]>
Commit | Line | Data |
---|---|---|
a14e9ff7 | 1 | /* |
440e5d80 | 2 | * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. |
a14e9ff7 | 3 | * |
440e5d80 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
a14e9ff7 MC |
8 | */ |
9 | ||
f1f5ee17 AP |
10 | #if defined(_WIN32) |
11 | # include <windows.h> | |
12 | #endif | |
13 | ||
a14e9ff7 MC |
14 | #include <stdio.h> |
15 | #include <string.h> | |
16 | ||
17 | #include <openssl/engine.h> | |
18 | #include <openssl/sha.h> | |
2f2c9caa | 19 | #include <openssl/aes.h> |
a14e9ff7 MC |
20 | #include <openssl/rsa.h> |
21 | #include <openssl/evp.h> | |
22 | #include <openssl/async.h> | |
23 | #include <openssl/bn.h> | |
7b9f8f7f | 24 | #include <openssl/crypto.h> |
98ee7543 MC |
25 | #include <openssl/ssl.h> |
26 | #include <openssl/modes.h> | |
a14e9ff7 | 27 | |
ff75a257 MC |
28 | #if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN)) && defined(OPENSSL_THREADS) |
29 | # undef ASYNC_POSIX | |
30 | # define ASYNC_POSIX | |
31 | # include <unistd.h> | |
32 | #elif defined(_WIN32) | |
33 | # undef ASYNC_WIN | |
34 | # define ASYNC_WIN | |
ff75a257 MC |
35 | #endif |
36 | ||
a14e9ff7 MC |
37 | #include "e_dasync_err.c" |
38 | ||
39 | /* Engine Id and Name */ | |
40 | static const char *engine_dasync_id = "dasync"; | |
41 | static const char *engine_dasync_name = "Dummy Async engine support"; | |
42 | ||
43 | ||
44 | /* Engine Lifetime functions */ | |
45 | static int dasync_destroy(ENGINE *e); | |
46 | static int dasync_init(ENGINE *e); | |
47 | static int dasync_finish(ENGINE *e); | |
b3599dbb | 48 | void engine_load_dasync_int(void); |
a14e9ff7 MC |
49 | |
50 | ||
51 | /* Set up digests. Just SHA1 for now */ | |
52 | static int dasync_digests(ENGINE *e, const EVP_MD **digest, | |
53 | const int **nids, int nid); | |
54 | ||
f4da39d2 | 55 | static void dummy_pause_job(void); |
a14e9ff7 MC |
56 | |
57 | /* SHA1 */ | |
46a283c0 MC |
58 | static int dasync_sha1_init(EVP_MD_CTX *ctx); |
59 | static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
652d4a8c | 60 | size_t count); |
46a283c0 | 61 | static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); |
a14e9ff7 | 62 | |
11780ac3 MC |
63 | /* |
64 | * Holds the EVP_MD object for sha1 in this engine. Set up once only during | |
65 | * engine bind and can then be reused many times. | |
66 | */ | |
cddcea8c RL |
67 | static EVP_MD *_hidden_sha1_md = NULL; |
68 | static const EVP_MD *dasync_sha1(void) | |
69 | { | |
cddcea8c RL |
70 | return _hidden_sha1_md; |
71 | } | |
72 | static void destroy_digests(void) | |
73 | { | |
74 | EVP_MD_meth_free(_hidden_sha1_md); | |
75 | _hidden_sha1_md = NULL; | |
76 | } | |
11780ac3 | 77 | |
cddcea8c RL |
78 | static int dasync_digest_nids(const int **nids) |
79 | { | |
80 | static int digest_nids[2] = { 0, 0 }; | |
81 | static int pos = 0; | |
82 | static int init = 0; | |
83 | ||
84 | if (!init) { | |
85 | const EVP_MD *md; | |
86 | if ((md = dasync_sha1()) != NULL) | |
87 | digest_nids[pos++] = EVP_MD_type(md); | |
88 | digest_nids[pos] = 0; | |
89 | init = 1; | |
90 | } | |
91 | *nids = digest_nids; | |
92 | return pos; | |
93 | } | |
a14e9ff7 MC |
94 | |
95 | /* RSA */ | |
96 | ||
97 | static int dasync_pub_enc(int flen, const unsigned char *from, | |
98 | unsigned char *to, RSA *rsa, int padding); | |
99 | static int dasync_pub_dec(int flen, const unsigned char *from, | |
100 | unsigned char *to, RSA *rsa, int padding); | |
101 | static int dasync_rsa_priv_enc(int flen, const unsigned char *from, | |
