]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
33388b44 | 2 | * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. |
5da2f69f | 3 | * |
4a8b0c55 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
aa6bb135 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
5da2f69f DSH |
8 | */ |
9 | ||
7638370c RL |
10 | /* EVP_MD_CTX related stuff */ |
11 | ||
23c48d94 | 12 | #include <openssl/core_dispatch.h> |
15dfa092 | 13 | #include "internal/refcount.h" |
ff64702b | 14 | |
e870791a SL |
15 | #define EVP_CTRL_RET_UNSUPPORTED -1 |
16 | ||
17 | ||
7638370c | 18 | struct evp_md_ctx_st { |
b7c913c8 | 19 | const EVP_MD *reqdigest; /* The original requested digest */ |
7638370c RL |
20 | const EVP_MD *digest; |
21 | ENGINE *engine; /* functional reference if 'digest' is | |
22 | * ENGINE-provided */ | |
23 | unsigned long flags; | |
24 | void *md_data; | |
25 | /* Public key context for sign/verify */ | |
26 | EVP_PKEY_CTX *pctx; | |
27 | /* Update function: usually copied from EVP_MD */ | |
28 | int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); | |
8c8cf0d9 MC |
29 | |
30 | /* Provider ctx */ | |
31 | void *provctx; | |
32 | EVP_MD *fetched_digest; | |
7638370c RL |
33 | } /* EVP_MD_CTX */ ; |
34 | ||
8baf9968 RL |
35 | struct evp_cipher_ctx_st { |
36 | const EVP_CIPHER *cipher; | |
37 | ENGINE *engine; /* functional reference if 'cipher' is | |
38 | * ENGINE-provided */ | |
39 | int encrypt; /* encrypt or decrypt */ | |
40 | int buf_len; /* number we have left */ | |
41 | unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ | |
42 | unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ | |
43 | unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */ | |
44 | int num; /* used by cfb/ofb/ctr mode */ | |
45 | /* FIXME: Should this even exist? It appears unused */ | |
46 | void *app_data; /* application stuff */ | |
47 | int key_len; /* May change for variable length cipher */ | |
48 | unsigned long flags; /* Various flags */ | |
49 | void *cipher_data; /* per EVP data */ | |
50 | int final_used; | |
51 | int block_mask; | |
52 | unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ | |
df05f2ce MC |
53 | |
54 | /* Provider ctx */ | |
55 | void *provctx; | |
56 | EVP_CIPHER *fetched_cipher; | |
8baf9968 RL |
57 | } /* EVP_CIPHER_CTX */ ; |
58 | ||
567db2c1 | 59 | struct evp_mac_ctx_st { |
e74bd290 | 60 | EVP_MAC *meth; /* Method structure */ |
567db2c1 RL |
61 | void *data; /* Individual method data */ |
62 | } /* EVP_MAC_CTX */; | |
63 | ||
5a285add | 64 | struct evp_kdf_ctx_st { |
fb9e6dd6 P |
65 | EVP_KDF *meth; /* Method structure */ |
66 | void *data; /* Algorithm-specific data */ | |
5a285add DM |
67 | } /* EVP_KDF_CTX */ ; |
68 | ||
15dfa092 P |
69 | struct evp_rand_ctx_st { |
70 | EVP_RAND *meth; /* Method structure */ | |
71 | void *data; /* Algorithm-specific data */ | |
f000e828 P |
72 | size_t max_request; /* |
73 | * Cached: maximum number of bytes generated | |
74 | * in a single call to the generate function | |
75 | */ | |
