]>
Commit | Line | Data |
---|---|---|
a14e9ff7 MC |
1 | /* |
2 | * Written by Matt Caswell (matt@openssl.org) for the OpenSSL project. | |
3 | */ | |
4 | /* ==================================================================== | |
5 | * Copyright (c) 2015 The OpenSSL Project. All rights reserved. | |
6 | * | |
7 | * Redistribution and use in source and binary forms, with or without | |
8 | * modification, are permitted provided that the following conditions | |
9 | * are met: | |
10 | * | |
11 | * 1. Redistributions of source code must retain the above copyright | |
12 | * notice, this list of conditions and the following disclaimer. | |
13 | * | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer in | |
16 | * the documentation and/or other materials provided with the | |
17 | * distribution. | |
18 | * | |
19 | * 3. All advertising materials mentioning features or use of this | |
20 | * software must display the following acknowledgment: | |
21 | * "This product includes software developed by the OpenSSL Project | |
22 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
23 | * | |
24 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
25 | * endorse or promote products derived from this software without | |
26 | * prior written permission. For written permission, please contact | |
27 | * licensing@OpenSSL.org. | |
28 | * | |
29 | * 5. Products derived from this software may not be called "OpenSSL" | |
30 | * nor may "OpenSSL" appear in their names without prior written | |
31 | * permission of the OpenSSL Project. | |
32 | * | |
33 | * 6. Redistributions of any form whatsoever must retain the following | |
34 | * acknowledgment: | |
35 | * "This product includes software developed by the OpenSSL Project | |
36 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
37 | * | |
38 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
39 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
40 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
41 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
42 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
43 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
44 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
45 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
46 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
47 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
48 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
49 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
50 | * ==================================================================== | |
51 | */ | |
52 | ||
53 | #include <stdio.h> | |
54 | #include <string.h> | |
55 | ||
56 | #include <openssl/engine.h> | |
57 | #include <openssl/sha.h> | |
2f2c9caa | 58 | #include <openssl/aes.h> |
a14e9ff7 MC |
59 | #include <openssl/rsa.h> |
60 | #include <openssl/evp.h> | |
61 | #include <openssl/async.h> | |
62 | #include <openssl/bn.h> | |
7b9f8f7f | 63 | #include <openssl/crypto.h> |
98ee7543 MC |
64 | #include <openssl/ssl.h> |
65 | #include <openssl/modes.h> | |
a14e9ff7 | 66 | |
ff75a257 MC |
67 | #if (defined(OPENSSL_SYS_UNIX) || defined(OPENSSL_SYS_CYGWIN)) && defined(OPENSSL_THREADS) |
68 | # undef ASYNC_POSIX | |
69 | # define ASYNC_POSIX | |
70 | # include <unistd.h> | |
71 | #elif defined(_WIN32) | |
72 | # undef ASYNC_WIN | |
73 | # define ASYNC_WIN | |
74 | # include <windows.h> | |
75 | #endif | |
76 | ||
a14e9ff7 MC |
77 | #define DASYNC_LIB_NAME "DASYNC" |
78 | #include "e_dasync_err.c" | |
79 | ||
80 | /* Engine Id and Name */ | |
81 | static const char *engine_dasync_id = "dasync"; | |
82 | static const char *engine_dasync_name = "Dummy Async engine support"; | |
83 | ||
84 | ||
85 | /* Engine Lifetime functions */ | |
