[thirdparty/openssl.git] / crypto / include / internal / evp_int.h

/*
 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
 * 2015.
 */
/* ====================================================================
 * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

struct evp_pkey_ctx_st {
    /* Method associated with this operation */
    const EVP_PKEY_METHOD *pmeth;
    /* Engine that implements this method or NULL if builtin */
    ENGINE *engine;
    /* Key: may be NULL */
    EVP_PKEY *pkey;
    /* Peer key for key agreement, may be NULL */
    EVP_PKEY *peerkey;
    /* Actual operation */
    int operation;
    /* Algorithm specific data */
    void *data;
    /* Application specific data */
    void *app_data;
    /* Keygen callback */
    EVP_PKEY_gen_cb *pkey_gencb;
    /* implementation specific keygen data */
    int *keygen_info;
    int keygen_info_count;
} /* EVP_PKEY_CTX */ ;

#define EVP_PKEY_FLAG_DYNAMIC   1

struct evp_pkey_method_st {
    int pkey_id;
    int flags;
    int (*init) (EVP_PKEY_CTX *ctx);
    int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
    void (*cleanup) (EVP_PKEY_CTX *ctx);
    int (*paramgen_init) (EVP_PKEY_CTX *ctx);
    int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
    int (*keygen_init) (EVP_PKEY_CTX *ctx);
    int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
    int (*sign_init) (EVP_PKEY_CTX *ctx);
    int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                 const unsigned char *tbs, size_t tbslen);
    int (*verify_init) (EVP_PKEY_CTX *ctx);
    int (*verify) (EVP_PKEY_CTX *ctx,
                   const unsigned char *sig, size_t siglen,
                   const unsigned char *tbs, size_t tbslen);
    int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
    int (*verify_recover) (EVP_PKEY_CTX *ctx,
                           unsigned char *rout, size_t *routlen,
                           const unsigned char *sig, size_t siglen);
    int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
    int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                    EVP_MD_CTX *mctx);
    int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
    int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
                      EVP_MD_CTX *mctx);
    int (*encrypt_init) (EVP_PKEY_CTX *ctx);
    int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
                    const unsigned char *in, size_t inlen);
    int (*decrypt_init) (EVP_PKEY_CTX *ctx);
    int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
                    const unsigned char *in, size_t inlen);
    int (*derive_init) (EVP_PKEY_CTX *ctx);
    int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
    int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
    int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
} /* EVP_PKEY_METHOD */ ;

DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)

void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);

extern const EVP_PKEY_METHOD cmac_pkey_meth;
extern const EVP_PKEY_METHOD dh_pkey_meth;
extern const EVP_PKEY_METHOD dhx_pkey_meth;
extern const EVP_PKEY_METHOD dsa_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth;
extern const EVP_PKEY_METHOD hmac_pkey_meth;
extern const EVP_PKEY_METHOD rsa_pkey_meth;
extern const EVP_PKEY_METHOD tls1_prf_pkey_meth;
extern const EVP_PKEY_METHOD hkdf_pkey_meth;

struct evp_md_st {
    int type;
    int pkey_type;
    int md_size;
    unsigned long flags;
    int (*init) (EVP_MD_CTX *ctx);
    int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
    int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
    int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
    int (*cleanup) (EVP_MD_CTX *ctx);
    int block_size;
    int ctx_size;               /* how big does the ctx->md_data need to be */
    /* control function */
    int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
} /* EVP_MD */ ;

struct evp_cipher_st {
    int nid;
    int block_size;
    /* Default value for variable length ciphers */
    int key_len;
    int iv_len;
    /* Various flags */
    unsigned long flags;
    /* init key */
    int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
                 const unsigned char *iv, int enc);
    /* encrypt/decrypt data */
    int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
                      const unsigned char *in, size_t inl);
    /* cleanup ctx */
    int (*cleanup) (EVP_CIPHER_CTX *);
    /* how big ctx->cipher_data needs to be */
    int ctx_size;
    /* Populate a ASN1_TYPE with parameters */
    int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
    /* Get parameters from a ASN1_TYPE */
    int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
    /* Miscellaneous operations */
    int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
    /* Application data */
    void *app_data;
} /* EVP_CIPHER */ ;