102 | unsigned char *to, RSA *rsa, int padding); | |
103 | static int dasync_rsa_priv_dec(int flen, const unsigned char *from, | |
104 | unsigned char *to, RSA *rsa, int padding); | |
105 | static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, | |
106 | BN_CTX *ctx); | |
107 | ||
108 | static int dasync_rsa_init(RSA *rsa); | |
109 | static int dasync_rsa_finish(RSA *rsa); | |
110 | ||
b72c9121 | 111 | static RSA_METHOD *dasync_rsa_method = NULL; |
a14e9ff7 | 112 | |
98ee7543 MC |
113 | /* AES */ |
114 | ||
115 | static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
116 | void *ptr); | |
98ee7543 MC |
117 | static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
118 | const unsigned char *iv, int enc); | |
98ee7543 MC |
119 | static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
120 | const unsigned char *in, size_t inl); | |
98ee7543 MC |
121 | static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx); |
122 | ||
2f2c9caa MC |
123 | static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, |
124 | int arg, void *ptr); | |
125 | static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, | |
126 | const unsigned char *key, | |
127 | const unsigned char *iv, | |
128 | int enc); | |
129 | static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, | |
130 | unsigned char *out, | |
131 | const unsigned char *in, | |
132 | size_t inl); | |
133 | static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx); | |
134 | ||
e38c2e85 | 135 | struct dasync_pipeline_ctx { |
98ee7543 | 136 | void *inner_cipher_data; |
98ee7543 MC |
137 | unsigned int numpipes; |
138 | unsigned char **inbufs; | |
139 | unsigned char **outbufs; | |
140 | size_t *lens; | |
2f2c9caa MC |
141 | int enc; |
142 | unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN]; | |
143 | unsigned int aadctr; | |
98ee7543 MC |
144 | }; |
145 | ||
11780ac3 MC |
146 | /* |
147 | * Holds the EVP_CIPHER object for aes_128_cbc in this engine. Set up once only | |
148 | * during engine bind and can then be reused many times. | |
149 | */ | |
98ee7543 MC |
150 | static EVP_CIPHER *_hidden_aes_128_cbc = NULL; |
151 | static const EVP_CIPHER *dasync_aes_128_cbc(void) | |
152 | { | |
11780ac3 MC |
153 | return _hidden_aes_128_cbc; |
154 | } | |
155 | ||
156 | /* | |
157 | * Holds the EVP_CIPHER object for aes_128_cbc_hmac_sha1 in this engine. Set up | |
158 | * once only during engine bind and can then be reused many times. | |
159 | */ | |
160 | static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; | |
161 | static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) | |
162 | { | |
163 | return _hidden_aes_128_cbc_hmac_sha1; | |
164 | } | |
165 | ||
166 | static void destroy_ciphers(void) | |
167 | { | |
168 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
169 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); | |
170 | _hidden_aes_128_cbc = NULL; | |
171 | _hidden_aes_128_cbc_hmac_sha1 = NULL; | |
172 | } | |
173 | ||
174 | static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
175 | const int **nids, int nid); | |
176 | ||
177 | static int dasync_cipher_nids[] = { | |
178 | NID_aes_128_cbc, | |
179 | NID_aes_128_cbc_hmac_sha1, | |
180 | 0 | |
181 | }; | |
182 | ||
183 | static int bind_dasync(ENGINE *e) | |
184 | { | |
b72c9121 RL |
185 | /* Setup RSA_METHOD */ |
186 | if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) == NULL | |
187 | || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0 | |
188 | || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0 | |
