]>
Commit | Line | Data |
---|---|---|
e1178600 SL |
1 | /* |
2 | * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * Generic dispatch table functions for ciphers. | |
12 | */ | |
13 | ||
14 | #include "cipher_locl.h" | |
4a42e264 SL |
15 | #include "internal/provider_ctx.h" |
16 | #include "internal/providercommonerr.h" | |
e1178600 SL |
17 | |
18 | /*- | |
4a42e264 | 19 | * Generic cipher functions for OSSL_PARAM gettables and settables |
e1178600 SL |
20 | */ |
21 | static const OSSL_PARAM cipher_known_gettable_params[] = { | |
1c3ace68 SL |
22 | OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL), |
23 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), | |
24 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), | |
25 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL), | |
26 | OSSL_PARAM_ulong(OSSL_CIPHER_PARAM_FLAGS, NULL), | |
e1178600 SL |
27 | OSSL_PARAM_END |
28 | }; | |
4a42e264 | 29 | const OSSL_PARAM *cipher_generic_gettable_params(void) |
e1178600 SL |
30 | { |
31 | return cipher_known_gettable_params; | |
32 | } | |
33 | ||
1c3ace68 SL |
34 | int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, |
35 | unsigned long flags, | |
36 | size_t kbits, size_t blkbits, size_t ivbits) | |
e1178600 SL |
37 | { |
38 | OSSL_PARAM *p; | |
39 | ||
40 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); | |
1c3ace68 | 41 | if (p != NULL && !OSSL_PARAM_set_uint(p, md)) { |
e1178600 SL |
42 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
43 | return 0; | |
44 | } | |
45 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_FLAGS); | |
46 | if (p != NULL && !OSSL_PARAM_set_ulong(p, flags)) { | |
47 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); | |
48 | return 0; | |
49 | } | |
50 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); | |
1c3ace68 | 51 | if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) { |
e1178600 SL |
52 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
53 | return 0; | |
54 | } | |
55 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); | |
1c3ace68 | 56 | if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) { |
e1178600 SL |
57 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
58 | return 0; | |
59 | } | |
60 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); | |
1c3ace68 | 61 | if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) { |
e1178600 SL |
62 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
63 | return 0; | |
64 | } | |
65 | return 1; | |
66 | } | |
67 | ||
4a42e264 SL |
68 | CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(cipher_generic) |
69 | CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(cipher_generic) | |
e1178600 SL |
70 | |
71 | static const OSSL_PARAM cipher_known_settable_ctx_params[] = { | |
1c3ace68 SL |
72 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), |
73 | OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), | |
74 | OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), | |
e1178600 SL |
75 | OSSL_PARAM_END |
76 | }; | |
4a42e264 | 77 | const OSSL_PARAM *cipher_generic_settable_ctx_params(void) |
e1178600 SL |
78 | { |
79 | return cipher_known_settable_ctx_params; | |
80 | } | |
81 | ||
82 | /*- | |
83 | * AEAD cipher functions for OSSL_PARAM gettables and settables | |
84 | */ | |
85 | static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = { | |
1c3ace68 SL |
86 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), |
87 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), | |
e1178600 SL |
88 | OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), |
89 | OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), | |
90 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), | |
91 | OSSL_PARAM_END | |
92 | }; | |
93 | const OSSL_PARAM *cipher_aead_gettable_ctx_params(void) | |
94 | { | |
95 | return cipher_aead_known_gettable_ctx_params; | |
96 | } | |
97 | ||
98 | static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = { | |
1c3ace68 | 99 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), |
e1178600 SL |
100 | OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL), |
101 | OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), | |
102 | OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), | |
103 | OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0), | |
104 | OSSL_PARAM_END | |
105 | }; | |
106 | const OSSL_PARAM *cipher_aead_settable_ctx_params(void) | |
107 | { | |
108 | return cipher_aead_known_settable_ctx_params; | |
109 | } | |
110 | ||
111 | static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, | |
112 | const unsigned char *key, size_t keylen, | |
113 | const unsigned char *iv, size_t ivlen, | |
114 | int enc) | |
115 | { | |
1c3ace68 | 116 | ctx->enc = enc ? 1 : 0; |
e1178600 SL |
117 | |