86 | static int dasync_destroy(ENGINE *e); | |
87 | static int dasync_init(ENGINE *e); | |
88 | static int dasync_finish(ENGINE *e); | |
7b9f8f7f | 89 | void engine_load_dasync_internal(void); |
a14e9ff7 MC |
90 | |
91 | ||
92 | /* Set up digests. Just SHA1 for now */ | |
93 | static int dasync_digests(ENGINE *e, const EVP_MD **digest, | |
94 | const int **nids, int nid); | |
95 | ||
f4da39d2 | 96 | static void dummy_pause_job(void); |
a14e9ff7 MC |
97 | |
98 | /* SHA1 */ | |
46a283c0 MC |
99 | static int dasync_sha1_init(EVP_MD_CTX *ctx); |
100 | static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
652d4a8c | 101 | size_t count); |
46a283c0 | 102 | static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); |
a14e9ff7 | 103 | |
11780ac3 MC |
104 | /* |
105 | * Holds the EVP_MD object for sha1 in this engine. Set up once only during | |
106 | * engine bind and can then be reused many times. | |
107 | */ | |
cddcea8c RL |
108 | static EVP_MD *_hidden_sha1_md = NULL; |
109 | static const EVP_MD *dasync_sha1(void) | |
110 | { | |
cddcea8c RL |
111 | return _hidden_sha1_md; |
112 | } | |
113 | static void destroy_digests(void) | |
114 | { | |
115 | EVP_MD_meth_free(_hidden_sha1_md); | |
116 | _hidden_sha1_md = NULL; | |
117 | } | |
11780ac3 | 118 | |
cddcea8c RL |
119 | static int dasync_digest_nids(const int **nids) |
120 | { | |
121 | static int digest_nids[2] = { 0, 0 }; | |
122 | static int pos = 0; | |
123 | static int init = 0; | |
124 | ||
125 | if (!init) { | |
126 | const EVP_MD *md; | |
127 | if ((md = dasync_sha1()) != NULL) | |
128 | digest_nids[pos++] = EVP_MD_type(md); | |
129 | digest_nids[pos] = 0; | |
130 | init = 1; | |
131 | } | |
132 | *nids = digest_nids; | |
133 | return pos; | |
134 | } | |
a14e9ff7 MC |
135 | |
136 | /* RSA */ | |
137 | ||
138 | static int dasync_pub_enc(int flen, const unsigned char *from, | |
139 | unsigned char *to, RSA *rsa, int padding); | |
140 | static int dasync_pub_dec(int flen, const unsigned char *from, | |
141 | unsigned char *to, RSA *rsa, int padding); | |
142 | static int dasync_rsa_priv_enc(int flen, const unsigned char *from, | |
143 | unsigned char *to, RSA *rsa, int padding); | |
144 | static int dasync_rsa_priv_dec(int flen, const unsigned char *from, | |
145 | unsigned char *to, RSA *rsa, int padding); | |
146 | static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, | |
147 | BN_CTX *ctx); | |
148 | ||
149 | static int dasync_rsa_init(RSA *rsa); | |
150 | static int dasync_rsa_finish(RSA *rsa); | |
151 | ||
152 | static RSA_METHOD dasync_rsa_method = { | |
153 | "Dummy Async RSA method", | |
154 | dasync_pub_enc, /* pub_enc */ | |
155 | dasync_pub_dec, /* pub_dec */ | |
156 | dasync_rsa_priv_enc, /* priv_enc */ | |
157 | dasync_rsa_priv_dec, /* priv_dec */ | |
158 | dasync_rsa_mod_exp, /* rsa_mod_exp */ | |
159 | BN_mod_exp_mont, /* bn_mod_exp */ | |
160 | dasync_rsa_init, /* init */ | |
161 | dasync_rsa_finish, /* finish */ | |
162 | 0, /* flags */ | |
163 | NULL, /* app_data */ | |
164 | 0, /* rsa_sign */ | |
165 | 0, /* rsa_verify */ | |
166 | NULL /* rsa_keygen */ | |
167 | }; | |
168 | ||
169 | ||
98ee7543 MC |
170 | /* AES */ |
171 | ||
172 | static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
173 | void *ptr); | |
98ee7543 MC |
174 | static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
175 | const unsigned char *iv, int enc); | |
98ee7543 MC |
176 | static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
177 | const unsigned char *in, size_t inl); | |
98ee7543 MC |
178 | static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx); |
179 | ||
2f2c9caa MC |
180 | static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, |
