]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/evp/evp_enc.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix check of EVP_CIPHER_CTX_ctrl
[thirdparty/openssl.git] / crypto / evp / evp_enc.c
CommitLineData
62867571 1/*
fecb3aae 2 * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6 3 *
4a8b0c55 4 * Licensed under the Apache License 2.0 (the "License"). You may not use
62867571
RS		 5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
d02b48c6
RE		 8 */
9
e4468e6d
P		 10/* We need to use some engine deprecated APIs */
11#define OPENSSL_SUPPRESS_DEPRECATED
12
d02b48c6 13#include <stdio.h>
c9fb704c 14#include <limits.h>
c3a73daf 15#include <assert.h>
ec577822 16#include <openssl/evp.h>
7f060601 17#include <openssl/err.h>
3a87a9b9 18#include <openssl/rand.h>
3f773c91
TM		 19#ifndef FIPS_MODULE
20# include <openssl/engine.h>
21#endif
df05f2ce
MC		 22#include <openssl/params.h>
23#include <openssl/core_names.h>
6c9bc258 24#include "internal/cryptlib.h"
df05f2ce 25#include "internal/provider.h"
6c9bc258 26#include "internal/core.h"
330ff7e6 27#include "internal/safe_math.h"
6c9bc258 28#include "crypto/evp.h"
706457b7 29#include "evp_local.h"
d02b48c6 30
330ff7e6
P		 31OSSL_SAFE_MATH_SIGNED(int, int)
32
df05f2ce 33int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
0f113f3e 34{
df05f2ce 35 if (ctx == NULL)
8baf9968 36 return 1;
df05f2ce
MC		 37
38 if (ctx->cipher == NULL || ctx->cipher->prov == NULL)
39 goto legacy;
40
7c14d0c1 41 if (ctx->algctx != NULL) {
df05f2ce 42 if (ctx->cipher->freectx != NULL)
7c14d0c1
SL		 43 ctx->cipher->freectx(ctx->algctx);
44 ctx->algctx = NULL;
df05f2ce
MC		 45 }
46 if (ctx->fetched_cipher != NULL)
550f974a 47 EVP_CIPHER_free(ctx->fetched_cipher);
df05f2ce 48 memset(ctx, 0, sizeof(*ctx));
b30b45b7 49 ctx->iv_len = -1;
df05f2ce
MC		 50
51 return 1;
52
0be6cf0c 53 /* Remove legacy code below when legacy support is removed. */
df05f2ce
MC		 54 legacy:
55
56 if (ctx->cipher != NULL) {
57 if (ctx->cipher->cleanup && !ctx->cipher->cleanup(ctx))
8baf9968
RL		 58 return 0;
59 /* Cleanse cipher context data */
df05f2ce
MC		 60 if (ctx->cipher_data && ctx->cipher->ctx_size)
61 OPENSSL_cleanse(ctx->cipher_data, ctx->cipher->ctx_size);
8baf9968 62 }
df05f2ce 63 OPENSSL_free(ctx->cipher_data);
f844f9eb 64#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
df05f2ce 65 ENGINE_finish(ctx->engine);
8baf9968 66#endif
df05f2ce 67 memset(ctx, 0, sizeof(*ctx));
b9a2f24e 68 ctx->iv_len = -1;
8baf9968 69 return 1;
0f113f3e 70}
d02b48c6 71
b40228a6 72EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
0f113f3e 73{
b9a2f24e
HL		 74 EVP_CIPHER_CTX *ctx;
75
76 ctx = OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX));
77 if (ctx == NULL)
78 return NULL;
79
80 ctx->iv_len = -1;
81 return ctx;
8baf9968
RL		 82}
83
84void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
85{
543e740b
RS		 86 if (ctx == NULL)
87 return;
8baf9968
RL		 88 EVP_CIPHER_CTX_reset(ctx);
89 OPENSSL_free(ctx);
0f113f3e 90}
581f1c84 91
4b58d9b4
P		 92static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
93 const EVP_CIPHER *cipher,
94 ENGINE *impl, const unsigned char *key,
95 const unsigned char *iv, int enc,
96 const OSSL_PARAM params[])
0f113f3e 97{
c12bf350 98 int n;
f844f9eb 99#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
df05f2ce 100 ENGINE *tmpimpl = NULL;
319e518a 101#endif
b30b45b7 102
df05f2ce
MC		 103 /*
104 * enc == 1 means we are encrypting.
105 * enc == 0 means we are decrypting.
106 * enc == -1 means, use the previously initialised value for encrypt/decrypt
107 */
108 if (enc == -1) {
0f113f3e 109 enc = ctx->encrypt;
df05f2ce 110 } else {
0f113f3e
MC		 111 if (enc)
112 enc = 1;
113 ctx->encrypt = enc;
114 }
df05f2ce
MC		 115
116 if (cipher == NULL && ctx->cipher == NULL) {
9311d0c4 117 ERR_raise(ERR_LIB_EVP, EVP_R_NO_CIPHER_SET);
df05f2ce
MC		 118 return 0;
119 }
120
0be6cf0c 121 /* Code below to be removed when legacy support is dropped. */
df05f2ce 122
f844f9eb 123#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
0f113f3e
MC		 124 /*
125 * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
126 * this context may already have an ENGINE! Try to avoid releasing the
127 * previous handle, re-querying for an ENGINE, and having a
0d4fb843 128 * reinitialisation, when it may all be unnecessary.
0f113f3e 129 */
f6b94279 130 if (ctx->engine && ctx->cipher
a7f9e0a4 131 && (cipher == NULL || cipher->nid == ctx->cipher->nid))
0f113f3e 132 goto skip_to_init;
df05f2ce
MC		 133
134 if (cipher != NULL && impl == NULL) {
135 /* Ask if an ENGINE is reserved for this job */
136 tmpimpl = ENGINE_get_cipher_engine(cipher->nid);
137 }
0b13e9f0 138#endif
df05f2ce
MC		 139
140 /*
141 * If there are engines involved then we should use legacy handling for now.
142 */
143 if (ctx->engine != NULL
f844f9eb 144#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
319e518a
MC		 145 || tmpimpl != NULL
146#endif
147 || impl != NULL) {
df05f2ce
MC		 148 if (ctx->cipher == ctx->fetched_cipher)
149 ctx->cipher = NULL;
550f974a 150 EVP_CIPHER_free(ctx->fetched_cipher);
df05f2ce
MC		 151 ctx->fetched_cipher = NULL;
152 goto legacy;
153 }
df05f2ce
MC		 154 /*
155 * Ensure a context left lying around from last time is cleared
156 * (legacy code)
157 */
158 if (cipher != NULL && ctx->cipher != NULL) {
159 OPENSSL_clear_free(ctx->cipher_data, ctx->cipher->ctx_size);
160 ctx->cipher_data = NULL;
161 }
162
163
0be6cf0c 164 /* Start of non-legacy code below */
df05f2ce
MC		 165
166 /* Ensure a context left lying around from last time is cleared */
167 if (cipher != NULL && ctx->cipher != NULL) {
168 unsigned long flags = ctx->flags;
169
170 EVP_CIPHER_CTX_reset(ctx);
171 /* Restore encrypt and flags */
172 ctx->encrypt = enc;
173 ctx->flags = flags;
174 }
175
7f612b1f 176 if (cipher == NULL)
df05f2ce
MC		 177 cipher = ctx->cipher;
178
179 if (cipher->prov == NULL) {
f844f9eb 180#ifdef FIPS_MODULE
79c44b4e 181 /* We only do explicit fetches inside the FIPS module */
9311d0c4 182 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
319e518a
MC		 183 return 0;
184#else
185 EVP_CIPHER *provciph =
068489a2
MC		 186 EVP_CIPHER_fetch(NULL,
187 cipher->nid == NID_undef ? "NULL"
188 : OBJ_nid2sn(cipher->nid),
189 "");
319e518a 190
ec0ce188 191 if (provciph == NULL)
df05f2ce 192 return 0;
df05f2ce 193 cipher = provciph;
550f974a 194 EVP_CIPHER_free(ctx->fetched_cipher);
df05f2ce 195 ctx->fetched_cipher = provciph;
319e518a 196#endif
df05f2ce
MC		 197 }
198
aea01d13
P		 199 if (cipher->prov != NULL) {
200 if (!EVP_CIPHER_up_ref((EVP_CIPHER *)cipher)) {
201 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
202 return 0;
203 }
204 EVP_CIPHER_free(ctx->fetched_cipher);
71b7f349
P		 205 /* Coverity false positive, the reference counting is confusing it */
206 /* coverity[use_after_free] */
aea01d13
P		 207 ctx->fetched_cipher = (EVP_CIPHER *)cipher;
208 }
df05f2ce 209 ctx->cipher = cipher;
7c14d0c1
SL		 210 if (ctx->algctx == NULL) {
211 ctx->algctx = ctx->cipher->newctx(ossl_provider_ctx(cipher->prov));
212 if (ctx->algctx == NULL) {
9311d0c4 213 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
df05f2ce
MC		 214 return 0;
215 }
216 }
217
218 if ((ctx->flags & EVP_CIPH_NO_PADDING) != 0) {
0f113f3e 219 /*
df05f2ce
MC		 220 * If this ctx was already set up for no padding then we need to tell
221 * the new cipher about it.