/* Macros to code block cipher wrappers */

/* Wrapper functions for each cipher mode */

#define EVP_C_DATA(kstruct, ctx)   ((kstruct *)EVP_CIPHER_CTX_cipher_data(ctx))

#define BLOCK_CIPHER_ecb_loop() \
        size_t i, bl; \
        bl = EVP_CIPHER_CTX_cipher(ctx)->block_size;    \
        if(inl < bl) return 1;\
        inl -= bl; \
        for(i=0; i <= inl; i+=bl)

#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
        BLOCK_CIPHER_ecb_loop() \
            cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
        return 1;\
}

#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))

#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
    static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
        while(inl>=EVP_MAXCHUNK) {\
            int num = EVP_CIPHER_CTX_num(ctx);\
            cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
            EVP_CIPHER_CTX_set_num(ctx, num);\
            inl-=EVP_MAXCHUNK;\
            in +=EVP_MAXCHUNK;\
            out+=EVP_MAXCHUNK;\
        }\
        if (inl) {\
            int num = EVP_CIPHER_CTX_num(ctx);\
            cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
            EVP_CIPHER_CTX_set_num(ctx, num);\
        }\
        return 1;\
}

#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
        while(inl>=EVP_MAXCHUNK) \
            {\
            cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
            inl-=EVP_MAXCHUNK;\
            in +=EVP_MAXCHUNK;\
            out+=EVP_MAXCHUNK;\
            }\
        if (inl)\
            cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
        return 1;\
}

#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched)  \
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
        size_t chunk=EVP_MAXCHUNK;\
        if (cbits==1)  chunk>>=3;\
        if (inl<chunk) chunk=inl;\
        while(inl && inl>=chunk)\
            {\
            int num = EVP_CIPHER_CTX_num(ctx);\
            cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx)); \
            EVP_CIPHER_CTX_set_num(ctx, num);\
            inl-=chunk;\
            in +=chunk;\
            out+=chunk;\
            if(inl<chunk) chunk=inl;\
            }\
        return 1;\
}

#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
        BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
        BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
        BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
        BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)

#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
                          key_len, iv_len, flags, init_key, cleanup, \
                          set_asn1, get_asn1, ctrl) \
static const EVP_CIPHER cname##_##mode = { \
        nid##_##nmode, block_size, key_len, iv_len, \
        flags | EVP_CIPH_##MODE##_MODE, \
        init_key, \
        cname##_##mode##_cipher, \
        cleanup, \
        sizeof(kstruct), \
        set_asn1, get_asn1,\
        ctrl, \
        NULL \
}; \
const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }

#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
                             iv_len, flags, init_key, cleanup, set_asn1, \
                             get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
                  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)

#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
                             iv_len, cbits, flags, init_key, cleanup, \
                             set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
                  get_asn1, ctrl)

#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
                             iv_len, cbits, flags, init_key, cleanup, \
                             set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
                  get_asn1, ctrl)

#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
                             flags, init_key, cleanup, set_asn1, \
                             get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
                  0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)

#define BLOCK_CIPHER_defs(cname, kstruct, \
                          nid, block_size, key_len, iv_len, cbits, flags, \
                          init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
                     init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
                     init_key, cleanup, set_asn1, get_asn1, ctrl)

/*-
#define BLOCK_CIPHER_defs(cname, kstruct, \
                                nid, block_size, key_len, iv_len, flags,\
                                 init_key, cleanup, set_asn1, get_asn1, ctrl)\
static const EVP_CIPHER cname##_cbc = {\
        nid##_cbc, block_size, key_len, iv_len, \
        flags | EVP_CIPH_CBC_MODE,\
        init_key,\
        cname##_cbc_cipher,\
        cleanup,\
        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
        set_asn1, get_asn1,\
        ctrl, \
        NULL \
};\
const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
static const EVP_CIPHER cname##_cfb = {\
        nid##_cfb64, 1, key_len, iv_len, \
        flags | EVP_CIPH_CFB_MODE,\
        init_key,\
        cname##_cfb_cipher,\
        cleanup,\
        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
        set_asn1, get_asn1,\
        ctrl,\
        NULL \
};\
const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
static const EVP_CIPHER cname##_ofb = {\
        nid##_ofb64, 1, key_len, iv_len, \
        flags | EVP_CIPH_OFB_MODE,\
        init_key,\
        cname##_ofb_cipher,\
        cleanup,\
        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
        set_asn1, get_asn1,\
        ctrl,\
        NULL \
};\
const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
static const EVP_CIPHER cname##_ecb = {\
        nid##_ecb, block_size, key_len, iv_len, \
        flags | EVP_CIPH_ECB_MODE,\
        init_key,\
        cname##_ecb_cipher,\
        cleanup,\
        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
        set_asn1, get_asn1,\
        ctrl,\
        NULL \
};\
const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
*/