181 | int arg, void *ptr); | |
182 | static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, | |
183 | const unsigned char *key, | |
184 | const unsigned char *iv, | |
185 | int enc); | |
186 | static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, | |
187 | unsigned char *out, | |
188 | const unsigned char *in, | |
189 | size_t inl); | |
190 | static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx); | |
191 | ||
e38c2e85 | 192 | struct dasync_pipeline_ctx { |
98ee7543 | 193 | void *inner_cipher_data; |
98ee7543 MC |
194 | unsigned int numpipes; |
195 | unsigned char **inbufs; | |
196 | unsigned char **outbufs; | |
197 | size_t *lens; | |
2f2c9caa MC |
198 | int enc; |
199 | unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN]; | |
200 | unsigned int aadctr; | |
98ee7543 MC |
201 | }; |
202 | ||
11780ac3 MC |
203 | /* |
204 | * Holds the EVP_CIPHER object for aes_128_cbc in this engine. Set up once only | |
205 | * during engine bind and can then be reused many times. | |
206 | */ | |
98ee7543 MC |
207 | static EVP_CIPHER *_hidden_aes_128_cbc = NULL; |
208 | static const EVP_CIPHER *dasync_aes_128_cbc(void) | |
209 | { | |
11780ac3 MC |
210 | return _hidden_aes_128_cbc; |
211 | } | |
212 | ||
213 | /* | |
214 | * Holds the EVP_CIPHER object for aes_128_cbc_hmac_sha1 in this engine. Set up | |
215 | * once only during engine bind and can then be reused many times. | |
216 | */ | |
217 | static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; | |
218 | static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) | |
219 | { | |
220 | return _hidden_aes_128_cbc_hmac_sha1; | |
221 | } | |
222 | ||
223 | static void destroy_ciphers(void) | |
224 | { | |
225 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
226 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); | |
227 | _hidden_aes_128_cbc = NULL; | |
228 | _hidden_aes_128_cbc_hmac_sha1 = NULL; | |
229 | } | |
230 | ||
231 | static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
232 | const int **nids, int nid); | |
233 | ||
234 | static int dasync_cipher_nids[] = { | |
235 | NID_aes_128_cbc, | |
236 | NID_aes_128_cbc_hmac_sha1, | |
237 | 0 | |
238 | }; | |
239 | ||
240 | static int bind_dasync(ENGINE *e) | |
241 | { | |
242 | /* Ensure the dasync error handling is set up */ | |
243 | ERR_load_DASYNC_strings(); | |
244 | ||
245 | if (!ENGINE_set_id(e, engine_dasync_id) | |
246 | || !ENGINE_set_name(e, engine_dasync_name) | |
247 | || !ENGINE_set_RSA(e, &dasync_rsa_method) | |
248 | || !ENGINE_set_digests(e, dasync_digests) | |
249 | || !ENGINE_set_ciphers(e, dasync_ciphers) | |
250 | || !ENGINE_set_destroy_function(e, dasync_destroy) | |
251 | || !ENGINE_set_init_function(e, dasync_init) | |
252 | || !ENGINE_set_finish_function(e, dasync_finish)) { | |
253 | DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); | |
254 | return 0; | |
255 | } | |
256 | ||
257 | /* | |
258 | * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests | |
259 | * supplied by this engine | |
260 | */ | |
261 | _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption); | |
262 | if (_hidden_sha1_md == NULL | |
263 | || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH) | |
264 | || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK) | |
265 | || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md, | |
266 | sizeof(EVP_MD *) + sizeof(SHA_CTX)) | |
267 | || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
268 | || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init) | |
269 | || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update) | |
270 | || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) { | |
271 | EVP_MD_meth_free(_hidden_sha1_md); | |
272 | _hidden_sha1_md = NULL; | |