222 */
223 if (!EVP_CIPHER_CTX_set_padding(ctx, 0))
224 return 0;
225 }
226
227 if (enc) {
228 if (ctx->cipher->einit == NULL) {
9311d0c4 229 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
df05f2ce
MC		 230 return 0;
231 }
232
7c14d0c1 233 return ctx->cipher->einit(ctx->algctx,
344cfa34 234 key,
33b40a10 235 key == NULL ? 0
ed576acd 236 : EVP_CIPHER_CTX_get_key_length(ctx),
344cfa34 237 iv,
33b40a10 238 iv == NULL ? 0
ed576acd 239 : EVP_CIPHER_CTX_get_iv_length(ctx),
4b58d9b4 240 params);
df05f2ce
MC		 241 }
242
243 if (ctx->cipher->dinit == NULL) {
9311d0c4 244 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
df05f2ce
MC		 245 return 0;
246 }
247
7c14d0c1 248 return ctx->cipher->dinit(ctx->algctx,
344cfa34 249 key,
33b40a10 250 key == NULL ? 0
ed576acd 251 : EVP_CIPHER_CTX_get_key_length(ctx),
344cfa34 252 iv,
33b40a10 253 iv == NULL ? 0
ed576acd 254 : EVP_CIPHER_CTX_get_iv_length(ctx),
4b58d9b4 255 params);
df05f2ce 256
0be6cf0c 257 /* Code below to be removed when legacy support is dropped. */
df05f2ce
MC		 258 legacy:
259
260 if (cipher != NULL) {
261 /*
262 * Ensure a context left lying around from last time is cleared (we
263 * previously attempted to avoid this if the same ENGINE and
0f113f3e
MC		 264 * EVP_CIPHER could be used).
265 */
266 if (ctx->cipher) {
267 unsigned long flags = ctx->flags;
c0ca39bd 268 EVP_CIPHER_CTX_reset(ctx);
0f113f3e
MC		 269 /* Restore encrypt and flags */
270 ctx->encrypt = enc;
271 ctx->flags = flags;
272 }
f844f9eb 273#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
df05f2ce 274 if (impl != NULL) {
0f113f3e 275 if (!ENGINE_init(impl)) {
9311d0c4 276 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
0f113f3e
MC		 277 return 0;
278 }
df05f2ce
MC		 279 } else {
280 impl = tmpimpl;
281 }
282 if (impl != NULL) {
0f113f3e
MC		 283 /* There's an ENGINE for this job ... (apparently) */
284 const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
df05f2ce
MC		 285
286 if (c == NULL) {
0f113f3e
MC		 287 /*
288 * One positive side-effect of US's export control history,
289 * is that we should at least be able to avoid using US
0d4fb843 290 * misspellings of "initialisation"?
0f113f3e 291 */
9311d0c4 292 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
0f113f3e
MC		 293 return 0;
294 }
295 /* We'll use the ENGINE's private cipher definition */
296 cipher = c;
297 /*
298 * Store the ENGINE functional reference so we know 'cipher' came
299 * from an ENGINE and we need to release it when done.
300 */
301 ctx->engine = impl;
df05f2ce 302 } else {
0f113f3e 303 ctx->engine = NULL;
df05f2ce 304 }
0b13e9f0 305#endif
544a2aea 306
0f113f3e
MC		 307 ctx->cipher = cipher;
308 if (ctx->cipher->ctx_size) {
b51bce94 309 ctx->cipher_data = OPENSSL_zalloc(ctx->cipher->ctx_size);
90945fa3 310 if (ctx->cipher_data == NULL) {
273a0218 311 ctx->cipher = NULL;
9311d0c4 312 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
0f113f3e
MC		 313 return 0;
314 }
315 } else {
316 ctx->cipher_data = NULL;
317 }
318 ctx->key_len = cipher->key_len;
319 /* Preserve wrap enable flag, zero everything else */
320 ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
321 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
d649c51a 322 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL) <= 0) {
273a0218 323 ctx->cipher = NULL;
9311d0c4 324 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
0f113f3e
MC		 325 return 0;
326 }
327 }
0f113f3e 328 }
f844f9eb 329#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
0f113f3e 330 skip_to_init:
0b13e9f0 331#endif
1702c500
P		 332 if (ctx->cipher == NULL)
333 return 0;
334
0f113f3e
MC		 335 /* we assume block size is a power of 2 in *cryptUpdate */
336 OPENSSL_assert(ctx->cipher->block_size == 1
337 || ctx->cipher->block_size == 8
338 || ctx->cipher->block_size == 16);
339
340 if (!(ctx->flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW)
ed576acd 341 && EVP_CIPHER_CTX_get_mode(ctx) == EVP_CIPH_WRAP_MODE) {
9311d0c4 342 ERR_raise(ERR_LIB_EVP, EVP_R_WRAP_MODE_NOT_ALLOWED);
0f113f3e
MC		 343 return 0;
344 }
345
ed576acd 346 if ((EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx))
f6c95e46 347 & EVP_CIPH_CUSTOM_IV) == 0) {
ed576acd 348 switch (EVP_CIPHER_CTX_get_mode(ctx)) {
0f113f3e
MC		 349
350 case EVP_CIPH_STREAM_CIPHER:
351 case EVP_CIPH_ECB_MODE:
352 break;
353
354 case EVP_CIPH_CFB_MODE:
355 case EVP_CIPH_OFB_MODE:
356
357 ctx->num = 0;
358 /* fall-through */
359
360 case EVP_CIPH_CBC_MODE:
ed576acd 361 n = EVP_CIPHER_CTX_get_iv_length(ctx);
d1592f21
P		 362 if (n < 0 || n > (int)sizeof(ctx->iv)) {
363 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
364 return 0;
365 }
cec8854c 366 if (iv != NULL)
69807ab8
P		 367 memcpy(ctx->oiv, iv, n);
368 memcpy(ctx->iv, ctx->oiv, n);
0f113f3e
MC		 369 break;
370
371 case EVP_CIPH_CTR_MODE:
372 ctx->num = 0;
373 /* Don't reuse IV for CTR mode */
cec8854c 374 if (iv != NULL) {
d1592f21
P		 375 n = EVP_CIPHER_CTX_get_iv_length(ctx);
376 if (n <= 0 || n > (int)sizeof(ctx->iv)) {
377 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_IV_LENGTH);
cec8854c 378 return 0;
d1592f21 379 }
cec8854c
P		 380 memcpy(ctx->iv, iv, n);
381 }
0f113f3e
MC		 382 break;
383
384 default:
385 return 0;
0f113f3e
MC		 386 }
387 }
388
cec8854c 389 if (key != NULL || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
0f113f3e
MC		 390 if (!ctx->cipher->init(ctx, key, iv, enc))
391 return 0;
392 }
393 ctx->buf_len = 0;
394 ctx->final_used = 0;
395 ctx->block_mask = ctx->cipher->block_size - 1;
396 return 1;
397}
d02b48c6 398
4b58d9b4
P		 399int EVP_CipherInit_ex2(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
400 const unsigned char *key, const unsigned char *iv,
401 int enc, const OSSL_PARAM params[])
402{
403 return evp_cipher_init_internal(ctx, cipher, NULL, key, iv, enc, params);
404}
405
406int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
407 const unsigned char *key, const unsigned char *iv, int enc)
408{
409 if (cipher != NULL)
410 EVP_CIPHER_CTX_reset(ctx);
411 return evp_cipher_init_internal(ctx, cipher, NULL, key, iv, enc, NULL);
412}
413
414int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
415 ENGINE *impl, const unsigned char *key,
416 const unsigned char *iv, int enc)
417{
418 return evp_cipher_init_internal(ctx, cipher, impl, key, iv, enc, NULL);
419}
420
be06a934 421int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
0f113f3e
MC		 422 const unsigned char *in, int inl)
423{
424 if (ctx->encrypt)
425 return EVP_EncryptUpdate(ctx, out, outl, in, inl);
426 else
427 return EVP_DecryptUpdate(ctx, out, outl, in, inl);
428}
d02b48c6 429
581f1c84 430int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
0f113f3e
MC		 431{
432 if (ctx->encrypt)
433 return EVP_EncryptFinal_ex(ctx, out, outl);
434 else
435 return EVP_DecryptFinal_ex(ctx, out, outl);
436}
581f1c84 437
6b691a5c 438int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
0f113f3e
MC		 439{
440 if (ctx->encrypt)
441 return EVP_EncryptFinal(ctx, out, outl);
442 else
443 return EVP_DecryptFinal(ctx, out, outl);
444}
d02b48c6 445
be06a934 446int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
0f113f3e
MC		 447 const unsigned char *key, const unsigned char *iv)
448{
449 return EVP_CipherInit(ctx, cipher, key, iv, 1);
450}
18eda732 451
0f113f3e
MC		 452int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
453 ENGINE *impl, const unsigned char *key,
454 const unsigned char *iv)
455{
456 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
457}
d02b48c6 458
4b58d9b4
P		 459int EVP_EncryptInit_ex2(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
460 const unsigned char *key, const unsigned char *iv,
461 const OSSL_PARAM params[])
462{
463 return EVP_CipherInit_ex2(ctx, cipher, key, iv, 1, params);
464}
465
be06a934 466int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
0f113f3e
MC		 467 const unsigned char *key, const unsigned char *iv)
468{
469 return EVP_CipherInit(ctx, cipher, key, iv, 0);
470}
18eda732 471
0f113f3e
MC		 472int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
473 ENGINE *impl, const unsigned char *key,
474 const unsigned char *iv)
475{
476 return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
477}
d02b48c6 478
4b58d9b4
P		 479int EVP_DecryptInit_ex2(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
480 const unsigned char *key, const unsigned char *iv,
481 const OSSL_PARAM params[])
482{
483 return EVP_CipherInit_ex2(ctx, cipher, key, iv, 0, params);
484}
485
c3a73daf
AP		 486/*
487 * According to the letter of standard difference between pointers
488 * is specified to be valid only within same object. This makes
489 * it formally challenging to determine if input and output buffers
490 * are not partially overlapping with standard pointer arithmetic.