189 | || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0 | |
8aac5d2e | 190 | || RSA_meth_set_priv_dec(dasync_rsa_method, dasync_rsa_priv_dec) == 0 |
b72c9121 RL |
191 | || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0 |
192 | || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0 | |
193 | || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0 | |
194 | || RSA_meth_set_finish(dasync_rsa_method, dasync_rsa_finish) == 0) { | |
195 | DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); | |
196 | return 0; | |
197 | } | |
198 | ||
11780ac3 MC |
199 | /* Ensure the dasync error handling is set up */ |
200 | ERR_load_DASYNC_strings(); | |
201 | ||
202 | if (!ENGINE_set_id(e, engine_dasync_id) | |
203 | || !ENGINE_set_name(e, engine_dasync_name) | |
b72c9121 | 204 | || !ENGINE_set_RSA(e, dasync_rsa_method) |
11780ac3 MC |
205 | || !ENGINE_set_digests(e, dasync_digests) |
206 | || !ENGINE_set_ciphers(e, dasync_ciphers) | |
207 | || !ENGINE_set_destroy_function(e, dasync_destroy) | |
208 | || !ENGINE_set_init_function(e, dasync_init) | |
209 | || !ENGINE_set_finish_function(e, dasync_finish)) { | |
210 | DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); | |
211 | return 0; | |
212 | } | |
213 | ||
214 | /* | |
215 | * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests | |
216 | * supplied by this engine | |
217 | */ | |
218 | _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption); | |
219 | if (_hidden_sha1_md == NULL | |
220 | || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH) | |
221 | || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK) | |
222 | || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md, | |
223 | sizeof(EVP_MD *) + sizeof(SHA_CTX)) | |
224 | || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
225 | || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init) | |
226 | || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update) | |
227 | || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) { | |
228 | EVP_MD_meth_free(_hidden_sha1_md); | |
229 | _hidden_sha1_md = NULL; | |
230 | } | |
231 | ||
232 | _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, | |
233 | 16 /* block size */, | |
234 | 16 /* key len */); | |
98ee7543 MC |
235 | if (_hidden_aes_128_cbc == NULL |
236 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) | |
237 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, | |
238 | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
239 | | EVP_CIPH_CBC_MODE | |
240 | | EVP_CIPH_FLAG_PIPELINE) | |
241 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, | |
242 | dasync_aes128_init_key) | |
243 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, | |
244 | dasync_aes128_cbc_cipher) | |
245 | || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc, | |
246 | dasync_aes128_cbc_cleanup) | |
247 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc, | |
248 | dasync_aes128_cbc_ctrl) | |
249 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, | |
e38c2e85 | 250 | sizeof(struct dasync_pipeline_ctx))) { |
98ee7543 MC |
251 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); |
252 | _hidden_aes_128_cbc = NULL; | |
253 | } | |
98ee7543 | 254 | |
11780ac3 MC |
255 | _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( |
256 | NID_aes_128_cbc_hmac_sha1, | |
257 | 16 /* block size */, | |
258 | 16 /* key len */); | |
2f2c9caa MC |
259 | if (_hidden_aes_128_cbc_hmac_sha1 == NULL |
260 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) | |