273 | } | |
274 | ||
275 | _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, | |
276 | 16 /* block size */, | |
277 | 16 /* key len */); | |
98ee7543 MC |
278 | if (_hidden_aes_128_cbc == NULL |
279 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) | |
280 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, | |
281 | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
282 | | EVP_CIPH_CBC_MODE | |
283 | | EVP_CIPH_FLAG_PIPELINE) | |
284 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, | |
285 | dasync_aes128_init_key) | |
286 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, | |
287 | dasync_aes128_cbc_cipher) | |
288 | || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc, | |
289 | dasync_aes128_cbc_cleanup) | |
290 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc, | |
291 | dasync_aes128_cbc_ctrl) | |
292 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, | |
e38c2e85 | 293 | sizeof(struct dasync_pipeline_ctx))) { |
98ee7543 MC |
294 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); |
295 | _hidden_aes_128_cbc = NULL; | |
296 | } | |
98ee7543 | 297 | |
11780ac3 MC |
298 | _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( |
299 | NID_aes_128_cbc_hmac_sha1, | |
300 | 16 /* block size */, | |
301 | 16 /* key len */); | |
2f2c9caa MC |
302 | if (_hidden_aes_128_cbc_hmac_sha1 == NULL |
303 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) | |
304 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, | |
305 | EVP_CIPH_CBC_MODE | |
306 | | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
307 | | EVP_CIPH_FLAG_AEAD_CIPHER | |
308 | | EVP_CIPH_FLAG_PIPELINE) | |
309 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc_hmac_sha1, | |
310 | dasync_aes128_cbc_hmac_sha1_init_key) | |
311 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc_hmac_sha1, | |
312 | dasync_aes128_cbc_hmac_sha1_cipher) | |
313 | || !EVP_CIPHER_meth_set_cleanup(_hidden_aes_128_cbc_hmac_sha1, | |
314 | dasync_aes128_cbc_hmac_sha1_cleanup) | |
315 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, | |
316 | dasync_aes128_cbc_hmac_sha1_ctrl) | |
317 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, | |
e38c2e85 | 318 | sizeof(struct dasync_pipeline_ctx))) { |
2f2c9caa MC |
319 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); |
320 | _hidden_aes_128_cbc_hmac_sha1 = NULL; | |
321 | } | |
a14e9ff7 MC |
322 | |
323 | return 1; | |
324 | } | |
325 | ||
326 | # ifndef OPENSSL_NO_DYNAMIC_ENGINE | |
327 | static int bind_helper(ENGINE *e, const char *id) | |
328 | { | |
329 | if (id && (strcmp(id, engine_dasync_id) != 0)) | |
330 | return 0; | |
331 | if (!bind_dasync(e)) | |
332 | return 0; | |
333 | return 1; | |
334 | } | |
335 | ||
336 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
337 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
338 | # endif | |
339 | ||
340 | static ENGINE *engine_dasync(void) | |
341 | { | |
342 | ENGINE *ret = ENGINE_new(); | |
343 | if (!ret) | |
344 | return NULL; | |
345 | if (!bind_dasync(ret)) { | |
346 | ENGINE_free(ret); | |
347 | return NULL; | |
348 | } | |
349 | return ret; | |
350 | } | |
351 | ||
7b9f8f7f | 352 | void engine_load_dasync_internal(void) |
a14e9ff7 MC |
353 | { |
354 | ENGINE *toadd = engine_dasync(); | |
355 | if (!toadd) | |
356 | return; | |
357 | ENGINE_add(toadd); | |
358 | ENGINE_free(toadd); | |
359 | ERR_clear_error(); | |
360 | } | |
361 | ||
362 | static int dasync_init(ENGINE *e) | |
363 | { | |
364 | return 1; | |
365 | } | |
366 | ||
367 | ||
368 | static int dasync_finish(ENGINE *e) | |
369 | { | |
370 | return 1; | |
371 | } | |
372 | ||
373 | ||
374 | static int dasync_destroy(ENGINE *e) | |
375 | { | |
cddcea8c | 376 | destroy_digests(); |