491 */
492#ifdef PTRDIFF_T
493# undef PTRDIFF_T
494#endif
495#if defined(OPENSSL_SYS_VMS) && __INITIAL_POINTER_SIZE==64
496/*
497 * Then we have VMS that distinguishes itself by adhering to
5fc77684
AP		 498 * sizeof(size_t)==4 even in 64-bit builds, which means that
499 * difference between two pointers might be truncated to 32 bits.
500 * In the context one can even wonder how comparison for
501 * equality is implemented. To be on the safe side we adhere to
502 * PTRDIFF_T even for comparison for equality.
c3a73daf
AP		 503 */
504# define PTRDIFF_T uint64_t
505#else
506# define PTRDIFF_T size_t
507#endif
508
6d777689 509int ossl_is_partially_overlapping(const void *ptr1, const void *ptr2, int len)
c3a73daf
AP		 510{
511 PTRDIFF_T diff = (PTRDIFF_T)ptr1-(PTRDIFF_T)ptr2;
512 /*
513 * Check for partially overlapping buffers. [Binary logical
514 * operations are used instead of boolean to minimize number
515 * of conditional branches.]
516 */
83151b73
AP		 517 int overlapped = (len > 0) & (diff != 0) & ((diff < (PTRDIFF_T)len) |
518 (diff > (0 - (PTRDIFF_T)len)));
b153f092 519
83151b73 520 return overlapped;
c3a73daf
AP		 521}
522
a8bf2f8f
RL		 523static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx,
524 unsigned char *out, int *outl,
525 const unsigned char *in, int inl)
0f113f3e 526{
64846096
LP		 527 int i, j, bl, cmpl = inl;
528
529 if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
330ff7e6 530 cmpl = safe_div_round_up_int(cmpl, 8, NULL);
0f113f3e 531
7141ba31
MC		 532 bl = ctx->cipher->block_size;
533
0f113f3e 534 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
7141ba31 535 /* If block size > 1 then the cipher will have to do this check */
6d777689 536 if (bl == 1 && ossl_is_partially_overlapping(out, in, cmpl)) {
9311d0c4 537 ERR_raise(ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING);
5fc77684 538 return 0;
83151b73 539 }
5fc77684 540
0f113f3e
MC		 541 i = ctx->cipher->do_cipher(ctx, out, in, inl);
542 if (i < 0)
543 return 0;
544 else
545 *outl = i;
546 return 1;
547 }
548
2c236894
MC		 549 if (inl <= 0) {
550 *outl = 0;
551 return inl == 0;
552 }
6d777689 553 if (ossl_is_partially_overlapping(out + ctx->buf_len, in, cmpl)) {
9311d0c4 554 ERR_raise(ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING);
5fc77684 555 return 0;
83151b73 556 }
0f113f3e
MC		 557
558 if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) {
559 if (ctx->cipher->do_cipher(ctx, out, in, inl)) {
560 *outl = inl;
561 return 1;
562 } else {
563 *outl = 0;
564 return 0;
565 }
566 }
567 i = ctx->buf_len;
0f113f3e
MC		 568 OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
569 if (i != 0) {
3f358213 570 if (bl - i > inl) {
0f113f3e
MC		 571 memcpy(&(ctx->buf[i]), in, inl);
572 ctx->buf_len += inl;
573 *outl = 0;
574 return 1;
575 } else {
576 j = bl - i;
c9fb704c
MC		 577
578 /*
579 * Once we've processed the first j bytes from in, the amount of
580 * data left that is a multiple of the block length is:
581 * (inl - j) & ~(bl - 1)
582 * We must ensure that this amount of data, plus the one block that
583 * we process from ctx->buf does not exceed INT_MAX
584 */
585 if (((inl - j) & ~(bl - 1)) > INT_MAX - bl) {
586 ERR_raise(ERR_LIB_EVP, EVP_R_OUTPUT_WOULD_OVERFLOW);
587 return 0;
588 }
0f113f3e 589 memcpy(&(ctx->buf[i]), in, j);
0f113f3e
MC		 590 inl -= j;
591 in += j;
5fc77684
AP		 592 if (!ctx->cipher->do_cipher(ctx, out, ctx->buf, bl))
593 return 0;
0f113f3e
MC		 594 out += bl;
595 *outl = bl;
596 }
597 } else
598 *outl = 0;
599 i = inl & (bl - 1);
600 inl -= i;
601 if (inl > 0) {
602 if (!ctx->cipher->do_cipher(ctx, out, in, inl))
603 return 0;
604 *outl += inl;
605 }
606
607 if (i != 0)
608 memcpy(ctx->buf, &(in[inl]), i);
609 ctx->buf_len = i;
610 return 1;
611}
d02b48c6 612
a8bf2f8f
RL		 613
614int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
615 const unsigned char *in, int inl)
616{
df05f2ce 617 int ret;
1832bb0f 618 size_t soutl, inl_ = (size_t)inl;
3b94944c 619 int blocksize;
df05f2ce 620
3d4c81b0 621 if (outl != NULL) {
622 *outl = 0;
623 } else {
9311d0c4 624 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
3d4c81b0 625 return 0;
626 }
627
a8bf2f8f
RL		 628 /* Prevent accidental use of decryption context when encrypting */
629 if (!ctx->encrypt) {
9311d0c4 630 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
a8bf2f8f
RL		 631 return 0;
632 }
633
d4d89a07 634 if (ctx->cipher == NULL) {
9311d0c4 635 ERR_raise(ERR_LIB_EVP, EVP_R_NO_CIPHER_SET);
d4d89a07
SS		 636 return 0;
637 }
638
639 if (ctx->cipher->prov == NULL)
df05f2ce
MC		 640 goto legacy;
641
30af356d 642 blocksize = ctx->cipher->block_size;
3b94944c
MC		 643
644 if (ctx->cipher->cupdate == NULL || blocksize < 1) {
9311d0c4 645 ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
df05f2ce
MC		 646 return 0;
647 }
1832bb0f 648
7c14d0c1 649 ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl,
1832bb0f
HL		 650 inl_ + (size_t)(blocksize == 1 ? 0 : blocksize),
651 in, inl_);
df05f2ce 652
36e619d7
GV		 653 if (ret) {
654 if (soutl > INT_MAX) {
9311d0c4 655 ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
36e619d7
GV		 656 return 0;
657 }
658 *outl = soutl;
df05f2ce 659 }
36e619d7 660
df05f2ce
MC		 661 return ret;
662
0be6cf0c 663 /* Code below to be removed when legacy support is dropped. */
df05f2ce
MC		 664 legacy:
665
a8bf2f8f
RL		 666 return evp_EncryptDecryptUpdate(ctx, out, outl, in, inl);
667}
668
be06a934 669int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
0f113f3e
MC		 670{
671 int ret;
672 ret = EVP_EncryptFinal_ex(ctx, out, outl);
673 return ret;
674}
581f1c84
DSH		 675
676int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
0f113f3e
MC		 677{
678 int n, ret;
679 unsigned int i, b, bl;
df05f2ce 680 size_t soutl;
3b94944c 681 int blocksize;
0f113f3e 682
3d4c81b0 683 if (outl != NULL) {
684 *outl = 0;
685 } else {
9311d0c4 686 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
3d4c81b0 687 return 0;
688 }
689
a8bf2f8f
RL		 690 /* Prevent accidental use of decryption context when encrypting */
691 if (!ctx->encrypt) {
9311d0c4 692 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
a8bf2f8f
RL		 693 return 0;
694 }
695
4894dcad 696 if (ctx->cipher == NULL) {
9311d0c4 697 ERR_raise(ERR_LIB_EVP, EVP_R_NO_CIPHER_SET);
4894dcad
P		 698 return 0;
699 }
700 if (ctx->cipher->prov == NULL)
df05f2ce
MC		 701 goto legacy;
702
ed576acd 703 blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
3b94944c
MC		 704
705 if (blocksize < 1 || ctx->cipher->cfinal == NULL) {
9311d0c4 706 ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
df05f2ce
MC		 707 return 0;
708 }
709
7c14d0c1 710 ret = ctx->cipher->cfinal(ctx->algctx, out, &soutl,
3b94944c 711 blocksize == 1 ? 0 : blocksize);
df05f2ce 712
36e619d7
GV		 713 if (ret) {
714 if (soutl > INT_MAX) {
9311d0c4 715 ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
36e619d7
GV		 716 return 0;
717 }
718 *outl = soutl;
df05f2ce 719 }
df05f2ce
MC		 720
721 return ret;
722
0be6cf0c 723 /* Code below to be removed when legacy support is dropped. */
df05f2ce
MC		 724 legacy:
725
0f113f3e