118 | if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) { | |
4a42e264 | 119 | if (ivlen != ctx->ivlen) { |
e1178600 SL |
120 | ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); |
121 | return 0; | |
122 | } | |
4a42e264 | 123 | memcpy(ctx->iv, iv, ctx->ivlen); |
e1178600 SL |
124 | } |
125 | if (key != NULL) { | |
126 | if (keylen != ctx->keylen) { | |
127 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); | |
128 | return 0; | |
129 | } | |
130 | return ctx->hw->init(ctx, key, ctx->keylen); | |
131 | } | |
132 | return 1; | |
133 | } | |
134 | ||
135 | int cipher_generic_einit(void *vctx, const unsigned char *key, size_t keylen, | |
136 | const unsigned char *iv, size_t ivlen) | |
137 | { | |
138 | return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, | |
139 | iv, ivlen, 1); | |
140 | } | |
141 | ||
142 | int cipher_generic_dinit(void *vctx, const unsigned char *key, size_t keylen, | |
143 | const unsigned char *iv, size_t ivlen) | |
144 | { | |
145 | return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, | |
146 | iv, ivlen, 0); | |
147 | } | |
148 | ||
149 | int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl, | |
150 | size_t outsize, const unsigned char *in, | |
151 | size_t inl) | |
152 | { | |
153 | size_t outlint = 0; | |
154 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
4a42e264 SL |
155 | size_t blksz = ctx->blocksize; |
156 | size_t nextblocks = fillblock(ctx->buf, &ctx->bufsz, blksz, &in, &inl); | |
e1178600 SL |
157 | |
158 | /* | |
159 | * If we're decrypting and we end an update on a block boundary we hold | |
160 | * the last block back in case this is the last update call and the last | |
161 | * block is padded. | |
162 | */ | |
4a42e264 SL |
163 | if (ctx->bufsz == blksz && (ctx->enc || inl > 0 || !ctx->pad)) { |
164 | if (outsize < blksz) { | |
e1178600 SL |
165 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); |
166 | return 0; | |
167 | } | |
4a42e264 | 168 | if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) { |
e1178600 SL |
169 | ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); |
170 | return 0; | |
171 | } | |
172 | ctx->bufsz = 0; | |
4a42e264 SL |
173 | outlint = blksz; |
174 | out += blksz; | |
e1178600 SL |
175 | } |
176 | if (nextblocks > 0) { | |
177 | if (!ctx->enc && ctx->pad && nextblocks == inl) { | |
4a42e264 | 178 | if (!ossl_assert(inl >= blksz)) { |
e1178600 SL |
179 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); |
180 | return 0; | |
181 | } | |
4a42e264 | 182 | nextblocks -= blksz; |
e1178600 SL |
183 | } |
184 | outlint += nextblocks; | |
185 | if (outsize < outlint) { | |
186 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); | |
187 | return 0; | |
188 | } | |
189 | if (!ctx->hw->cipher(ctx, out, in, nextblocks)) { | |
190 | ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); | |
191 | return 0; | |
192 | } | |
193 | in += nextblocks; | |
194 | inl -= nextblocks; | |
195 | } | |
4a42e264 | 196 | if (!trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) { |
e1178600 SL |
197 | /* ERR_raise already called */ |
198 | return 0; | |
199 | } | |
200 | ||
201 | *outl = outlint; | |
202 | return inl == 0; | |
203 | } | |
204 | ||
205 | int cipher_generic_block_final(void *vctx, unsigned char *out, size_t *outl, | |
206 | size_t outsize) | |
207 | { | |
208 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
4a42e264 | 209 | size_t blksz = ctx->blocksize; |
e1178600 SL |
210 | |
211 | if (ctx->enc) { | |
212 | if (ctx->pad) { | |
4a42e264 | 213 | padblock(ctx->buf, &ctx->bufsz, blksz); |
e1178600 SL |
214 | } else if (ctx->bufsz == 0) { |
215 | *outl = 0; | |
216 | return 1; | |
4a42e264 | 217 | } else if (ctx->bufsz != blksz) { |
e1178600 SL |
218 | ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH); |
219 | return 0; | |
220 | } | |
221 | ||
4a42e264 | 222 | if (outsize < blksz) { |
e1178600 SL |
223 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); |
224 | return 0; | |
225 | } | |
4a42e264 | 226 | if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) { |
e1178600 SL |
227 | ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); |
228 | return 0; | |
229 | } | |
230 | ctx->bufsz = 0; | |
4a42e264 | 231 | *outl = blksz; |
e1178600 SL |
232 | return 1; |
233 | } | |
234 | ||
235 | /* Decrypting */ | |
4a42e264 | 236 | if (ctx->bufsz != blksz) { |
e1178600 SL |
237 | if (ctx->bufsz == 0 && !ctx->pad) { |
238 | *outl = 0; | |
239 | return 1; | |
240 | } | |
241 | ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH); | |
242 | return 0; | |
243 | } | |
244 | ||
4a42e264 | 245 | if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) { |
e1178600 SL |
246 | ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); |
247 | return 0; | |
248 | } | |