11780ac3 | 377 | destroy_ciphers(); |
a14e9ff7 MC |
378 | ERR_unload_DASYNC_strings(); |
379 | return 1; | |
380 | } | |
381 | ||
382 | static int dasync_digests(ENGINE *e, const EVP_MD **digest, | |
383 | const int **nids, int nid) | |
384 | { | |
385 | int ok = 1; | |
386 | if (!digest) { | |
387 | /* We are returning a list of supported nids */ | |
cddcea8c | 388 | return dasync_digest_nids(nids); |
a14e9ff7 MC |
389 | } |
390 | /* We are being asked for a specific digest */ | |
391 | switch (nid) { | |
392 | case NID_sha1: | |
cddcea8c | 393 | *digest = dasync_sha1(); |
a14e9ff7 MC |
394 | break; |
395 | default: | |
396 | ok = 0; | |
397 | *digest = NULL; | |
398 | break; | |
399 | } | |
400 | return ok; | |
401 | } | |
402 | ||
98ee7543 MC |
403 | static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, |
404 | const int **nids, int nid) | |
405 | { | |
406 | int ok = 1; | |
11780ac3 | 407 | if (cipher == NULL) { |
98ee7543 MC |
408 | /* We are returning a list of supported nids */ |
409 | *nids = dasync_cipher_nids; | |
410 | return (sizeof(dasync_cipher_nids) - | |
411 | 1) / sizeof(dasync_cipher_nids[0]); | |
412 | } | |
413 | /* We are being asked for a specific cipher */ | |
414 | switch (nid) { | |
415 | case NID_aes_128_cbc: | |
416 | *cipher = dasync_aes_128_cbc(); | |
417 | break; | |
2f2c9caa MC |
418 | case NID_aes_128_cbc_hmac_sha1: |
419 | *cipher = dasync_aes_128_cbc_hmac_sha1(); | |
420 | break; | |
98ee7543 MC |
421 | default: |
422 | ok = 0; | |
423 | *cipher = NULL; | |
424 | break; | |
425 | } | |
426 | return ok; | |
427 | } | |
428 | ||
ff75a257 MC |
429 | static void wait_cleanup(ASYNC_WAIT_CTX *ctx, const void *key, |
430 | OSSL_ASYNC_FD readfd, void *pvwritefd) | |
431 | { | |
432 | OSSL_ASYNC_FD *pwritefd = (OSSL_ASYNC_FD *)pvwritefd; | |
433 | #if defined(ASYNC_WIN) | |
434 | CloseHandle(readfd); | |
435 | CloseHandle(*pwritefd); | |
436 | #elif defined(ASYNC_POSIX) | |
437 | close(readfd); | |
438 | close(*pwritefd); | |
439 | #endif | |
440 | OPENSSL_free(pwritefd); | |
441 | } | |
442 | ||
443 | #define DUMMY_CHAR 'X' | |
444 | ||
f4da39d2 MC |
445 | static void dummy_pause_job(void) { |
446 | ASYNC_JOB *job; | |
ff75a257 MC |
447 | ASYNC_WAIT_CTX *waitctx; |
448 | OSSL_ASYNC_FD pipefds[2] = {0, 0}; | |
449 | OSSL_ASYNC_FD *writefd; | |
450 | #if defined(ASYNC_WIN) | |
451 | DWORD numwritten, numread; | |
452 | char buf = DUMMY_CHAR; | |
453 | #elif defined(ASYNC_POSIX) | |
454 | char buf = DUMMY_CHAR; | |
455 | #endif | |
f4da39d2 MC |
456 | |
457 | if ((job = ASYNC_get_current_job()) == NULL) | |
458 | return; | |
459 | ||
ff75a257 MC |
460 | waitctx = ASYNC_get_wait_ctx(job); |
461 | ||
462 | if (ASYNC_WAIT_CTX_get_fd(waitctx, engine_dasync_id, &pipefds[0], | |
463 | (void **)&writefd)) { | |
464 | pipefds[1] = *writefd; | |
465 | } else { | |
466 | writefd = OPENSSL_malloc(sizeof(*writefd)); | |
467 | if (writefd == NULL) | |
468 | return; | |
469 | #if defined(ASYNC_WIN) | |
470 | if (CreatePipe(&pipefds[0], &pipefds[1], NULL, 256) == 0) { | |
471 | OPENSSL_free(writefd); | |
472 | return; | |
473 | } | |
474 | #elif defined(ASYNC_POSIX) | |
475 | if (pipe(pipefds) != 0) { | |
476 | OPENSSL_free(writefd); | |
477 | return; | |
478 | } | |
479 | #endif | |
480 | *writefd = pipefds[1]; | |
481 | ||
482 | if(!ASYNC_WAIT_CTX_set_wait_fd(waitctx, engine_dasync_id, pipefds[0], | |
483 | writefd, wait_cleanup)) { | |
484 | wait_cleanup(waitctx, engine_dasync_id, pipefds[0], writefd); | |
485 | return; | |
486 | } | |
487 | } | |
f4da39d2 MC |
488 | /* |
489 | * In the Dummy async engine we are cheating. We signal that the job | |
490 | * is complete by waking it before the call to ASYNC_pause_job(). A real | |