261 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, | |
262 | EVP_CIPH_CBC_MODE | |
263 | | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
264 | | EVP_CIPH_FLAG_AEAD_CIPHER | |
265 | | EVP_CIPH_FLAG_PIPELINE) | |
266 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, | |
267 | dasync_aes128_cbc_hmac_sha1_init_key) | |
268 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, | |
269 | dasync_aes128_cbc_hmac_sha1_cipher) | |
270 | || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc_hmac_sha1, | |
271 | dasync_aes128_cbc_hmac_sha1_cleanup) | |
272 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, | |
273 | dasync_aes128_cbc_hmac_sha1_ctrl) | |
274 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, | |
e38c2e85 | 275 | sizeof(struct dasync_pipeline_ctx))) { |
2f2c9caa MC |
276 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); |
277 | _hidden_aes_128_cbc_hmac_sha1 = NULL; | |
278 | } | |
a14e9ff7 MC |
279 | |
280 | return 1; | |
281 | } | |
282 | ||
283 | # ifndef OPENSSL_NO_DYNAMIC_ENGINE | |
284 | static int bind_helper(ENGINE *e, const char *id) | |
285 | { | |
286 | if (id && (strcmp(id, engine_dasync_id) != 0)) | |
287 | return 0; | |
288 | if (!bind_dasync(e)) | |
289 | return 0; | |
290 | return 1; | |
291 | } | |
292 | ||
293 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
294 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
295 | # endif | |
296 | ||
297 | static ENGINE *engine_dasync(void) | |
298 | { | |
299 | ENGINE *ret = ENGINE_new(); | |
300 | if (!ret) | |
301 | return NULL; | |
302 | if (!bind_dasync(ret)) { | |
303 | ENGINE_free(ret); | |
304 | return NULL; | |
305 | } | |
306 | return ret; | |
307 | } | |
308 | ||
b3599dbb | 309 | void engine_load_dasync_int(void) |
a14e9ff7 MC |
310 | { |
311 | ENGINE *toadd = engine_dasync(); | |
312 | if (!toadd) | |
313 | return; | |
314 | ENGINE_add(toadd); | |
315 | ENGINE_free(toadd); | |
316 | ERR_clear_error(); | |
317 | } | |
318 | ||
319 | static int dasync_init(ENGINE *e) | |
320 | { | |
321 | return 1; | |
322 | } | |
323 | ||
324 | ||
325 | static int dasync_finish(ENGINE *e) | |
326 | { | |
327 | return 1; | |
328 | } | |
329 | ||
330 | ||
331 | static int dasync_destroy(ENGINE *e) | |
332 | { | |
cddcea8c | 333 | destroy_digests(); |
11780ac3 | 334 | destroy_ciphers(); |
b72c9121 | 335 | RSA_meth_free(dasync_rsa_method); |
a14e9ff7 MC |
336 | ERR_unload_DASYNC_strings(); |
337 | return 1; | |
338 | } | |
339 | ||
340 | static int dasync_digests(ENGINE *e, const EVP_MD **digest, | |
341 | const int **nids, int nid) | |
342 | { | |
343 | int ok = 1; | |
344 | if (!digest) { | |
345 | /* We are returning a list of supported nids */ | |
cddcea8c | 346 | return dasync_digest_nids(nids); |
a14e9ff7 MC |
347 | } |
348 | /* We are being asked for a specific digest */ | |
349 | switch (nid) { | |
350 | case NID_sha1: | |
cddcea8c | 351 | *digest = dasync_sha1(); |
a14e9ff7 MC |
352 | break; |
353 | default: | |
354 | ok = 0; | |
355 | *digest = NULL; | |
356 | break; | |
357 | } | |
358 | return ok; | |
359 | } | |
360 | ||
98ee7543 MC |
361 | static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
362 | const int **nids, int nid) | |
363 | { | |
364 | int ok = 1; | |
11780ac3 | 365 | if (cipher == NULL) { |
98ee7543 MC |
366 | /* We are returning a list of supported nids */ |
367 | *nids = dasync_cipher_nids; | |
368 | return (sizeof(dasync_cipher_nids) - | |
369 | 1) / sizeof(dasync_cipher_nids[0]); | |