76 | unsigned int strength; /* Cached: bit strength of generator */ | |
15dfa092 P |
77 | } /* EVP_RAND_CTX */ ; |
78 | ||
79 | struct evp_rand_st { | |
80 | OSSL_PROVIDER *prov; | |
81 | int name_id; | |
82 | CRYPTO_REF_COUNT refcnt; | |
f000e828 | 83 | CRYPTO_RWLOCK *refcnt_lock; |
15dfa092 P |
84 | |
85 | const OSSL_DISPATCH *dispatch; | |
363b1e5d DMSP |
86 | OSSL_FUNC_rand_newctx_fn *newctx; |
87 | OSSL_FUNC_rand_freectx_fn *freectx; | |
88 | OSSL_FUNC_rand_instantiate_fn *instantiate; | |
89 | OSSL_FUNC_rand_uninstantiate_fn *uninstantiate; | |
90 | OSSL_FUNC_rand_generate_fn *generate; | |
91 | OSSL_FUNC_rand_reseed_fn *reseed; | |
92 | OSSL_FUNC_rand_nonce_fn *nonce; | |
93 | OSSL_FUNC_rand_enable_locking_fn *enable_locking; | |
94 | OSSL_FUNC_rand_lock_fn *lock; | |
95 | OSSL_FUNC_rand_unlock_fn *unlock; | |
96 | OSSL_FUNC_rand_gettable_params_fn *gettable_params; | |
97 | OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params; | |
98 | OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params; | |
99 | OSSL_FUNC_rand_get_params_fn *get_params; | |
100 | OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params; | |
101 | OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params; | |
102 | OSSL_FUNC_rand_set_callbacks_fn *set_callbacks; | |
103 | OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization; | |
15dfa092 P |
104 | } /* EVP_RAND */ ; |
105 | ||
a94a3e0d RL |
106 | struct evp_keymgmt_st { |
107 | int id; /* libcrypto internal */ | |
108 | ||
f7c16d48 | 109 | int name_id; |
a94a3e0d RL |
110 | OSSL_PROVIDER *prov; |
111 | CRYPTO_REF_COUNT refcnt; | |
112 | CRYPTO_RWLOCK *lock; | |
113 | ||
b305452f | 114 | /* Constructor(s), destructor, information */ |
363b1e5d DMSP |
115 | OSSL_FUNC_keymgmt_new_fn *new; |
116 | OSSL_FUNC_keymgmt_free_fn *free; | |
117 | OSSL_FUNC_keymgmt_get_params_fn *get_params; | |
118 | OSSL_FUNC_keymgmt_gettable_params_fn *gettable_params; | |
119 | OSSL_FUNC_keymgmt_set_params_fn *set_params; | |
120 | OSSL_FUNC_keymgmt_settable_params_fn *settable_params; | |
6508e858 | 121 | |
1a5632e0 | 122 | /* Generation, a complex constructor */ |
363b1e5d DMSP |
123 | OSSL_FUNC_keymgmt_gen_init_fn *gen_init; |
124 | OSSL_FUNC_keymgmt_gen_set_template_fn *gen_set_template; | |
125 | OSSL_FUNC_keymgmt_gen_set_params_fn *gen_set_params; | |
126 | OSSL_FUNC_keymgmt_gen_settable_params_fn *gen_settable_params; | |
127 | OSSL_FUNC_keymgmt_gen_fn *gen; | |
128 | OSSL_FUNC_keymgmt_gen_cleanup_fn *gen_cleanup; | |
1a5632e0 | 129 | |
b305452f | 130 | /* Key object checking */ |
363b1e5d DMSP |
131 | OSSL_FUNC_keymgmt_query_operation_name_fn *query_operation_name; |
132 | OSSL_FUNC_keymgmt_has_fn *has; | |
133 | OSSL_FUNC_keymgmt_validate_fn *validate; | |
134 | OSSL_FUNC_keymgmt_match_fn *match; | |
b305452f RL |
135 | |
136 | /* Import and export routines */ | |
363b1e5d DMSP |
137 | OSSL_FUNC_keymgmt_import_fn *import; |
138 | OSSL_FUNC_keymgmt_import_types_fn *import_types; | |
139 | OSSL_FUNC_keymgmt_export_fn *export; | |
