIDER *prov, int operation_id, |
274 | const char *name, const char *properties, | |
275 | void *(*new_method)(int name_id, | |
276 | const OSSL_ALGORITHM *algodef, | |
277 | OSSL_PROVIDER *prov), | |
278 | int (*up_ref_method)(void *), | |
279 | void (*free_method)(void *)); | |
793b0586 RL |
280 | void evp_generic_do_all_prefetched(OSSL_LIB_CTX *libctx, int operation_id, |
281 | void (*user_fn)(void *method, void *arg), | |
282 | void *user_arg); | |
b4250010 | 283 | void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id, |
3d96a51c RL |
284 | void (*user_fn)(void *method, void *arg), |
285 | void *user_arg, | |
f7c16d48 | 286 | void *(*new_method)(int name_id, |
309a78aa | 287 | const OSSL_ALGORITHM *algodef, |
0ddf74bf | 288 | OSSL_PROVIDER *prov), |
793b0586 | 289 | int (*up_ref_method)(void *), |
3d96a51c | 290 | void (*free_method)(void *)); |
13273237 | 291 | |
f7c16d48 | 292 | /* Internal fetchers for method types that are to be combined with others */ |
b4250010 | 293 | EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OSSL_LIB_CTX *ctx, int name_id, |
f7c16d48 | 294 | const char *properties); |
33561e0d RL |
295 | EVP_KEYMGMT *evp_keymgmt_fetch_from_prov(OSSL_PROVIDER *prov, |
296 | const char *name, | |
297 | const char *properties); | |
ff778146 RL |
298 | EVP_SIGNATURE *evp_signature_fetch_from_prov(OSSL_PROVIDER *prov, |
299 | const char *name, | |
300 | const char *properties); | |
301 | EVP_ASYM_CIPHER *evp_asym_cipher_fetch_from_prov(OSSL_PROVIDER *prov, | |
302 | const char *name, | |
303 | const char *properties); | |
304 | EVP_KEYEXCH *evp_keyexch_fetch_from_prov(OSSL_PROVIDER *prov, | |
305 | const char *name, | |
306 | const char *properties); | |
307 | EVP_KEM *evp_kem_fetch_from_prov(OSSL_PROVIDER *prov, | |
308 | const char *name, | |
309 | const char *properties); | |
f7c16d48 | 310 | |
3fd70262 RL |
311 | /* Internal structure constructors for fetched methods */ |
312 | EVP_MD *evp_md_new(void); | |
550f974a | 313 | EVP_CIPHER *evp_cipher_new(void); |
3fd70262 | 314 | |
924663c3 JZ |
315 | int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type, |
316 | evp_cipher_aead_asn1_params *asn1_params); | |
317 | int evp_cipher_set_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type, | |
318 | evp_cipher_aead_asn1_params *asn1_params); | |
319 | ||
13273237 RL |
320 | /* Helper functions to avoid duplicating code */ |
321 | ||
322 | /* | |
459b15d4 | 323 | * These methods implement different ways to pass a params array to the |
13273237 RL |
324 | * provider. They will return one of these values: |
325 | * | |
326 | * -2 if the method doesn't come from a provider | |
327 | * (evp_do_param will return this to the called) | |
328 | * -1 if the provider doesn't offer the desired function | |
329 | * (evp_do_param will raise an error and return 0) | |
330 | * or the return value from the desired function | |
331 | * (evp_do_param will return it to the caller) | |
332 | */ | |
459b15d4 SL |
333 | int evp_do_ciph_getparams(const EVP_CIPHER *ciph, OSSL_PARAM params[]); |
334 | int evp_do_ciph_ctx_getparams(const EVP_CIPHER *ciph, void *provctx, | |
13273237 | 335 | OSSL_PARAM params[]); |
459b15d4 | 336 | int evp_do_ciph_ctx_setparams(const EVP_CIPHER *ciph, void *provctx, |
13273237 | 337 | OSSL_PARAM params[]); |
6a3b7c68 RL |
338 | int evp_do_md_getparams(const EVP_MD *md, OSSL_PARAM params[]); |
339 | int evp_do_md_ctx_getparams(const EVP_MD *md, void *provctx, | |
340 | OSSL_PARAM params[]); | |
341 | int evp_do_md_ctx_setparams(const EVP_MD *md, void *provctx, | |
342 | OSSL_PARAM params[]); | |
ff64702b MC |
343 | |
344 | OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz); | |
345 | ||
346 | #define M_check_autoarg(ctx, arg, arglen, err) \ | |
347 | if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \ | |
ed576acd | 348 | size_t pksize = (size_t)EVP_PKEY_get_size(ctx->pkey); \ |
ff64702b MC |
349 | \ |
350 | if (pksize == 0) { \ | |
51ba9ebd | 351 | ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \ |
ff64702b MC |
352 | return 0; \ |
353 | } \ | |
354 | if (arg == NULL) { \ | |
355 | *arglen = pksize; \ | |
356 | return 1; \ | |
357 | } \ | |
358 | if (*arglen < pksize) { \ | |
51ba9ebd | 359 | ERR_raise(ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \ |
ff64702b MC |
360 | return 0; \ |
361 | } \ | |
362 | } | |
864b89ce MC |
363 | |
364 | void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx); | |
f6c95e46 RS |
365 | void evp_cipher_free_int(EVP_CIPHER *md); |
366 | void evp_md_free_int(EVP_MD *md); | |
f7c16d48 RL |
367 | |
368 | /* OSSL_PROVIDER * is only used to get the library context */ | |
e4a1d023 RL |
369 | int evp_is_a(OSSL_PROVIDER *prov, int number, |
370 | const char *legacy_name, const char *name); | |
d84f5515 MC |
371 | int evp_names_do_all(OSSL_PROVIDER *prov, int number, |
372 | void (*fn)(const char *name, void *data), | |
373 | void *data); | |
3c957bcd | 374 | int evp_cipher_cache_constants(EVP_CIPHER *cipher); |