MC		 726 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
727 ret = ctx->cipher->do_cipher(ctx, out, NULL, 0);
728 if (ret < 0)
729 return 0;
730 else
731 *outl = ret;
732 return 1;
733 }
734
735 b = ctx->cipher->block_size;
cbe29648 736 OPENSSL_assert(b <= sizeof(ctx->buf));
0f113f3e
MC		 737 if (b == 1) {
738 *outl = 0;
739 return 1;
740 }
741 bl = ctx->buf_len;
742 if (ctx->flags & EVP_CIPH_NO_PADDING) {
743 if (bl) {
9311d0c4 744 ERR_raise(ERR_LIB_EVP, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
0f113f3e
MC		 745 return 0;
746 }
747 *outl = 0;
748 return 1;
749 }
750
751 n = b - bl;
752 for (i = bl; i < b; i++)
753 ctx->buf[i] = n;
754 ret = ctx->cipher->do_cipher(ctx, out, ctx->buf, b);
755
756 if (ret)
757 *outl = b;
758
759 return ret;
760}
d02b48c6 761
be06a934 762int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
0f113f3e
MC		 763 const unsigned char *in, int inl)
764{
df05f2ce 765 int fix_len, cmpl = inl, ret;
0f113f3e 766 unsigned int b;
1832bb0f 767 size_t soutl, inl_ = (size_t)inl;
3b94944c 768 int blocksize;
0f113f3e 769
3d4c81b0 770 if (outl != NULL) {
771 *outl = 0;
772 } else {
9311d0c4 773 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
3d4c81b0 774 return 0;
775 }
776
a8bf2f8f
RL		 777 /* Prevent accidental use of encryption context when decrypting */
778 if (ctx->encrypt) {
9311d0c4 779 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
a8bf2f8f
RL		 780 return 0;
781 }
782
d2c2e49e 783 if (ctx->cipher == NULL) {
9311d0c4 784 ERR_raise(ERR_LIB_EVP, EVP_R_NO_CIPHER_SET);
d2c2e49e
P		 785 return 0;
786 }
787 if (ctx->cipher->prov == NULL)
df05f2ce
MC		 788 goto legacy;
789
ed576acd 790 blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
3b94944c
MC		 791
792 if (ctx->cipher->cupdate == NULL || blocksize < 1) {
9311d0c4 793 ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
df05f2ce
MC		 794 return 0;
795 }
7c14d0c1 796 ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl,
1832bb0f
HL		 797 inl_ + (size_t)(blocksize == 1 ? 0 : blocksize),
798 in, inl_);
df05f2ce
MC		 799
800 if (ret) {
801 if (soutl > INT_MAX) {
9311d0c4 802 ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
df05f2ce
MC		 803 return 0;
804 }
805 *outl = soutl;
806 }
807
808 return ret;
809
0be6cf0c 810 /* Code below to be removed when legacy support is dropped. */
df05f2ce
MC		 811 legacy:
812
7141ba31
MC		 813 b = ctx->cipher->block_size;
814
64846096 815 if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
330ff7e6 816 cmpl = safe_div_round_up_int(cmpl, 8, NULL);
64846096 817
0f113f3e 818 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
6d777689 819 if (b == 1 && ossl_is_partially_overlapping(out, in, cmpl)) {
9311d0c4 820 ERR_raise(ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING);
5fc77684 821 return 0;
83151b73 822 }
5fc77684 823
0f113f3e
MC		 824 fix_len = ctx->cipher->do_cipher(ctx, out, in, inl);
825 if (fix_len < 0) {
826 *outl = 0;
827 return 0;
828 } else
829 *outl = fix_len;
830 return 1;
831 }
832
2c236894
MC		 833 if (inl <= 0) {
834 *outl = 0;
835 return inl == 0;
836 }
837
0f113f3e 838 if (ctx->flags & EVP_CIPH_NO_PADDING)
a8bf2f8f 839 return evp_EncryptDecryptUpdate(ctx, out, outl, in, inl);
0f113f3e 840
cbe29648 841 OPENSSL_assert(b <= sizeof(ctx->final));
0f113f3e
MC		 842
843 if (ctx->final_used) {
5fc77684
AP		 844 /* see comment about PTRDIFF_T comparison above */
845 if (((PTRDIFF_T)out == (PTRDIFF_T)in)
6d777689 846 || ossl_is_partially_overlapping(out, in, b)) {
9311d0c4 847 ERR_raise(ERR_LIB_EVP, EVP_R_PARTIALLY_OVERLAPPING);
5fc77684 848 return 0;
83151b73 849 }
c9fb704c
MC		 850 /*
851 * final_used is only ever set if buf_len is 0. Therefore the maximum
852 * length output we will ever see from evp_EncryptDecryptUpdate is
853 * the maximum multiple of the block length that is <= inl, or just:
854 * inl & ~(b - 1)
855 * Since final_used has been set then the final output length is:
856 * (inl & ~(b - 1)) + b
857 * This must never exceed INT_MAX
858 */
859 if ((inl & ~(b - 1)) > INT_MAX - b) {
860 ERR_raise(ERR_LIB_EVP, EVP_R_OUTPUT_WOULD_OVERFLOW);
861 return 0;
862 }
0f113f3e
MC		 863 memcpy(out, ctx->final, b);
864 out += b;
865 fix_len = 1;
866 } else
867 fix_len = 0;
868
a8bf2f8f 869 if (!evp_EncryptDecryptUpdate(ctx, out, outl, in, inl))
0f113f3e
MC		 870 return 0;
871
872 /*
873 * if we have 'decrypted' a multiple of block size, make sure we have a
874 * copy of this last block
875 */
876 if (b > 1 && !ctx->buf_len) {
877 *outl -= b;
878 ctx->final_used = 1;
879 memcpy(ctx->final, &out[*outl], b);
880 } else
881 ctx->final_used = 0;
882
883 if (fix_len)
884 *outl += b;
885
886 return 1;
887}
d02b48c6 888
6b691a5c 889int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
0f113f3e
MC		 890{
891 int ret;
892 ret = EVP_DecryptFinal_ex(ctx, out, outl);
893 return ret;
894}
581f1c84
DSH		 895
896int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
0f113f3e
MC		 897{
898 int i, n;
899 unsigned int b;
df05f2ce
MC		 900 size_t soutl;
901 int ret;
3b94944c 902 int blocksize;
a8bf2f8f 903
3d4c81b0 904 if (outl != NULL) {
905 *outl = 0;
906 } else {
9311d0c4 907 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
3d4c81b0 908 return 0;
909 }
910
a8bf2f8f
RL		 911 /* Prevent accidental use of encryption context when decrypting */
912 if (ctx->encrypt) {
9311d0c4 913 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
a8bf2f8f
RL		 914 return 0;
915 }
916
d4d89a07 917 if (ctx->cipher == NULL) {
9311d0c4 918 ERR_raise(ERR_LIB_EVP, EVP_R_NO_CIPHER_SET);
d4d89a07
SS		 919 return 0;
920 }
921
922 if (ctx->cipher->prov == NULL)
df05f2ce
MC		 923 goto legacy;
924
ed576acd 925 blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
3b94944c
MC		 926
927 if (blocksize < 1 || ctx->cipher->cfinal == NULL) {
9311d0c4 928 ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
df05f2ce
MC		 929 return 0;
930 }
931
7c14d0c1 932 ret = ctx->cipher->cfinal(ctx->algctx, out, &soutl,
3b94944c 933 blocksize == 1 ? 0 : blocksize);
df05f2ce
MC		 934
935 if (ret) {
936 if (soutl > INT_MAX) {
9311d0c4 937 ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
df05f2ce
MC		 938 return 0;
939 }
940 *outl = soutl;
941 }
942
943 return ret;
944
0be6cf0c 945 /* Code below to be removed when legacy support is dropped. */
df05f2ce
MC		 946 legacy:
947
0f113f3e 948 *outl = 0;
0f113f3e
MC		 949 if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
950 i = ctx->cipher->do_cipher(ctx, out, NULL, 0);
951 if (i < 0)
952 return 0;
953 else
954 *outl = i;
955 return 1;
956 }
957
958 b = ctx->cipher->block_size;
959 if (ctx->flags & EVP_CIPH_NO_PADDING) {
960 if (ctx->buf_len) {
9311d0c4 961 ERR_raise(ERR_LIB_EVP, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
0f113f3e
MC		 962 return 0;
963 }
964 *outl = 0;
965 return 1;
966 }
967 if (b > 1) {
968 if (ctx->buf_len || !ctx->final_used) {
9311d0c4 969 ERR_raise(ERR_LIB_EVP, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
26a7d938 970 return 0;
0f113f3e 971 }
cbe29648 972 OPENSSL_assert(b <= sizeof(ctx->final));
0f113f3e
MC		 973
974 /*
975 * The following assumes that the ciphertext has been authenticated.