370 | } | |
371 | /* We are being asked for a specific cipher */ | |
372 | switch (nid) { | |
373 | case NID_aes_128_cbc: | |
374 | *cipher = dasync_aes_128_cbc(); | |
375 | break; | |
2f2c9caa MC |
376 | case NID_aes_128_cbc_hmac_sha1: |
377 | *cipher = dasync_aes_128_cbc_hmac_sha1(); | |
378 | break; | |
98ee7543 MC |
379 | default: |
380 | ok = 0; | |
381 | *cipher = NULL; | |
382 | break; | |
383 | } | |
384 | return ok; | |
385 | } | |
386 | ||
ff75a257 MC |
387 | static void wait_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, |
388 | OSSL_ASYNC_FD readfd, void *pvwritefd) | |
389 | { | |
390 | OSSL_ASYNC_FD *pwritefd = (OSSL_ASYNC_FD *)pvwritefd; | |
391 | #if defined(ASYNC_WIN) | |
392 | CloseHandle(readfd); | |
393 | CloseHandle(*pwritefd); | |
394 | #elif defined(ASYNC_POSIX) | |
395 | close(readfd); | |
396 | close(*pwritefd); | |
397 | #endif | |
398 | OPENSSL_free(pwritefd); | |
399 | } | |
400 | ||
401 | #define DUMMY_CHAR 'X' | |
402 | ||
f4da39d2 MC |
403 | static void dummy_pause_job(void) { |
404 | ASYNC_JOB *job; | |
ff75a257 MC |
405 | ASYNC_WAIT_CTX *waitctx; |
406 | OSSL_ASYNC_FD pipefds[2] = {0, 0}; | |
407 | OSSL_ASYNC_FD *writefd; | |
408 | #if defined(ASYNC_WIN) | |
409 | DWORD numwritten, numread; | |
410 | char buf = DUMMY_CHAR; | |
411 | #elif defined(ASYNC_POSIX) | |
412 | char buf = DUMMY_CHAR; | |
413 | #endif | |
f4da39d2 MC |
414 | |
415 | if ((job = ASYNC_get_current_job()) == NULL) | |
416 | return; | |
417 | ||
ff75a257 MC |
418 | waitctx = ASYNC_get_wait_ctx(job); |
419 | ||
420 | if (ASYNC_WAIT_CTX_get_fd(waitctx, engine_dasync_id, &pipefds[0], | |
421 | (void **)&writefd)) { | |
422 | pipefds[1] = *writefd; | |
423 | } else { | |
424 | writefd = OPENSSL_malloc(sizeof(*writefd)); | |
425 | if (writefd == NULL) | |
426 | return; | |
427 | #if defined(ASYNC_WIN) | |
428 | if (CreatePipe(&pipefds[0], &pipefds[1], NULL, 256) == 0) { | |
429 | OPENSSL_free(writefd); | |
430 | return; | |
431 | } | |
432 | #elif defined(ASYNC_POSIX) | |
433 | if (pipe(pipefds) != 0) { | |
434 | OPENSSL_free(writefd); | |
435 | return; | |
436 | } | |
437 | #endif | |
438 | *writefd = pipefds[1]; | |
439 | ||
440 | if(!ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_dasync_id, pipefds[0], | |
441 | writefd, wait_cleanup)) { | |
442 | wait_cleanup(waitctx, engine_dasync_id, pipefds[0], writefd); | |
443 | return; | |
444 | } | |
445 | } | |
f4da39d2 MC |
446 | /* |
447 | * In the Dummy async engine we are cheating. We signal that the job | |
448 | * is complete by waking it before the call to ASYNC_pause_job(). A real | |
449 | * async engine would only wake when the job was actually complete | |
450 | */ | |
ff75a257 MC |
451 | #if defined(ASYNC_WIN) |
452 | WriteFile(pipefds[1], &buf, 1, &numwritten, NULL); | |
453 | #elif defined(ASYNC_POSIX) | |
b8972eda AG |
454 | if (write(pipefds[1], &buf, 1) < 0) |
455 | return; | |
ff75a257 | 456 | #endif |
f4da39d2 MC |
457 | |
458 | /* Ignore errors - we carry on anyway */ | |
459 | ASYNC_pause_job(); | |
460 | ||
ff75a257 MC |
461 | /* Clear the wake signal */ |
462 | #if defined(ASYNC_WIN) | |
463 | ReadFile(pipefds[0], &buf, 1, &numread, NULL); | |
464 | #elif defined(ASYNC_POSIX) | |
b8972eda AG |
465 | if (read(pipefds[0], &buf, 1) < 0) |
466 | return; | |
ff75a257 | 467 | #endif |
f4da39d2 MC |
468 | } |
469 | ||
a14e9ff7 MC |
470 | /* |
471 | * SHA1 implementation. At the moment we just defer to the standard | |
472 | * implementation | |
473 | */ | |
474 | #undef data | |