#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
                               block_size, key_len, iv_len, cbits, \
                               flags, init_key, \
                               cleanup, set_asn1, get_asn1, ctrl) \
        BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
        BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
                          cbits, flags, init_key, cleanup, set_asn1, \
                          get_asn1, ctrl)

#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
        BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
        BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
                             NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
                             (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
                             cipher##_init_key, NULL, NULL, NULL, NULL)


/*
 * Type needs to be a bit field Sub-type needs to be for variations on the
 * method, as in, can it do arbitrary encryption....
 */
struct evp_pkey_st {
    int type;
    int save_type;
    int references;
    const EVP_PKEY_ASN1_METHOD *ameth;
    ENGINE *engine;
    union {
        char *ptr;
# ifndef OPENSSL_NO_RSA
        struct rsa_st *rsa;     /* RSA */
# endif
# ifndef OPENSSL_NO_DSA
        struct dsa_st *dsa;     /* DSA */
# endif
# ifndef OPENSSL_NO_DH
        struct dh_st *dh;       /* DH */
# endif
# ifndef OPENSSL_NO_EC
        struct ec_key_st *ec;   /* ECC */
# endif
    } pkey;
    int save_parameters;
    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
} /* EVP_PKEY */ ;


void openssl_add_all_ciphers_internal(void);
void openssl_add_all_digests_internal(void);
Commit	Line	Data
27af42f9 DSH	1	/*
	2	* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
	3	* 2015.
	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 2015 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	struct evp_pkey_ctx_st {
	60	/* Method associated with this operation */
	61	const EVP_PKEY_METHOD *pmeth;
	62	/* Engine that implements this method or NULL if builtin */
	63	ENGINE *engine;
	64	/* Key: may be NULL */
65	EVP_PKEY *pkey;
66	/* Peer key for key agreement, may be NULL */
67	EVP_PKEY *peerkey;
68	/* Actual operation */
69	int operation;
70	/* Algorithm specific data */
71	void *data;
72	/* Application specific data */
73	void *app_data;
74	/* Keygen callback */
75	EVP_PKEY_gen_cb *pkey_gencb;
76	/* implementation specific keygen data */
77	int *keygen_info;
78	int keygen_info_count;
79	} /* EVP_PKEY_CTX */ ;
80
81	#define EVP_PKEY_FLAG_DYNAMIC 1
82
83	struct evp_pkey_method_st {
84	int pkey_id;
85	int flags;
86	int (init) (EVP_PKEY_CTX ctx);
87	int (copy) (EVP_PKEY_CTX dst, EVP_PKEY_CTX *src);
88	void (cleanup) (EVP_PKEY_CTX ctx);
89	int (paramgen_init) (EVP_PKEY_CTX ctx);
90	int (paramgen) (EVP_PKEY_CTX ctx, EVP_PKEY *pkey);
91	int (keygen_init) (EVP_PKEY_CTX ctx);
92	int (keygen) (EVP_PKEY_CTX ctx, EVP_PKEY *pkey);
93	int (sign_init) (EVP_PKEY_CTX ctx);
94	int (sign) (EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen,
95	const unsigned char *tbs, size_t tbslen);
96	int (verify_init) (EVP_PKEY_CTX ctx);
97	int (verify) (EVP_PKEY_CTX ctx,
98	const unsigned char *sig, size_t siglen,
99	const unsigned char *tbs, size_t tbslen);
100	int (verify_recover_init) (EVP_PKEY_CTX ctx);
101	int (verify_recover) (EVP_PKEY_CTX ctx,
102	unsigned char rout, size_t routlen,
103	const unsigned char *sig, size_t siglen);
104	int (signctx_init) (EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx);
105	int (signctx) (EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen,
106	EVP_MD_CTX *mctx);
107	int (verifyctx_init) (EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx);