976 * Otherwise it provides a padding oracle.
977 */
978 n = ctx->final[b - 1];
979 if (n == 0 || n > (int)b) {
9311d0c4 980 ERR_raise(ERR_LIB_EVP, EVP_R_BAD_DECRYPT);
26a7d938 981 return 0;
0f113f3e
MC		 982 }
983 for (i = 0; i < n; i++) {
984 if (ctx->final[--b] != n) {
9311d0c4 985 ERR_raise(ERR_LIB_EVP, EVP_R_BAD_DECRYPT);
26a7d938 986 return 0;
0f113f3e
MC		 987 }
988 }
989 n = ctx->cipher->block_size - n;
990 for (i = 0; i < n; i++)
991 out[i] = ctx->final[i];
992 *outl = n;
993 } else
994 *outl = 0;
208fb891 995 return 1;
0f113f3e 996}
d02b48c6 997
6343829a 998int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
0f113f3e 999{
d23adad1
MC		 1000 if (c->cipher->prov != NULL) {
1001 int ok;
1002 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
70f39a48 1003 size_t len;
459b15d4 1004
ed576acd 1005 if (EVP_CIPHER_CTX_get_key_length(c) == keylen)
d23adad1
MC		 1006 return 1;
1007
1008 /* Check the cipher actually understands this parameter */
1009 if (OSSL_PARAM_locate_const(EVP_CIPHER_settable_ctx_params(c->cipher),
0f70d601
TM		 1010 OSSL_CIPHER_PARAM_KEYLEN) == NULL) {
1011 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
d23adad1 1012 return 0;
0f70d601 1013 }
d23adad1
MC		 1014
1015 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len);
70f39a48
P		 1016 if (!OSSL_PARAM_set_int(params, keylen))
1017 return 0;
7c14d0c1 1018 ok = evp_do_ciph_ctx_setparams(c->cipher, c->algctx, params);
70f39a48
P		 1019 if (ok <= 0)
1020 return 0;
1021 c->key_len = keylen;
1022 return 1;
d23adad1 1023 }
13273237 1024
0be6cf0c 1025 /* Code below to be removed when legacy support is dropped. */
d23adad1
MC		 1026
1027 /*
1028 * Note there have never been any built-in ciphers that define this flag
1029 * since it was first introduced.
1030 */
0f113f3e
MC		 1031 if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
1032 return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
ed576acd 1033 if (EVP_CIPHER_CTX_get_key_length(c) == keylen)
0f113f3e
MC		 1034 return 1;
1035 if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
1036 c->key_len = keylen;
1037 return 1;
1038 }
9311d0c4 1039 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY_LENGTH);
0f113f3e
MC		 1040 return 0;
1041}
49528751 1042
f2e5ca84 1043int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
0f113f3e 1044{
13273237 1045 int ok;
459b15d4 1046 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
1c3ace68 1047 unsigned int pd = pad;
13273237 1048
0f113f3e
MC		 1049 if (pad)
1050 ctx->flags &= ~EVP_CIPH_NO_PADDING;
1051 else
1052 ctx->flags |= EVP_CIPH_NO_PADDING;
df05f2ce 1053
719bc0e8
SL		 1054 if (ctx->cipher != NULL && ctx->cipher->prov == NULL)
1055 return 1;
1c3ace68 1056 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd);
7c14d0c1 1057 ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
459b15d4 1058
13273237 1059 return ok != 0;
0f113f3e 1060}
f2e5ca84 1061
49528751
DSH		 1062int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
1063{
e870791a 1064 int ret = EVP_CTRL_RET_UNSUPPORTED;
459b15d4 1065 int set_params = 1;
1c3ace68 1066 size_t sz = arg;
6a41156c 1067 unsigned int i;
0d2bfe52
SL		 1068 OSSL_PARAM params[4] = {
1069 OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END
1070 };
d91f4568 1071
459b15d4 1072 if (ctx == NULL || ctx->cipher == NULL) {
9311d0c4 1073 ERR_raise(ERR_LIB_EVP, EVP_R_NO_CIPHER_SET);
0f113f3e
MC		 1074 return 0;
1075 }
1076
13273237
RL		 1077 if (ctx->cipher->prov == NULL)
1078 goto legacy;
1079
1080 switch (type) {
1081 case EVP_CTRL_SET_KEY_LENGTH:
1c3ace68 1082 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &sz);
70f39a48 1083 ctx->key_len = -1;
13273237
RL		 1084 break;
1085 case EVP_CTRL_RAND_KEY: /* Used by DES */
4a42e264
SL		 1086 set_params = 0;
1087 params[0] =
1088 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY,
1c3ace68 1089 ptr, sz);
4a42e264
SL		 1090 break;
1091
d6d74cf4
RL		 1092 case EVP_CTRL_INIT:
1093 /*
0be6cf0c 1094 * EVP_CTRL_INIT is purely legacy, no provider counterpart.
d6d74cf4
RL		 1095 * As a matter of fact, this should be dead code, but some caller
1096 * might still do a direct control call with this command, so...
1097 * Legacy methods return 1 except for exceptional circumstances, so
1098 * we do the same here to not be disruptive.