6e59a892 | 475 | #define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx)) |
46a283c0 | 476 | static int dasync_sha1_init(EVP_MD_CTX *ctx) |
a14e9ff7 | 477 | { |
f4da39d2 | 478 | dummy_pause_job(); |
a14e9ff7 MC |
479 | |
480 | return SHA1_Init(data(ctx)); | |
481 | } | |
482 | ||
46a283c0 | 483 | static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, |
652d4a8c | 484 | size_t count) |
a14e9ff7 | 485 | { |
f4da39d2 | 486 | dummy_pause_job(); |
a14e9ff7 MC |
487 | |
488 | return SHA1_Update(data(ctx), data, (size_t)count); | |
489 | } | |
490 | ||
46a283c0 | 491 | static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) |
a14e9ff7 | 492 | { |
f4da39d2 | 493 | dummy_pause_job(); |
a14e9ff7 MC |
494 | |
495 | return SHA1_Final(md, data(ctx)); | |
496 | } | |
497 | ||
498 | /* | |
499 | * RSA implementation | |
500 | */ | |
501 | ||
502 | static int dasync_pub_enc(int flen, const unsigned char *from, | |
503 | unsigned char *to, RSA *rsa, int padding) { | |
504 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 505 | dummy_pause_job(); |
b72c9121 RL |
506 | return RSA_meth_get_pub_enc(RSA_PKCS1_OpenSSL()) |
507 | (flen, from, to, rsa, padding); | |
a14e9ff7 MC |
508 | } |
509 | ||
510 | static int dasync_pub_dec(int flen, const unsigned char *from, | |
511 | unsigned char *to, RSA *rsa, int padding) { | |
512 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 513 | dummy_pause_job(); |
b72c9121 RL |
514 | return RSA_meth_get_pub_dec(RSA_PKCS1_OpenSSL()) |
515 | (flen, from, to, rsa, padding); | |
a14e9ff7 MC |
516 | } |
517 | ||
518 | static int dasync_rsa_priv_enc(int flen, const unsigned char *from, | |
519 | unsigned char *to, RSA *rsa, int padding) | |
520 | { | |
521 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 522 | dummy_pause_job(); |
b72c9121 RL |
523 | return RSA_meth_get_priv_enc(RSA_PKCS1_OpenSSL()) |
524 | (flen, from, to, rsa, padding); | |
a14e9ff7 MC |
525 | } |
526 | ||
527 | static int dasync_rsa_priv_dec(int flen, const unsigned char *from, | |
528 | unsigned char *to, RSA *rsa, int padding) | |
529 | { | |
530 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 531 | dummy_pause_job(); |
b72c9121 RL |
532 | return RSA_meth_get_priv_dec(RSA_PKCS1_OpenSSL()) |
533 | (flen, from, to, rsa, padding); | |
a14e9ff7 MC |
534 | } |
535 | ||
536 | static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | |
537 | { | |
538 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 539 | dummy_pause_job(); |
b72c9121 | 540 | return RSA_meth_get_mod_exp(RSA_PKCS1_OpenSSL())(r0, I, rsa, ctx); |
a14e9ff7 MC |
541 | } |
542 | ||
543 | static int dasync_rsa_init(RSA *rsa) | |
544 | { | |
b72c9121 | 545 | return RSA_meth_get_init(RSA_PKCS1_OpenSSL())(rsa); |
a14e9ff7 MC |
546 | } |
547 | static int dasync_rsa_finish(RSA *rsa) | |
548 | { | |
b72c9121 | 549 | return RSA_meth_get_finish(RSA_PKCS1_OpenSSL())(rsa); |
a14e9ff7 | 550 | } |
98ee7543 | 551 | |
e38c2e85 | 552 | /* Cipher helper functions */ |
98ee7543 | 553 | |
e38c2e85 MC |
554 | static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, |
555 | void *ptr, int aeadcapable) | |
98ee7543 MC |
556 | { |
557 | int ret; | |
e38c2e85 MC |
558 | struct dasync_pipeline_ctx *pipe_ctx = |
559 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
560 | |
561 | if (pipe_ctx == NULL) | |
562 | return 0; | |
563 | ||
564 | switch (type) { | |
565 | case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: | |
566 | pipe_ctx->numpipes = arg; | |