491 | * async engine would only wake when the job was actually complete | |
492 | */ | |
ff75a257 MC |
493 | #if defined(ASYNC_WIN) |
494 | WriteFile(pipefds[1], &buf, 1, &numwritten, NULL); | |
495 | #elif defined(ASYNC_POSIX) | |
b8972eda AG |
496 | if (write(pipefds[1], &buf, 1) < 0) |
497 | return; | |
ff75a257 | 498 | #endif |
f4da39d2 MC |
499 | |
500 | /* Ignore errors - we carry on anyway */ | |
501 | ASYNC_pause_job(); | |
502 | ||
ff75a257 MC |
503 | /* Clear the wake signal */ |
504 | #if defined(ASYNC_WIN) | |
505 | ReadFile(pipefds[0], &buf, 1, &numread, NULL); | |
506 | #elif defined(ASYNC_POSIX) | |
b8972eda AG |
507 | if (read(pipefds[0], &buf, 1) < 0) |
508 | return; | |
ff75a257 | 509 | #endif |
f4da39d2 MC |
510 | } |
511 | ||
a14e9ff7 MC |
512 | /* |
513 | * SHA1 implementation. At the moment we just defer to the standard | |
514 | * implementation | |
515 | */ | |
516 | #undef data | |
6e59a892 | 517 | #define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx)) |
46a283c0 | 518 | static int dasync_sha1_init(EVP_MD_CTX *ctx) |
a14e9ff7 | 519 | { |
f4da39d2 | 520 | dummy_pause_job(); |
a14e9ff7 MC |
521 | |
522 | return SHA1_Init(data(ctx)); | |
523 | } | |
524 | ||
46a283c0 | 525 | static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, |
652d4a8c | 526 | size_t count) |
a14e9ff7 | 527 | { |
f4da39d2 | 528 | dummy_pause_job(); |
a14e9ff7 MC |
529 | |
530 | return SHA1_Update(data(ctx), data, (size_t)count); | |
531 | } | |
532 | ||
46a283c0 | 533 | static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) |
a14e9ff7 | 534 | { |
f4da39d2 | 535 | dummy_pause_job(); |
a14e9ff7 MC |
536 | |
537 | return SHA1_Final(md, data(ctx)); | |
538 | } | |
539 | ||
540 | /* | |
541 | * RSA implementation | |
542 | */ | |
543 | ||
544 | static int dasync_pub_enc(int flen, const unsigned char *from, | |
545 | unsigned char *to, RSA *rsa, int padding) { | |
546 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 547 | dummy_pause_job(); |
a14e9ff7 MC |
548 | return RSA_PKCS1_OpenSSL()->rsa_pub_enc(flen, from, to, rsa, padding); |
549 | } | |
550 | ||
551 | static int dasync_pub_dec(int flen, const unsigned char *from, | |
552 | unsigned char *to, RSA *rsa, int padding) { | |
553 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 554 | dummy_pause_job(); |
a14e9ff7 MC |
555 | return RSA_PKCS1_OpenSSL()->rsa_pub_dec(flen, from, to, rsa, padding); |
556 | } | |
557 | ||
558 | static int dasync_rsa_priv_enc(int flen, const unsigned char *from, | |
559 | unsigned char *to, RSA *rsa, int padding) | |
560 | { | |
561 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 562 | dummy_pause_job(); |
a14e9ff7 MC |
563 | return RSA_PKCS1_OpenSSL()->rsa_priv_enc(flen, from, to, rsa, padding); |
564 | } | |
565 | ||
566 | static int dasync_rsa_priv_dec(int flen, const unsigned char *from, | |
567 | unsigned char *to, RSA *rsa, int padding) | |
568 | { | |
569 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 570 | dummy_pause_job(); |
a14e9ff7 MC |
571 | return RSA_PKCS1_OpenSSL()->rsa_priv_dec(flen, from, to, rsa, padding); |
572 | } | |
573 | ||
574 | static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | |
575 | { | |
576 | /* Ignore errors - we carry on anyway */ | |
f4da39d2 | 577 | dummy_pause_job(); |
a14e9ff7 MC |
578 | return RSA_PKCS1_OpenSSL()->rsa_mod_exp(r0, I, rsa, ctx); |
579 | } | |
580 | ||
581 | static int dasync_rsa_init(RSA *rsa) | |
582 | { | |
583 | return RSA_PKCS1_OpenSSL()->init(rsa); | |
584 | } | |
585 | static int dasync_rsa_finish(RSA *rsa) | |
586 | { | |
587 | return RSA_PKCS1_OpenSSL()->finish(rsa); | |
588 | } | |
98ee7543 | 589 | |
e38c2e85 | 590 | /* Cipher helper functions */ |
98ee7543 | 591 | |