1099 */
1100 return 1;
13273237 1101 case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
459b15d4 1102 default:
6a36f209 1103 goto end;
459b15d4
SL		 1104 case EVP_CTRL_AEAD_SET_IVLEN:
1105 if (arg < 0)
1106 return 0;
1c3ace68 1107 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz);
b30b45b7 1108 ctx->iv_len = -1;
13273237 1109 break;
f5d0c02c
SL		 1110 case EVP_CTRL_CCM_SET_L:
1111 if (arg < 2 || arg > 8)
1112 return 0;
1113 sz = 15 - arg;
1114 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &sz);
b30b45b7 1115 ctx->iv_len = -1;
f5d0c02c 1116 break;
11b44359
SL		 1117 case EVP_CTRL_AEAD_SET_IV_FIXED:
1118 params[0] = OSSL_PARAM_construct_octet_string(
1119 OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, ptr, sz);
1120 break;
1121 case EVP_CTRL_GCM_IV_GEN:
1122 set_params = 0;
1123 if (arg < 0)
1124 sz = 0; /* special case that uses the iv length */
1125 params[0] = OSSL_PARAM_construct_octet_string(
1126 OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, ptr, sz);
1127 break;
1128 case EVP_CTRL_GCM_SET_IV_INV:
1129 if (arg < 0)
1130 return 0;
1131 params[0] = OSSL_PARAM_construct_octet_string(
1132 OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, ptr, sz);
459b15d4 1133 break;
6a41156c
SL		 1134 case EVP_CTRL_GET_RC5_ROUNDS:
1135 set_params = 0; /* Fall thru */
1136 case EVP_CTRL_SET_RC5_ROUNDS:
1137 if (arg < 0)
1138 return 0;
1139 i = (unsigned int)arg;
1140 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_ROUNDS, &i);
1141 break;
eb173822
SL		 1142 case EVP_CTRL_SET_SPEED:
1143 if (arg < 0)
1144 return 0;
1145 i = (unsigned int)arg;
1146 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_SPEED, &i);
1147 break;
459b15d4 1148 case EVP_CTRL_AEAD_GET_TAG:
1c3ace68
SL		 1149 set_params = 0; /* Fall thru */
1150 case EVP_CTRL_AEAD_SET_TAG:
459b15d4 1151 params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
1c3ace68 1152 ptr, sz);
459b15d4
SL		 1153 break;
1154 case EVP_CTRL_AEAD_TLS1_AAD:
0d2bfe52 1155 /* This one does a set and a get - since it returns a size */
459b15d4
SL		 1156 params[0] =
1157 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD,
1c3ace68 1158 ptr, sz);
7c14d0c1 1159 ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
459b15d4 1160 if (ret <= 0)
6a36f209 1161 goto end;
459b15d4
SL		 1162 params[0] =
1163 OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, &sz);
7c14d0c1 1164 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
459b15d4 1165 if (ret <= 0)
6a36f209 1166 goto end;
459b15d4 1167 return sz;
f816aa47
SL		 1168#ifndef OPENSSL_NO_RC2
1169 case EVP_CTRL_GET_RC2_KEY_BITS:
1170 set_params = 0; /* Fall thru */
1171 case EVP_CTRL_SET_RC2_KEY_BITS:
1172 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, &sz);
1173 break;
1174#endif /* OPENSSL_NO_RC2 */
0d2bfe52
SL		 1175#if !defined(OPENSSL_NO_MULTIBLOCK)
1176 case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
1177 params[0] = OSSL_PARAM_construct_size_t(
1178 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, &sz);
7c14d0c1 1179 ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
0d2bfe52
SL		 1180 if (ret <= 0)
1181 return 0;
1182
1183 params[0] = OSSL_PARAM_construct_size_t(
1184 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, &sz);
1185 params[1] = OSSL_PARAM_construct_end();
7c14d0c1 1186 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
0d2bfe52
SL		 1187 if (ret <= 0)
1188 return 0;
1189 return sz;
1190 case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD: {
1191 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *p =
1192 (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *)ptr;
1193
1194 if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM))
1195 return 0;
1196
1197 params[0] = OSSL_PARAM_construct_octet_string(
1198 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, (void*)p->inp, p->len);
1199 params[1] = OSSL_PARAM_construct_uint(
1200 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
7c14d0c1 1201 ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
0d2bfe52
SL		 1202 if (ret <= 0)
1203 return ret;
1204 /* Retrieve the return values changed by the set */
1205 params[0] = OSSL_PARAM_construct_size_t(
1206 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, &sz);
1207 params[1] = OSSL_PARAM_construct_uint(
1208 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
1209 params[2] = OSSL_PARAM_construct_end();
7c14d0c1 1210 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
0d2bfe52
SL		 1211 if (ret <= 0)
1212 return 0;
1213 return sz;
1214 }
1215 case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT: {
1216 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *p =
1217 (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *)ptr;
1218
1219 params[0] = OSSL_PARAM_construct_octet_string(
1220 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, p->out, p->len);
1221
1222 params[1] = OSSL_PARAM_construct_octet_string(
1223 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, (void*)p->inp,
1224 p->len);
1225 params[2] = OSSL_PARAM_construct_uint(
1226 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
7c14d0c1 1227 ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
0d2bfe52
SL		 1228 if (ret <= 0)
1229 return ret;
1230 params[0] = OSSL_PARAM_construct_size_t(
1231 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, &sz);
1232 params[1] = OSSL_PARAM_construct_end();
7c14d0c1 1233 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
0d2bfe52
SL		 1234 if (ret <= 0)
1235 return 0;
1236 return sz;
1237 }
1238#endif /* OPENSSL_NO_MULTIBLOCK */
1239 case EVP_CTRL_AEAD_SET_MAC_KEY:
1240 if (arg < 0)
1241 return -1;
1242 params[0] = OSSL_PARAM_construct_octet_string(
1243 OSSL_CIPHER_PARAM_AEAD_MAC_KEY, ptr, sz);
1244 break;
13273237 1245 }
459b15d4
SL		 1246
1247 if (set_params)
7c14d0c1 1248 ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
459b15d4 1249 else
7c14d0c1 1250 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
6a36f209 1251 goto end;
13273237 1252
0be6cf0c 1253 /* Code below to be removed when legacy support is dropped. */
459b15d4
SL		 1254legacy:
1255 if (ctx->cipher->ctrl == NULL) {
9311d0c4 1256 ERR_raise(ERR_LIB_EVP, EVP_R_CTRL_NOT_IMPLEMENTED);
0f113f3e
MC		 1257 return 0;
1258 }
1259
1260 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
552be00d 1261
6a36f209 1262 end:
e870791a 1263 if (ret == EVP_CTRL_RET_UNSUPPORTED) {
9311d0c4 1264 ERR_raise(ERR_LIB_EVP, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
0f113f3e
MC		 1265 return 0;
1266 }
1267 return ret;
49528751 1268}
216659eb 1269
ae3ff60e
RL		 1270int EVP_CIPHER_get_params(EVP_CIPHER *cipher, OSSL_PARAM params[])
1271{
1272 if (cipher != NULL && cipher->get_params != NULL)
1273 return cipher->get_params(params);
1274 return 0;
1275}
1276
1277int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[])
1278{
70f39a48
P		 1279 int r = 0;
1280 const OSSL_PARAM *p;
1281
b30b45b7 1282 if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL) {
70f39a48
P		 1283 r = ctx->cipher->set_ctx_params(ctx->algctx, params);
1284 if (r > 0) {
1285 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