108	int (verifyctx) (EVP_PKEY_CTX ctx, const unsigned char *sig, int siglen,
109	EVP_MD_CTX *mctx);
110	int (encrypt_init) (EVP_PKEY_CTX ctx);
111	int (encrypt) (EVP_PKEY_CTX ctx, unsigned char out, size_t outlen,
112	const unsigned char *in, size_t inlen);
113	int (decrypt_init) (EVP_PKEY_CTX ctx);
114	int (decrypt) (EVP_PKEY_CTX ctx, unsigned char out, size_t outlen,
115	const unsigned char *in, size_t inlen);
116	int (derive_init) (EVP_PKEY_CTX ctx);
117	int (derive) (EVP_PKEY_CTX ctx, unsigned char key, size_t keylen);
118	int (ctrl) (EVP_PKEY_CTX ctx, int type, int p1, void *p2);
119	int (ctrl_str) (EVP_PKEY_CTX ctx, const char type, const char value);
120	} /* EVP_PKEY_METHOD */ ;
121
a8eba56e	122	DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
4a1f3f27	123
27af42f9	124	void evp_pkey_set_cb_translate(BN_GENCB cb, EVP_PKEY_CTX ctx);
8f463dbd DSH	125
	126	extern const EVP_PKEY_METHOD cmac_pkey_meth;
	127	extern const EVP_PKEY_METHOD dh_pkey_meth;
	128	extern const EVP_PKEY_METHOD dhx_pkey_meth;
	129	extern const EVP_PKEY_METHOD dsa_pkey_meth;
	130	extern const EVP_PKEY_METHOD ec_pkey_meth;
	131	extern const EVP_PKEY_METHOD hmac_pkey_meth;
	132	extern const EVP_PKEY_METHOD rsa_pkey_meth;
1eff3485	133	extern const EVP_PKEY_METHOD tls1_prf_pkey_meth;
aacfb134	134	extern const EVP_PKEY_METHOD hkdf_pkey_meth;
2db6bf6f RL	135
	136	struct evp_md_st {
	137	int type;
	138	int pkey_type;
	139	int md_size;
	140	unsigned long flags;
	141	int (init) (EVP_MD_CTX ctx);
	142	int (update) (EVP_MD_CTX ctx, const void *data, size_t count);
	143	int (final) (EVP_MD_CTX ctx, unsigned char *md);
	144	int (copy) (EVP_MD_CTX to, const EVP_MD_CTX *from);
	145	int (cleanup) (EVP_MD_CTX ctx);
	146	int block_size;
	147	int ctx_size; /* how big does the ctx->md_data need to be */
	148	/* control function */
	149	int (md_ctrl) (EVP_MD_CTX ctx, int cmd, int p1, void *p2);
	150	} /* EVP_MD */ ;
	151
e79f8773 RL	152	struct evp_cipher_st {
	153	int nid;
	154	int block_size;
	155	/* Default value for variable length ciphers */
	156	int key_len;
	157	int iv_len;
	158	/* Various flags */
	159	unsigned long flags;
	160	/* init key */
	161	int (init) (EVP_CIPHER_CTX ctx, const unsigned char *key,
	162	const unsigned char *iv, int enc);
	163	/* encrypt/decrypt data */
	164	int (do_cipher) (EVP_CIPHER_CTX ctx, unsigned char *out,
	165	const unsigned char *in, size_t inl);
	166	/* cleanup ctx */
	167	int (cleanup) (EVP_CIPHER_CTX );
	168	/* how big ctx->cipher_data needs to be */
	169	int ctx_size;
	170	/* Populate a ASN1_TYPE with parameters */
	171	int (set_asn1_parameters) (EVP_CIPHER_CTX , ASN1_TYPE *);
	172	/* Get parameters from a ASN1_TYPE */
	173	int (get_asn1_parameters) (EVP_CIPHER_CTX , ASN1_TYPE *);
	174	/* Miscellaneous operations */
	175	int (ctrl) (EVP_CIPHER_CTX , int type, int arg, void *ptr);
	176	/* Application data */
	177	void *app_data;
	178	} /* EVP_CIPHER */ ;
	179
	180	/* Macros to code block cipher wrappers */
	181
	182	/* Wrapper functions for each cipher mode */
	183
	184	#define EVP_C_DATA(kstruct, ctx) ((kstruct *)EVP_CIPHER_CTX_cipher_data(ctx))
	185
	186	#define BLOCK_CIPHER_ecb_loop() \
	187	size_t i, bl; \
	188	bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
	189	if(inl < bl) return 1;\
	190	inl -= bl; \
	191	for(i=0; i <= inl; i+=bl)
	192
	193	#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
	194	static int cname##_ecb_cipher(EVP_CIPHER_CTX ctx, unsigned char out, const unsigned char *in, size_t inl) \
	195	{\
	196	BLOCK_CIPHER_ecb_loop() \
	197	cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
	198	return 1;\
	199	}
	200
	201	#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
	202
	203	#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