567 | pipe_ctx->outbufs = (unsigned char **)ptr; | |
568 | break; | |
569 | ||
570 | case EVP_CTRL_SET_PIPELINE_INPUT_BUFS: | |
571 | pipe_ctx->numpipes = arg; | |
572 | pipe_ctx->inbufs = (unsigned char **)ptr; | |
573 | break; | |
574 | ||
575 | case EVP_CTRL_SET_PIPELINE_INPUT_LENS: | |
576 | pipe_ctx->numpipes = arg; | |
577 | pipe_ctx->lens = (size_t *)ptr; | |
578 | break; | |
579 | ||
580 | case EVP_CTRL_AEAD_SET_MAC_KEY: | |
e38c2e85 MC |
581 | if (!aeadcapable) |
582 | return -1; | |
2f2c9caa MC |
583 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); |
584 | ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) | |
585 | (ctx, type, arg, ptr); | |
586 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); | |
587 | return ret; | |
588 | ||
589 | case EVP_CTRL_AEAD_TLS1_AAD: | |
590 | { | |
591 | unsigned char *p = ptr; | |
592 | unsigned int len; | |
593 | ||
e38c2e85 | 594 | if (!aeadcapable || arg != EVP_AEAD_TLS1_AAD_LEN) |
2f2c9caa MC |
595 | return -1; |
596 | ||
597 | if (pipe_ctx->aadctr >= SSL_MAX_PIPELINES) | |
598 | return -1; | |
599 | ||
600 | memcpy(pipe_ctx->tlsaad[pipe_ctx->aadctr], ptr, | |
601 | EVP_AEAD_TLS1_AAD_LEN); | |
602 | pipe_ctx->aadctr++; | |
603 | ||
604 | len = p[arg - 2] << 8 | p[arg - 1]; | |
605 | ||
606 | if (pipe_ctx->enc) { | |
607 | if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) { | |
a68d3505 RS |
608 | if (len < AES_BLOCK_SIZE) |
609 | return 0; | |
2f2c9caa MC |
610 | len -= AES_BLOCK_SIZE; |
611 | } | |
612 | ||
613 | return ((len + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) | |
614 | & -AES_BLOCK_SIZE) - len; | |
615 | } else { | |
616 | return SHA_DIGEST_LENGTH; | |
617 | } | |
618 | } | |
619 | ||
2f2c9caa MC |
620 | default: |
621 | return 0; | |
622 | } | |
623 | ||
624 | return 1; | |
625 | } | |
626 | ||
e38c2e85 MC |
627 | static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx, |
628 | const unsigned char *key, | |
629 | const unsigned char *iv, int enc, | |
630 | const EVP_CIPHER *cipher) | |
2f2c9caa MC |
631 | { |
632 | int ret; | |
e38c2e85 MC |
633 | struct dasync_pipeline_ctx *pipe_ctx = |
634 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
635 | |
636 | if (pipe_ctx->inner_cipher_data == NULL | |
e38c2e85 MC |
637 | && EVP_CIPHER_impl_ctx_size(cipher) != 0) { |
638 | pipe_ctx->inner_cipher_data = OPENSSL_zalloc( | |
639 | EVP_CIPHER_impl_ctx_size(cipher)); | |
2f2c9caa | 640 | if (pipe_ctx->inner_cipher_data == NULL) { |
2f781956 | 641 | DASYNCerr(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, |
2f2c9caa MC |
642 | ERR_R_MALLOC_FAILURE); |
643 | return 0; | |
644 | } | |
645 | } | |
646 | ||
647 | pipe_ctx->numpipes = 0; | |
e38c2e85 | 648 | pipe_ctx->aadctr = 0; |
2f2c9caa MC |
649 | |
650 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); | |
e38c2e85 | 651 | ret = EVP_CIPHER_meth_get_init(cipher)(ctx, key, iv, enc); |
2f2c9caa MC |
652 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); |
653 | ||
654 | return ret; | |
655 | } | |
656 | ||
e38c2e85 MC |
657 | static int dasync_cipher_helper(EVP_CIPHER_CTX *ctx, unsigned char *out, |
658 | const unsigned char *in, size_t inl, | |
659 | const EVP_CIPHER *cipher) | |
2f2c9caa MC |
660 | { |
661 | int ret = 1; | |
662 | unsigned int i, pipes; | |
e38c2e85 MC |
663 | struct dasync_pipeline_ctx *pipe_ctx = |
664 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
665 | |
666 | pipes = pipe_ctx->numpipes; | |
667 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); | |
668 | if (pipes == 0) { | |