b9a2f24e 1286 if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->key_len)) {
70f39a48 1287 r = 0;
b9a2f24e
HL		 1288 ctx->key_len = -1;
1289 }
70f39a48
P		 1290 }
1291 if (r > 0) {
1292 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN);
b9a2f24e 1293 if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->iv_len)) {
70f39a48 1294 r = 0;
b9a2f24e
HL		 1295 ctx->iv_len = -1;
1296 }
70f39a48 1297 }
b30b45b7 1298 }
70f39a48 1299 return r;
ae3ff60e
RL		 1300}
1301
1302int EVP_CIPHER_CTX_get_params(EVP_CIPHER_CTX *ctx, OSSL_PARAM params[])
1303{
92d9d0ae 1304 if (ctx->cipher != NULL && ctx->cipher->get_ctx_params != NULL)
7c14d0c1 1305 return ctx->cipher->get_ctx_params(ctx->algctx, params);
ae3ff60e
RL		 1306 return 0;
1307}
1308
1309const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher)
1310{
1311 if (cipher != NULL && cipher->gettable_params != NULL)
18ec26ba 1312 return cipher->gettable_params(
ed576acd 1313 ossl_provider_ctx(EVP_CIPHER_get0_provider(cipher)));
ae3ff60e
RL		 1314 return NULL;
1315}
1316
41f7ecf3 1317const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher)
ae3ff60e 1318{
7c14d0c1 1319 void *provctx;
292b4184
P		 1320
1321 if (cipher != NULL && cipher->settable_ctx_params != NULL) {
ed576acd 1322 provctx = ossl_provider_ctx(EVP_CIPHER_get0_provider(cipher));
7c14d0c1 1323 return cipher->settable_ctx_params(NULL, provctx);
292b4184 1324 }
ae3ff60e
RL		 1325 return NULL;
1326}
1327
41f7ecf3 1328const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher)
ae3ff60e 1329{
7c14d0c1 1330 void *provctx;
292b4184
P		 1331
1332 if (cipher != NULL && cipher->gettable_ctx_params != NULL) {
ed576acd 1333 provctx = ossl_provider_ctx(EVP_CIPHER_get0_provider(cipher));
7c14d0c1 1334 return cipher->gettable_ctx_params(NULL, provctx);
292b4184
P		 1335 }
1336 return NULL;
1337}
1338
1339const OSSL_PARAM *EVP_CIPHER_CTX_settable_params(EVP_CIPHER_CTX *cctx)
1340{
1341 void *alg;
1342
1343 if (cctx != NULL && cctx->cipher->settable_ctx_params != NULL) {
ed576acd 1344 alg = ossl_provider_ctx(EVP_CIPHER_get0_provider(cctx->cipher));
7c14d0c1 1345 return cctx->cipher->settable_ctx_params(cctx->algctx, alg);
292b4184
P		 1346 }
1347 return NULL;
1348}
1349
1350const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(EVP_CIPHER_CTX *cctx)
1351{
7c14d0c1 1352 void *provctx;
292b4184
P		 1353
1354 if (cctx != NULL && cctx->cipher->gettable_ctx_params != NULL) {
ed576acd 1355 provctx = ossl_provider_ctx(EVP_CIPHER_get0_provider(cctx->cipher));
7c14d0c1 1356 return cctx->cipher->gettable_ctx_params(cctx->algctx, provctx);
292b4184 1357 }
ae3ff60e
RL		 1358 return NULL;
1359}
1360
11eef7e7 1361#ifndef FIPS_MODULE
b4250010 1362static OSSL_LIB_CTX *EVP_CIPHER_CTX_get_libctx(EVP_CIPHER_CTX *ctx)
11eef7e7
SL		 1363{
1364 const EVP_CIPHER *cipher = ctx->cipher;
1365 const OSSL_PROVIDER *prov;
1366
1367 if (cipher == NULL)
1368 return NULL;
1369
ed576acd 1370 prov = EVP_CIPHER_get0_provider(cipher);
a829b735 1371 return ossl_provider_libctx(prov);
11eef7e7
SL		 1372}
1373#endif
1374
216659eb 1375int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
0f113f3e
MC		 1376{
1377 if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
1378 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
4a42e264 1379
f844f9eb 1380#ifdef FIPS_MODULE
4a42e264
SL		 1381 return 0;
1382#else
1383 {
1384 int kl;
b4250010 1385 OSSL_LIB_CTX *libctx = EVP_CIPHER_CTX_get_libctx(ctx);
4a42e264 1386
ed576acd 1387 kl = EVP_CIPHER_CTX_get_key_length(ctx);
5cbd2ea3 1388 if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl, 0) <= 0)
4a42e264
SL		 1389 return 0;
1390 return 1;
1391 }
f844f9eb 1392#endif /* FIPS_MODULE */
0f113f3e 1393}
216659eb 1394
4e62f1a3
P		 1395EVP_CIPHER_CTX *EVP_CIPHER_CTX_dup(const EVP_CIPHER_CTX *in)
1396{
1397 EVP_CIPHER_CTX *out = EVP_CIPHER_CTX_new();
1398
1399 if (out != NULL && !EVP_CIPHER_CTX_copy(out, in)) {
1400 EVP_CIPHER_CTX_free(out);
1401 out = NULL;
1402 }
1403 return out;
1404}
1405
c2bf7208 1406int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
0f113f3e
MC		 1407{
1408 if ((in == NULL) || (in->cipher == NULL)) {
9311d0c4 1409 ERR_raise(ERR_LIB_EVP, EVP_R_INPUT_NOT_INITIALIZED);
0f113f3e
MC		 1410 return 0;
1411 }
df05f2ce
MC		 1412
1413 if (in->cipher->prov == NULL)
1414 goto legacy;
1415
1416 if (in->cipher->dupctx == NULL) {
9311d0c4 1417 ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
df05f2ce
MC		 1418 return 0;
1419 }
1420
1421 EVP_CIPHER_CTX_reset(out);
1422
1423 *out = *in;
7c14d0c1 1424 out->algctx = NULL;
df05f2ce 1425
70c35fd1 1426 if (in->fetched_cipher != NULL && !EVP_CIPHER_up_ref(in->fetched_cipher)) {
df05f2ce
MC		 1427 out->fetched_cipher = NULL;
1428 return 0;
1429 }
1430
7c14d0c1
SL		 1431 out->algctx = in->cipher->dupctx(in->algctx);
1432 if (out->algctx == NULL) {
9311d0c4 1433 ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
df05f2ce
MC		 1434 return 0;
1435 }
1436
1437 return 1;
1438
0be6cf0c 1439 /* Code below to be removed when legacy support is dropped. */
df05f2ce
MC		 1440 legacy:
1441
f844f9eb 1442#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
0f113f3e
MC		 1443 /* Make sure it's safe to copy a cipher context using an ENGINE */
1444 if (in->engine && !ENGINE_init(in->engine)) {
9311d0c4 1445 ERR_raise(ERR_LIB_EVP, ERR_R_ENGINE_LIB);
0f113f3e
MC		 1446 return 0;
1447 }
c2bf7208
DSH		 1448#endif
1449
c0ca39bd 1450 EVP_CIPHER_CTX_reset(out);
b4faea50 1451 memcpy(out, in, sizeof(*out));
0f113f3e
MC		 1452
1453 if (in->cipher_data && in->cipher->ctx_size) {
1454 out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
90945fa3 1455 if (out->cipher_data == NULL) {
273a0218 1456 out->cipher = NULL;
9311d0c4 1457 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
0f113f3e
MC		 1458 return 0;
1459 }
1460 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
1461 }
1462
1463 if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
273a0218
BE		 1464 if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) {
1465 out->cipher = NULL;
9311d0c4 1466 ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
273a0218
BE		 1467 return 0;
1468 }
0f113f3e
MC		 1469 return 1;
1470}
df05f2ce 1471
550f974a
RL		 1472EVP_CIPHER *evp_cipher_new(void)
1473{
1474 EVP_CIPHER *cipher = OPENSSL_zalloc(sizeof(EVP_CIPHER));
1475
1476 if (cipher != NULL) {
1477 cipher->lock = CRYPTO_THREAD_lock_new();
1478 if (cipher->lock == NULL) {
1479 OPENSSL_free(cipher);
1480 return NULL;
1481 }
1482 cipher->refcnt = 1;
1483 }
1484 return cipher;
1485}
1486
32040838
RL		 1487/*
1488 * FIPS module note: since internal fetches will be entirely
1489 * provider based, we know that none of its code depends on legacy
1490 * NIDs or any functionality that use them.
1491 */
f844f9eb 1492#ifndef FIPS_MODULE
83abd33c 1493/* After removal of legacy support get rid of the need for legacy NIDs */
32040838
RL		 1494static void set_legacy_nid(const char *name, void *vlegacy_nid)
1495{
1496 int nid;
1497 int *legacy_nid = vlegacy_nid;
6a835fcf
RL		 1498 /*
1499 * We use lowest level function to get the associated method, because
1500 * higher level functions such as EVP_get_cipherbyname() have changed
1501 * to look at providers too.