140 | OSSL_FUNC_keymgmt_export_types_fn *export_types; | |
141 | OSSL_FUNC_keymgmt_copy_fn *copy; | |
a94a3e0d RL |
142 | } /* EVP_KEYMGMT */ ; |
143 | ||
ff64702b | 144 | struct evp_keyexch_st { |
f7c16d48 | 145 | int name_id; |
ff64702b MC |
146 | OSSL_PROVIDER *prov; |
147 | CRYPTO_REF_COUNT refcnt; | |
148 | CRYPTO_RWLOCK *lock; | |
149 | ||
363b1e5d DMSP |
150 | OSSL_FUNC_keyexch_newctx_fn *newctx; |
151 | OSSL_FUNC_keyexch_init_fn *init; | |
152 | OSSL_FUNC_keyexch_set_peer_fn *set_peer; | |
153 | OSSL_FUNC_keyexch_derive_fn *derive; | |
154 | OSSL_FUNC_keyexch_freectx_fn *freectx; | |
155 | OSSL_FUNC_keyexch_dupctx_fn *dupctx; | |
156 | OSSL_FUNC_keyexch_set_ctx_params_fn *set_ctx_params; | |
157 | OSSL_FUNC_keyexch_settable_ctx_params_fn *settable_ctx_params; | |
158 | OSSL_FUNC_keyexch_get_ctx_params_fn *get_ctx_params; | |
159 | OSSL_FUNC_keyexch_gettable_ctx_params_fn *gettable_ctx_params; | |
ff64702b MC |
160 | } /* EVP_KEYEXCH */; |
161 | ||
dfcb5d29 | 162 | struct evp_signature_st { |
f7c16d48 | 163 | int name_id; |
dfcb5d29 MC |
164 | OSSL_PROVIDER *prov; |
165 | CRYPTO_REF_COUNT refcnt; | |
166 | CRYPTO_RWLOCK *lock; | |
167 | ||
363b1e5d DMSP |
168 | OSSL_FUNC_signature_newctx_fn *newctx; |
169 | OSSL_FUNC_signature_sign_init_fn *sign_init; | |
170 | OSSL_FUNC_signature_sign_fn *sign; | |
171 | OSSL_FUNC_signature_verify_init_fn *verify_init; | |
172 | OSSL_FUNC_signature_verify_fn *verify; | |
173 | OSSL_FUNC_signature_verify_recover_init_fn *verify_recover_init; | |
174 | OSSL_FUNC_signature_verify_recover_fn *verify_recover; | |
175 | OSSL_FUNC_signature_digest_sign_init_fn *digest_sign_init; | |
176 | OSSL_FUNC_signature_digest_sign_update_fn *digest_sign_update; | |
177 | OSSL_FUNC_signature_digest_sign_final_fn *digest_sign_final; | |
178 | OSSL_FUNC_signature_digest_sign_fn *digest_sign; | |
179 | OSSL_FUNC_signature_digest_verify_init_fn *digest_verify_init; | |
180 | OSSL_FUNC_signature_digest_verify_update_fn *digest_verify_update; | |
181 | OSSL_FUNC_signature_digest_verify_final_fn *digest_verify_final; | |
182 | OSSL_FUNC_signature_digest_verify_fn *digest_verify; | |
183 | OSSL_FUNC_signature_freectx_fn *freectx; | |
184 | OSSL_FUNC_signature_dupctx_fn *dupctx; | |
185 | OSSL_FUNC_signature_get_ctx_params_fn *get_ctx_params; | |
186 | OSSL_FUNC_signature_gettable_ctx_params_fn *gettable_ctx_params; | |
187 | OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params; | |
188 | OSSL_FUNC_signature_settable_ctx_params_fn *settable_ctx_params; | |
189 | OSSL_FUNC_signature_get_ctx_md_params_fn *get_ctx_md_params; | |
190 | OSSL_FUNC_signature_gettable_ctx_md_params_fn *gettable_ctx_md_params; | |
191 | OSSL_FUNC_signature_set_ctx_md_params_fn *set_ctx_md_params; | |
192 | OSSL_FUNC_signature_settable_ctx_md_params_fn *settable_ctx_md_params; | |
dfcb5d29 MC |
193 | } /* EVP_SIGNATURE */; |
194 | ||
2c938e2e MC |
195 | struct evp_asym_cipher_st { |
196 | int name_id; | |
197 | OSSL_PROVIDER *prov; | |
198 | CRYPTO_REF_COUNT refcnt; | |