669 | if (pipe_ctx->aadctr != 0) { | |
670 | if (pipe_ctx->aadctr != 1) | |
671 | return -1; | |
e38c2e85 | 672 | EVP_CIPHER_meth_get_ctrl(cipher) |
2f2c9caa MC |
673 | (ctx, EVP_CTRL_AEAD_TLS1_AAD, |
674 | EVP_AEAD_TLS1_AAD_LEN, | |
675 | pipe_ctx->tlsaad[0]); | |
676 | } | |
e38c2e85 | 677 | ret = EVP_CIPHER_meth_get_do_cipher(cipher) |
2f2c9caa MC |
678 | (ctx, out, in, inl); |
679 | } else { | |
680 | if (pipe_ctx->aadctr > 0 && pipe_ctx->aadctr != pipes) | |
681 | return -1; | |
682 | for (i = 0; i < pipes; i++) { | |
683 | if (pipe_ctx->aadctr > 0) { | |
e38c2e85 | 684 | EVP_CIPHER_meth_get_ctrl(cipher) |
2f2c9caa MC |
685 | (ctx, EVP_CTRL_AEAD_TLS1_AAD, |
686 | EVP_AEAD_TLS1_AAD_LEN, | |
687 | pipe_ctx->tlsaad[i]); | |
688 | } | |
e38c2e85 | 689 | ret = ret && EVP_CIPHER_meth_get_do_cipher(cipher) |
2f2c9caa MC |
690 | (ctx, pipe_ctx->outbufs[i], pipe_ctx->inbufs[i], |
691 | pipe_ctx->lens[i]); | |
692 | } | |
693 | pipe_ctx->numpipes = 0; | |
694 | } | |
695 | pipe_ctx->aadctr = 0; | |
696 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); | |
697 | return ret; | |
698 | } | |
699 | ||
e38c2e85 MC |
700 | static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, |
701 | const EVP_CIPHER *cipher) | |
2f2c9caa | 702 | { |
e38c2e85 MC |
703 | struct dasync_pipeline_ctx *pipe_ctx = |
704 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
705 | |
706 | OPENSSL_clear_free(pipe_ctx->inner_cipher_data, | |
e38c2e85 | 707 | EVP_CIPHER_impl_ctx_size(cipher)); |
2f2c9caa MC |
708 | |
709 | return 1; | |
710 | } | |
e38c2e85 MC |
711 | |
712 | /* | |
713 | * AES128 CBC Implementation | |
714 | */ | |
715 | ||
716 | static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
717 | void *ptr) | |
718 | { | |
719 | return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); | |
720 | } | |
721 | ||
722 | static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
723 | const unsigned char *iv, int enc) | |
724 | { | |
725 | return dasync_cipher_init_key_helper(ctx, key, iv, enc, EVP_aes_128_cbc()); | |
726 | } | |
727 | ||
728 | static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
729 | const unsigned char *in, size_t inl) | |
730 | { | |
731 | return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc()); | |
732 | } | |
733 | ||
734 | static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) | |
735 | { | |
736 | return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc()); | |
737 | } | |
738 | ||
739 | ||
740 | /* | |
741 | * AES128 CBC HMAC SHA1 Implementation | |
742 | */ | |
743 | ||
744 | static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, | |
745 | int arg, void *ptr) | |
746 | { | |
747 | return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); | |
748 | } | |
749 | ||
750 | static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, | |
751 | const unsigned char *key, | |
752 | const unsigned char *iv, | |
753 | int enc) | |
754 | { | |
755 | return dasync_cipher_init_key_helper(ctx, key, iv, enc, | |
756 | EVP_aes_128_cbc_hmac_sha1()); | |
757 | } | |
758 | ||
759 | static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, | |
760 | unsigned char *out, | |
761 | const unsigned char *in, | |
762 | size_t inl) | |
763 | { | |
764 | return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc_hmac_sha1()); | |
765 | } | |
766 | ||
767 | static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx) | |
768 | { | |
769 | return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1()); | |
770 | } |