1502 */
1503 const void *legacy_method = OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
32040838
RL		 1504
1505 if (*legacy_nid == -1) /* We found a clash already */
1506 return;
6a835fcf 1507 if (legacy_method == NULL)
32040838 1508 return;
ed576acd 1509 nid = EVP_CIPHER_get_nid(legacy_method);
32040838
RL		 1510 if (*legacy_nid != NID_undef && *legacy_nid != nid) {
1511 *legacy_nid = -1;
1512 return;
1513 }
1514 *legacy_nid = nid;
1515}
1516#endif
1517
309a78aa
RL		 1518static void *evp_cipher_from_algorithm(const int name_id,
1519 const OSSL_ALGORITHM *algodef,
1520 OSSL_PROVIDER *prov)
df05f2ce 1521{
309a78aa 1522 const OSSL_DISPATCH *fns = algodef->implementation;
df05f2ce
MC		 1523 EVP_CIPHER *cipher = NULL;
1524 int fnciphcnt = 0, fnctxcnt = 0;
1525
f7c16d48 1526 if ((cipher = evp_cipher_new()) == NULL) {
9311d0c4 1527 ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
df05f2ce 1528 return NULL;
6b9e3724 1529 }
df05f2ce 1530
f844f9eb 1531#ifndef FIPS_MODULE
32040838 1532 cipher->nid = NID_undef;
d84f5515
MC		 1533 if (!evp_names_do_all(prov, name_id, set_legacy_nid, &cipher->nid)
1534 || cipher->nid == -1) {
32040838
RL		 1535 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
1536 EVP_CIPHER_free(cipher);
1537 return NULL;
f7c16d48 1538 }
ed71e917
MC		 1539#endif
1540
32040838 1541 cipher->name_id = name_id;
6c9bc258
TM		 1542 if ((cipher->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
1543 EVP_CIPHER_free(cipher);
1544 return NULL;
1545 }
309a78aa 1546 cipher->description = algodef->algorithm_description;
32040838 1547
df05f2ce
MC		 1548 for (; fns->function_id != 0; fns++) {
1549 switch (fns->function_id) {
1550 case OSSL_FUNC_CIPHER_NEWCTX:
1551 if (cipher->newctx != NULL)
1552 break;
363b1e5d 1553 cipher->newctx = OSSL_FUNC_cipher_newctx(fns);
df05f2ce
MC		 1554 fnctxcnt++;
1555 break;
1556 case OSSL_FUNC_CIPHER_ENCRYPT_INIT:
1557 if (cipher->einit != NULL)
1558 break;
363b1e5d 1559 cipher->einit = OSSL_FUNC_cipher_encrypt_init(fns);
df05f2ce
MC		 1560 fnciphcnt++;
1561 break;
1562 case OSSL_FUNC_CIPHER_DECRYPT_INIT:
1563 if (cipher->dinit != NULL)
1564 break;
363b1e5d 1565 cipher->dinit = OSSL_FUNC_cipher_decrypt_init(fns);
df05f2ce
MC		 1566 fnciphcnt++;
1567 break;
1568 case OSSL_FUNC_CIPHER_UPDATE:
1569 if (cipher->cupdate != NULL)
1570 break;
363b1e5d 1571 cipher->cupdate = OSSL_FUNC_cipher_update(fns);
df05f2ce
MC		 1572 fnciphcnt++;
1573 break;
1574 case OSSL_FUNC_CIPHER_FINAL:
1575 if (cipher->cfinal != NULL)
1576 break;
363b1e5d 1577 cipher->cfinal = OSSL_FUNC_cipher_final(fns);
df05f2ce
MC		 1578 fnciphcnt++;
1579 break;
718b133a
MC		 1580 case OSSL_FUNC_CIPHER_CIPHER:
1581 if (cipher->ccipher != NULL)
1582 break;
363b1e5d 1583 cipher->ccipher = OSSL_FUNC_cipher_cipher(fns);
718b133a 1584 break;
df05f2ce
MC		 1585 case OSSL_FUNC_CIPHER_FREECTX:
1586 if (cipher->freectx != NULL)
1587 break;
363b1e5d 1588 cipher->freectx = OSSL_FUNC_cipher_freectx(fns);
df05f2ce
MC		 1589 fnctxcnt++;
1590 break;
1591 case OSSL_FUNC_CIPHER_DUPCTX:
1592 if (cipher->dupctx != NULL)
1593 break;
363b1e5d 1594 cipher->dupctx = OSSL_FUNC_cipher_dupctx(fns);
df05f2ce 1595 break;
df05f2ce
MC		 1596 case OSSL_FUNC_CIPHER_GET_PARAMS:
1597 if (cipher->get_params != NULL)
1598 break;
363b1e5d 1599 cipher->get_params = OSSL_FUNC_cipher_get_params(fns);
df05f2ce 1600 break;
92d9d0ae
RL		 1601 case OSSL_FUNC_CIPHER_GET_CTX_PARAMS:
1602 if (cipher->get_ctx_params != NULL)
718b133a 1603 break;
363b1e5d 1604 cipher->get_ctx_params = OSSL_FUNC_cipher_get_ctx_params(fns);
718b133a 1605 break;
92d9d0ae
RL		 1606 case OSSL_FUNC_CIPHER_SET_CTX_PARAMS:
1607 if (cipher->set_ctx_params != NULL)
df05f2ce 1608 break;
363b1e5d 1609 cipher->set_ctx_params = OSSL_FUNC_cipher_set_ctx_params(fns);
df05f2ce 1610 break;
ae3ff60e
RL		 1611 case OSSL_FUNC_CIPHER_GETTABLE_PARAMS:
1612 if (cipher->gettable_params != NULL)
1613 break;
363b1e5d 1614 cipher->gettable_params = OSSL_FUNC_cipher_gettable_params(fns);
ae3ff60e
RL		 1615 break;
1616 case OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS:
1617 if (cipher->gettable_ctx_params != NULL)
1618 break;
1619 cipher->gettable_ctx_params =
363b1e5d 1620 OSSL_FUNC_cipher_gettable_ctx_params(fns);
ae3ff60e
RL		 1621 break;
1622 case OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS:
1623 if (cipher->settable_ctx_params != NULL)
1624 break;
1625 cipher->settable_ctx_params =
363b1e5d 1626 OSSL_FUNC_cipher_settable_ctx_params(fns);
ae3ff60e 1627 break;
df05f2ce
MC		 1628 }
1629 }
718b133a
MC		 1630 if ((fnciphcnt != 0 && fnciphcnt != 3 && fnciphcnt != 4)
1631 || (fnciphcnt == 0 && cipher->ccipher == NULL)
13273237 1632 || fnctxcnt != 2) {
df05f2ce
MC		 1633 /*
1634 * In order to be a consistent set of functions we must have at least
1635 * a complete set of "encrypt" functions, or a complete set of "decrypt"
11dbdc07
MC		 1636 * functions, or a single "cipher" function. In all cases we need both
1637 * the "newctx" and "freectx" functions.
df05f2ce 1638 */
550f974a 1639 EVP_CIPHER_free(cipher);
9311d0c4 1640 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
df05f2ce
MC		 1641 return NULL;
1642 }
1643 cipher->prov = prov;
1644 if (prov != NULL)
7c95390e 1645 ossl_provider_up_ref(prov);
df05f2ce 1646
ae69da05
MC		 1647 if (!evp_cipher_cache_constants(cipher)) {
1648 EVP_CIPHER_free(cipher);
1649 ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED);
1650 cipher = NULL;
1651 }
1652
df05f2ce
MC		 1653 return cipher;
1654}
1655
70c35fd1 1656static int evp_cipher_up_ref(void *cipher)
df05f2ce 1657{
70c35fd1 1658 return EVP_CIPHER_up_ref(cipher);
df05f2ce
MC		 1659}
1660
1661static void evp_cipher_free(void *cipher)
1662{
550f974a 1663 EVP_CIPHER_free(cipher);
df05f2ce
MC		 1664}
1665
b4250010 1666EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
df05f2ce
MC		 1667 const char *properties)
1668{
0211740f
RL		 1669 EVP_CIPHER *cipher =
1670 evp_generic_fetch(ctx, OSSL_OP_CIPHER, algorithm, properties,
309a78aa 1671 evp_cipher_from_algorithm, evp_cipher_up_ref,
0211740f
RL		 1672 evp_cipher_free);
1673
0211740f 1674 return cipher;
df05f2ce 1675}
c540f00f 1676
550f974a
RL		 1677int EVP_CIPHER_up_ref(EVP_CIPHER *cipher)
1678{
1679 int ref = 0;
1680
f6c95e46
RS		 1681 if (cipher->origin == EVP_ORIG_DYNAMIC)
1682 CRYPTO_UP_REF(&cipher->refcnt, &ref, cipher->lock);
550f974a
RL		 1683 return 1;
1684}
1685
f6c95e46
RS		 1686void evp_cipher_free_int(EVP_CIPHER *cipher)
1687{
6c9bc258 1688 OPENSSL_free(cipher->type_name);
f6c95e46
RS		 1689 ossl_provider_free(cipher->prov);
1690 CRYPTO_THREAD_lock_free(cipher->lock);
1691 OPENSSL_free(cipher);
1692}
1693
550f974a
RL		 1694void EVP_CIPHER_free(EVP_CIPHER *cipher)
1695{
1696 int i;
1697
f6c95e46 1698 if (cipher == NULL || cipher->origin != EVP_ORIG_DYNAMIC)
550f974a
RL		 1699 return;
1700
1701 CRYPTO_DOWN_REF(&cipher->refcnt, &i, cipher->lock);
1702 if (i > 0)
1703 return;
f6c95e46 1704 evp_cipher_free_int(cipher);
550f974a
RL		 1705}
1706
b4250010 1707void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
251e610c
RL		 1708 void (*fn)(EVP_CIPHER *mac, void *arg),
1709 void *arg)
c540f00f
RL		 1710{
1711 evp_generic_do_all(libctx, OSSL_OP_CIPHER,
1712 (void (*)(void *, void *))fn, arg,
cd770738
RL		 1713 evp_cipher_from_algorithm, evp_cipher_up_ref,
1714 evp_cipher_free);
c540f00f 1715}
A mirror of the official openssl repository