199 | CRYPTO_RWLOCK *lock; | |
200 | ||
363b1e5d DMSP |
201 | OSSL_FUNC_asym_cipher_newctx_fn *newctx; |
202 | OSSL_FUNC_asym_cipher_encrypt_init_fn *encrypt_init; | |
203 | OSSL_FUNC_asym_cipher_encrypt_fn *encrypt; | |
204 | OSSL_FUNC_asym_cipher_decrypt_init_fn *decrypt_init; | |
205 | OSSL_FUNC_asym_cipher_decrypt_fn *decrypt; | |
206 | OSSL_FUNC_asym_cipher_freectx_fn *freectx; | |
207 | OSSL_FUNC_asym_cipher_dupctx_fn *dupctx; | |
208 | OSSL_FUNC_asym_cipher_get_ctx_params_fn *get_ctx_params; | |
209 | OSSL_FUNC_asym_cipher_gettable_ctx_params_fn *gettable_ctx_params; | |
210 | OSSL_FUNC_asym_cipher_set_ctx_params_fn *set_ctx_params; | |
211 | OSSL_FUNC_asym_cipher_settable_ctx_params_fn *settable_ctx_params; | |
2c938e2e MC |
212 | } /* EVP_ASYM_CIPHER */; |
213 | ||
0f113f3e MC |
214 | int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, |
215 | int passlen, ASN1_TYPE *param, | |
216 | const EVP_CIPHER *c, const EVP_MD *md, | |
217 | int en_de); | |
a0be4fd1 RL |
218 | |
219 | struct evp_Encode_Ctx_st { | |
220 | /* number saved in a partial encode/decode */ | |
221 | int num; | |
222 | /* | |
223 | * The length is either the output line length (in input bytes) or the | |
224 | * shortest input line length that is ok. Once decoding begins, the | |
225 | * length is adjusted up each time a longer line is decoded | |
226 | */ | |
227 | int length; | |
228 | /* data to encode */ | |
229 | unsigned char enc_data[80]; | |
230 | /* number read on current line */ | |
231 | int line_num; | |
c0804614 | 232 | unsigned int flags; |
a0be4fd1 | 233 | }; |
4a1f3f27 DSH |
234 | |
235 | typedef struct evp_pbe_st EVP_PBE_CTL; | |
236 | DEFINE_STACK_OF(EVP_PBE_CTL) | |
7141ba31 MC |
237 | |
238 | int is_partially_overlapping(const void *ptr1, const void *ptr2, int len); | |
c13d2ab4 | 239 | |
50cd4768 | 240 | #include <openssl/types.h> |
c13d2ab4 RL |
241 | #include <openssl/core.h> |
242 | ||
243 | void *evp_generic_fetch(OPENSSL_CTX *ctx, int operation_id, | |
f7c16d48 RL |
244 | const char *name, const char *properties, |
245 | void *(*new_method)(int name_id, | |
6b9e3724 | 246 | const OSSL_DISPATCH *fns, |
0ddf74bf | 247 | OSSL_PROVIDER *prov), |
7c95390e | 248 | int (*up_ref_method)(void *), |
0211740f | 249 | void (*free_method)(void *)); |
f7c16d48 RL |
250 | void *evp_generic_fetch_by_number(OPENSSL_CTX *ctx, int operation_id, |
251 | int name_id, const char *properties, | |
252 | void *(*new_method)(int name_id, | |
253 | const OSSL_DISPATCH *fns, | |
0ddf74bf | 254 | OSSL_PROVIDER *prov), |
f7c16d48 RL |
255 | int (*up_ref_method)(void *), |
256 | void (*free_method)(void *)); | |
3d96a51c RL |
257 | void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id, |
258 | void (*user_fn)(void *method, void *arg), | |
259 | void *user_arg, | |
f7c16d48 | 260 | void *(*new_method)(int name_id, |
3d96a51c | 261 | const OSSL_DISPATCH *fns, |
0ddf74bf | 262 | OSSL_PROVIDER *prov), |
3d96a51c | 263 | void (*free_method)(void *)); |
13273237 | 264 | |
f7c16d48 RL |