e38c2e85 MC |
592 | static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, |
593 | void *ptr, int aeadcapable) | |
98ee7543 MC |
594 | { |
595 | int ret; | |
e38c2e85 MC |
596 | struct dasync_pipeline_ctx *pipe_ctx = |
597 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
598 | |
599 | if (pipe_ctx == NULL) | |
600 | return 0; | |
601 | ||
602 | switch (type) { | |
603 | case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: | |
604 | pipe_ctx->numpipes = arg; | |
605 | pipe_ctx->outbufs = (unsigned char **)ptr; | |
606 | break; | |
607 | ||
608 | case EVP_CTRL_SET_PIPELINE_INPUT_BUFS: | |
609 | pipe_ctx->numpipes = arg; | |
610 | pipe_ctx->inbufs = (unsigned char **)ptr; | |
611 | break; | |
612 | ||
613 | case EVP_CTRL_SET_PIPELINE_INPUT_LENS: | |
614 | pipe_ctx->numpipes = arg; | |
615 | pipe_ctx->lens = (size_t *)ptr; | |
616 | break; | |
617 | ||
618 | case EVP_CTRL_AEAD_SET_MAC_KEY: | |
e38c2e85 MC |
619 | if (!aeadcapable) |
620 | return -1; | |
2f2c9caa MC |
621 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); |
622 | ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) | |
623 | (ctx, type, arg, ptr); | |
624 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); | |
625 | return ret; | |
626 | ||
627 | case EVP_CTRL_AEAD_TLS1_AAD: | |
628 | { | |
629 | unsigned char *p = ptr; | |
630 | unsigned int len; | |
631 | ||
e38c2e85 | 632 | if (!aeadcapable || arg != EVP_AEAD_TLS1_AAD_LEN) |
2f2c9caa MC |
633 | return -1; |
634 | ||
635 | if (pipe_ctx->aadctr >= SSL_MAX_PIPELINES) | |
636 | return -1; | |
637 | ||
638 | memcpy(pipe_ctx->tlsaad[pipe_ctx->aadctr], ptr, | |
639 | EVP_AEAD_TLS1_AAD_LEN); | |
640 | pipe_ctx->aadctr++; | |
641 | ||
642 | len = p[arg - 2] << 8 | p[arg - 1]; | |
643 | ||
644 | if (pipe_ctx->enc) { | |
645 | if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) { | |
646 | len -= AES_BLOCK_SIZE; | |
647 | } | |
648 | ||
649 | return ((len + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) | |
650 | & -AES_BLOCK_SIZE) - len; | |
651 | } else { | |
652 | return SHA_DIGEST_LENGTH; | |
653 | } | |
654 | } | |
655 | ||
2f2c9caa MC |
656 | default: |
657 | return 0; | |
658 | } | |
659 | ||
660 | return 1; | |
661 | } | |
662 | ||
e38c2e85 MC |
663 | static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx, |
664 | const unsigned char *key, | |
665 | const unsigned char *iv, int enc, | |
666 | const EVP_CIPHER *cipher) | |
2f2c9caa MC |
667 | { |
668 | int ret; | |
e38c2e85 MC |
669 | struct dasync_pipeline_ctx *pipe_ctx = |
670 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
671 | |
672 | if (pipe_ctx->inner_cipher_data == NULL | |
e38c2e85 MC |
673 | && EVP_CIPHER_impl_ctx_size(cipher) != 0) { |
674 | pipe_ctx->inner_cipher_data = OPENSSL_zalloc( | |
675 | EVP_CIPHER_impl_ctx_size(cipher)); | |
2f2c9caa | 676 | if (pipe_ctx->inner_cipher_data == NULL) { |
e38c2e85 | 677 | DASYNCerr(DASYNC_F_DASYNC_AES128_INIT_KEY, |
2f2c9caa MC |
678 | ERR_R_MALLOC_FAILURE); |
679 | return 0; | |
680 | } | |
681 | } | |
682 | ||
683 | pipe_ctx->numpipes = 0; | |
e38c2e85 | 684 | pipe_ctx->aadctr = 0; |
2f2c9caa MC |
685 | |
686 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); | |
e38c2e85 | 687 | ret = EVP_CIPHER_meth_get_init(cipher)(ctx, key, iv, enc); |
2f2c9caa MC |
688 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); |
689 | ||
690 | return ret; | |
691 | } | |
692 | ||
e38c2e85 MC |
693 | static int dasync_cipher_helper(EVP_CIPHER_CTX *ctx, unsigned char *out, |
694 | const unsigned char *in, size_t inl, | |
695 | const EVP_CIPHER *cipher) | |
2f2c9caa MC |
696 | { |
697 | int ret = 1; | |
698 | unsigned int i, pipes; | |
e38c2e85 MC |
699 | struct dasync_pipeline_ctx *pipe_ctx = |