	204	static int cname##_ofb_cipher(EVP_CIPHER_CTX ctx, unsigned char out, const unsigned char *in, size_t inl) \
	205	{\
	206	while(inl>=EVP_MAXCHUNK) {\
	207	int num = EVP_CIPHER_CTX_num(ctx);\
	208	cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
	209	EVP_CIPHER_CTX_set_num(ctx, num);\
	210	inl-=EVP_MAXCHUNK;\
	211	in +=EVP_MAXCHUNK;\
	212	out+=EVP_MAXCHUNK;\
	213	}\
	214	if (inl) {\
	215	int num = EVP_CIPHER_CTX_num(ctx);\
216	cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
217	EVP_CIPHER_CTX_set_num(ctx, num);\
218	}\
219	return 1;\
220	}
221
222	#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
223	static int cname##_cbc_cipher(EVP_CIPHER_CTX ctx, unsigned char out, const unsigned char *in, size_t inl) \
224	{\
225	while(inl>=EVP_MAXCHUNK) \
226	{\
227	cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
228	inl-=EVP_MAXCHUNK;\
229	in +=EVP_MAXCHUNK;\
230	out+=EVP_MAXCHUNK;\
231	}\
232	if (inl)\
233	cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
234	return 1;\
235	}
236
237	#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
238	static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX ctx, unsigned char out, const unsigned char *in, size_t inl) \
239	{\
240	size_t chunk=EVP_MAXCHUNK;\
241	if (cbits==1) chunk>>=3;\
242	if (inl<chunk) chunk=inl;\
243	while(inl && inl>=chunk)\
244	{\
245	int num = EVP_CIPHER_CTX_num(ctx);\
246	cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx)); \
247	EVP_CIPHER_CTX_set_num(ctx, num);\
248	inl-=chunk;\
249	in +=chunk;\
250	out+=chunk;\
251	if(inl<chunk) chunk=inl;\
252	}\
253	return 1;\
254	}
255
256	#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
257	BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
258	BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
259	BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
260	BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
261
262	#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
263	key_len, iv_len, flags, init_key, cleanup, \
264	set_asn1, get_asn1, ctrl) \
265	static const EVP_CIPHER cname##_##mode = { \
266	nid##_##nmode, block_size, key_len, iv_len, \
267	flags \| EVP_CIPH_##MODE##_MODE, \
268	init_key, \
269	cname##_##mode##_cipher, \
270	cleanup, \
271	sizeof(kstruct), \
272	set_asn1, get_asn1,\
273	ctrl, \
274	NULL \
275	}; \
276	const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
277
278	#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
279	iv_len, flags, init_key, cleanup, set_asn1, \
280	get_asn1, ctrl) \
281	BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
282	iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
283
284	#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
285	iv_len, cbits, flags, init_key, cleanup, \
286	set_asn1, get_asn1, ctrl) \
287	BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
288	key_len, iv_len, flags, init_key, cleanup, set_asn1, \
289	get_asn1, ctrl)
290
291	#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
292	iv_len, cbits, flags, init_key, cleanup, \
293	set_asn1, get_asn1, ctrl) \
294	BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
295	key_len, iv_len, flags, init_key, cleanup, set_asn1, \
296	get_asn1, ctrl)
297
298	#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
299	flags, init_key, cleanup, set_asn1, \
300	get_asn1, ctrl) \
301	BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
302	0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
303
304	#define BLOCK_CIPHER_defs(cname, kstruct, \
305	nid, block_size, key_len, iv_len, cbits, flags, \
306	init_key, cleanup, set_asn1, get_asn1, ctrl) \
307	BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
308	init_key, cleanup, set_asn1, get_asn1, ctrl) \