265 | /* Internal fetchers for method types that are to be combined with others */ |
266 | EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id, | |
267 | const char *properties); | |
268 | ||
3fd70262 RL |
269 | /* Internal structure constructors for fetched methods */ |
270 | EVP_MD *evp_md_new(void); | |
550f974a | 271 | EVP_CIPHER *evp_cipher_new(void); |
3fd70262 | 272 | |
13273237 RL |
273 | /* Helper functions to avoid duplicating code */ |
274 | ||
275 | /* | |
459b15d4 | 276 | * These methods implement different ways to pass a params array to the |
13273237 RL |
277 | * provider. They will return one of these values: |
278 | * | |
279 | * -2 if the method doesn't come from a provider | |
280 | * (evp_do_param will return this to the called) | |
281 | * -1 if the provider doesn't offer the desired function | |
282 | * (evp_do_param will raise an error and return 0) | |
283 | * or the return value from the desired function | |
284 | * (evp_do_param will return it to the caller) | |
285 | */ | |
459b15d4 SL |
286 | int evp_do_ciph_getparams(const EVP_CIPHER *ciph, OSSL_PARAM params[]); |
287 | int evp_do_ciph_ctx_getparams(const EVP_CIPHER *ciph, void *provctx, | |
13273237 | 288 | OSSL_PARAM params[]); |
459b15d4 | 289 | int evp_do_ciph_ctx_setparams(const EVP_CIPHER *ciph, void *provctx, |
13273237 | 290 | OSSL_PARAM params[]); |
6a3b7c68 RL |
291 | int evp_do_md_getparams(const EVP_MD *md, OSSL_PARAM params[]); |
292 | int evp_do_md_ctx_getparams(const EVP_MD *md, void *provctx, | |
293 | OSSL_PARAM params[]); | |
294 | int evp_do_md_ctx_setparams(const EVP_MD *md, void *provctx, | |
295 | OSSL_PARAM params[]); | |
ff64702b MC |
296 | |
297 | OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz); | |
298 | ||
299 | #define M_check_autoarg(ctx, arg, arglen, err) \ | |
300 | if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \ | |
301 | size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \ | |
302 | \ | |
303 | if (pksize == 0) { \ | |
51ba9ebd | 304 | ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \ |
ff64702b MC |
305 | return 0; \ |
306 | } \ | |
307 | if (arg == NULL) { \ | |
308 | *arglen = pksize; \ | |
309 | return 1; \ | |
310 | } \ | |
311 | if (*arglen < pksize) { \ | |
51ba9ebd | 312 | ERR_raise(ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \ |
ff64702b MC |
313 | return 0; \ |
314 | } \ | |
315 | } | |
864b89ce MC |
316 | |
317 | void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx); | |
f7c16d48 RL |
318 | |
319 | /* OSSL_PROVIDER * is only used to get the library context */ | |
3f7ce7f1 | 320 | const char *evp_first_name(const OSSL_PROVIDER *prov, int name_id); |
e4a1d023 RL |
321 | int evp_is_a(OSSL_PROVIDER *prov, int number, |
322 | const char *legacy_name, const char *name); | |
f651c727 RL |
323 | void evp_names_do_all(OSSL_PROVIDER *prov, int number, |
324 | void (*fn)(const char *name, void *data), | |
325 | void *data); | |
3c957bcd | 326 | int evp_cipher_cache_constants(EVP_CIPHER *cipher); |