700 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
701 | |
702 | pipes = pipe_ctx->numpipes; | |
703 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); | |
704 | if (pipes == 0) { | |
705 | if (pipe_ctx->aadctr != 0) { | |
706 | if (pipe_ctx->aadctr != 1) | |
707 | return -1; | |
e38c2e85 | 708 | EVP_CIPHER_meth_get_ctrl(cipher) |
2f2c9caa MC |
709 | (ctx, EVP_CTRL_AEAD_TLS1_AAD, |
710 | EVP_AEAD_TLS1_AAD_LEN, | |
711 | pipe_ctx->tlsaad[0]); | |
712 | } | |
e38c2e85 | 713 | ret = EVP_CIPHER_meth_get_do_cipher(cipher) |
2f2c9caa MC |
714 | (ctx, out, in, inl); |
715 | } else { | |
716 | if (pipe_ctx->aadctr > 0 && pipe_ctx->aadctr != pipes) | |
717 | return -1; | |
718 | for (i = 0; i < pipes; i++) { | |
719 | if (pipe_ctx->aadctr > 0) { | |
e38c2e85 | 720 | EVP_CIPHER_meth_get_ctrl(cipher) |
2f2c9caa MC |
721 | (ctx, EVP_CTRL_AEAD_TLS1_AAD, |
722 | EVP_AEAD_TLS1_AAD_LEN, | |
723 | pipe_ctx->tlsaad[i]); | |
724 | } | |
e38c2e85 | 725 | ret = ret && EVP_CIPHER_meth_get_do_cipher(cipher) |
2f2c9caa MC |
726 | (ctx, pipe_ctx->outbufs[i], pipe_ctx->inbufs[i], |
727 | pipe_ctx->lens[i]); | |
728 | } | |
729 | pipe_ctx->numpipes = 0; | |
730 | } | |
731 | pipe_ctx->aadctr = 0; | |
732 | EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); | |
733 | return ret; | |
734 | } | |
735 | ||
e38c2e85 MC |
736 | static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, |
737 | const EVP_CIPHER *cipher) | |
2f2c9caa | 738 | { |
e38c2e85 MC |
739 | struct dasync_pipeline_ctx *pipe_ctx = |
740 | (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); | |
2f2c9caa MC |
741 | |
742 | OPENSSL_clear_free(pipe_ctx->inner_cipher_data, | |
e38c2e85 | 743 | EVP_CIPHER_impl_ctx_size(cipher)); |
2f2c9caa MC |
744 | |
745 | return 1; | |
746 | } | |
e38c2e85 MC |
747 | |
748 | /* | |
749 | * AES128 CBC Implementation | |
750 | */ | |
751 | ||
752 | static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
753 | void *ptr) | |
754 | { | |
755 | return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); | |
756 | } | |
757 | ||
758 | static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
759 | const unsigned char *iv, int enc) | |
760 | { | |
761 | return dasync_cipher_init_key_helper(ctx, key, iv, enc, EVP_aes_128_cbc()); | |
762 | } | |
763 | ||
764 | static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
765 | const unsigned char *in, size_t inl) | |
766 | { | |
767 | return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc()); | |
768 | } | |
769 | ||
770 | static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) | |
771 | { | |
772 | return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc()); | |
773 | } | |
774 | ||
775 | ||
776 | /* | |
777 | * AES128 CBC HMAC SHA1 Implementation | |
778 | */ | |
779 | ||
780 | static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, | |
781 | int arg, void *ptr) | |
782 | { | |
783 | return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); | |
784 | } | |
785 | ||
786 | static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, | |
787 | const unsigned char *key, | |
788 | const unsigned char *iv, | |
789 | int enc) | |
790 | { | |
791 | return dasync_cipher_init_key_helper(ctx, key, iv, enc, | |
792 | EVP_aes_128_cbc_hmac_sha1()); | |
793 | } | |
794 | ||
795 | static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, | |
796 | unsigned char *out, | |
797 | const unsigned char *in, | |
798 | size_t inl) | |
799 | { | |
800 | return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc_hmac_sha1()); | |
801 | } | |
802 | ||
803 | static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx) | |
804 | { | |
805 | return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1()); | |
806 | } |