309	BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
310	flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
311	BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
312	flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
313	BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
314	init_key, cleanup, set_asn1, get_asn1, ctrl)
315
316	/*-
317	#define BLOCK_CIPHER_defs(cname, kstruct, \
318	nid, block_size, key_len, iv_len, flags,\
319	init_key, cleanup, set_asn1, get_asn1, ctrl)\
320	static const EVP_CIPHER cname##_cbc = {\
321	nid##_cbc, block_size, key_len, iv_len, \
322	flags \| EVP_CIPH_CBC_MODE,\
323	init_key,\
324	cname##_cbc_cipher,\
325	cleanup,\
326	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
327	sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
328	set_asn1, get_asn1,\
329	ctrl, \
330	NULL \
331	};\
332	const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
333	static const EVP_CIPHER cname##_cfb = {\
334	nid##_cfb64, 1, key_len, iv_len, \
335	flags \| EVP_CIPH_CFB_MODE,\
336	init_key,\
337	cname##_cfb_cipher,\
338	cleanup,\
339	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
340	sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
341	set_asn1, get_asn1,\
342	ctrl,\
343	NULL \
344	};\
345	const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
346	static const EVP_CIPHER cname##_ofb = {\
347	nid##_ofb64, 1, key_len, iv_len, \
348	flags \| EVP_CIPH_OFB_MODE,\
349	init_key,\
350	cname##_ofb_cipher,\
351	cleanup,\
352	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
353	sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
354	set_asn1, get_asn1,\
355	ctrl,\
356	NULL \
357	};\
358	const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
359	static const EVP_CIPHER cname##_ecb = {\
360	nid##_ecb, block_size, key_len, iv_len, \
361	flags \| EVP_CIPH_ECB_MODE,\
362	init_key,\
363	cname##_ecb_cipher,\
364	cleanup,\
365	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
366	sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
367	set_asn1, get_asn1,\
368	ctrl,\
369	NULL \
370	};\
371	const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
372	*/
373
374	#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
375	block_size, key_len, iv_len, cbits, \
376	flags, init_key, \
377	cleanup, set_asn1, get_asn1, ctrl) \
378	BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
379	BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
380	cbits, flags, init_key, cleanup, set_asn1, \
381	get_asn1, ctrl)
382
383	#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
384	BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
385	BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
386	NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
387	(fl)\|EVP_CIPH_FLAG_DEFAULT_ASN1, \
388	cipher##_init_key, NULL, NULL, NULL, NULL)
389
3aeb9348 DSH	390
	391	/*
	392	* Type needs to be a bit field Sub-type needs to be for variations on the
	393	* method, as in, can it do arbitrary encryption....
	394	*/
	395	struct evp_pkey_st {
	396	int type;
	397	int save_type;
	398	int references;
	399	const EVP_PKEY_ASN1_METHOD *ameth;
	400	ENGINE *engine;
	401	union {
	402	char *ptr;
	403	# ifndef OPENSSL_NO_RSA
	404	struct rsa_st rsa; / RSA */
	405	# endif
	406	# ifndef OPENSSL_NO_DSA
	407	struct dsa_st dsa; / DSA */
	408	# endif
	409	# ifndef OPENSSL_NO_DH
	410	struct dh_st dh; / DH */
	411	# endif
	412	# ifndef OPENSSL_NO_EC
	413	struct ec_key_st ec; / ECC */
	414	# endif
	415	} pkey;
	416	int save_parameters;
	417	STACK_OF(X509_ATTRIBUTE) attributes; / [ 0 ] */
	418	} /* EVP_PKEY */ ;
7b9f8f7f MC	419
	420
	421	void openssl_add_all_ciphers_internal(void);
	422	void openssl_add_all_digests_internal(void);