249 | ||
4a42e264 | 250 | if (ctx->pad && !unpadblock(ctx->buf, &ctx->bufsz, blksz)) { |
e1178600 SL |
251 | /* ERR_raise already called */ |
252 | return 0; | |
253 | } | |
254 | ||
255 | if (outsize < ctx->bufsz) { | |
256 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); | |
257 | return 0; | |
258 | } | |
259 | memcpy(out, ctx->buf, ctx->bufsz); | |
260 | *outl = ctx->bufsz; | |
261 | ctx->bufsz = 0; | |
262 | return 1; | |
263 | } | |
264 | ||
265 | int cipher_generic_stream_update(void *vctx, unsigned char *out, size_t *outl, | |
266 | size_t outsize, const unsigned char *in, | |
267 | size_t inl) | |
268 | { | |
269 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
270 | ||
271 | if (outsize < inl) { | |
272 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); | |
273 | return 0; | |
274 | } | |
275 | ||
276 | if (!ctx->hw->cipher(ctx, out, in, inl)) { | |
277 | ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); | |
278 | return 0; | |
279 | } | |
280 | ||
281 | *outl = inl; | |
282 | return 1; | |
283 | } | |
284 | int cipher_generic_stream_final(void *vctx, unsigned char *out, size_t *outl, | |
285 | size_t outsize) | |
286 | { | |
287 | *outl = 0; | |
288 | return 1; | |
289 | } | |
290 | ||
291 | int cipher_generic_cipher(void *vctx, | |
292 | unsigned char *out, size_t *outl, size_t outsize, | |
293 | const unsigned char *in, size_t inl) | |
294 | { | |
295 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
296 | ||
297 | if (outsize < inl) { | |
298 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); | |
299 | return 0; | |
300 | } | |
301 | ||
302 | if (!ctx->hw->cipher(ctx, out, in, inl)) { | |
303 | ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); | |
304 | return 0; | |
305 | } | |
306 | ||
307 | *outl = inl; | |
308 | return 1; | |
309 | } | |
310 | ||
311 | int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) | |
312 | { | |
313 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
314 | OSSL_PARAM *p; | |
315 | ||
316 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); | |
1c3ace68 | 317 | if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) { |
e1178600 SL |
318 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
319 | return 0; | |
320 | } | |
321 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING); | |
1c3ace68 | 322 | if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) { |
e1178600 SL |
323 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
324 | return 0; | |
325 | } | |
326 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); | |
327 | if (p != NULL | |
4a42e264 SL |
328 | && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen) |
329 | && !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) { | |
e1178600 SL |
330 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
331 | return 0; | |
332 | } | |
333 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM); | |
1c3ace68 | 334 | if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) { |
e1178600 SL |
335 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
336 | return 0; | |
337 | } | |
338 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); | |
1c3ace68 | 339 | if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { |
e1178600 SL |
340 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); |
341 | return 0; | |
342 | } | |
343 | ||
344 | return 1; | |
345 | } | |
346 | ||
347 | int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) | |
348 | { | |
349 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
350 | const OSSL_PARAM *p; | |
351 | ||
352 | p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING); | |
353 | if (p != NULL) { | |
1c3ace68 | 354 | unsigned int pad; |
e1178600 | 355 | |
1c3ace68 | 356 | if (!OSSL_PARAM_get_uint(p, &pad)) { |
e1178600 SL |
357 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); |
358 | return 0; | |
359 | } | |
360 | ctx->pad = pad ? 1 : 0; | |
361 | } | |
362 | p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM); | |
363 | if (p != NULL) { | |
1c3ace68 | 364 | unsigned int num; |
e1178600 | 365 | |
1c3ace68 | 366 | if (!OSSL_PARAM_get_uint(p, &num)) { |
e1178600 SL |
367 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); |
368 | return 0; | |
369 | } | |
370 | ctx->num = num; | |
371 | } | |
372 | p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); | |
373 | if (p != NULL) { | |
1c3ace68 | 374 | size_t keylen; |
e1178600 | 375 | |
1c3ace68 | 376 | if (!OSSL_PARAM_get_size_t(p, &keylen)) { |
e1178600 SL |
377 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); |
378 | return 0; | |
379 | } | |
380 | ctx->keylen = keylen; | |
381 | } | |
382 | return 1; | |
383 | } | |
384 | ||
4a42e264 | 385 | void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, |
1c3ace68 | 386 | size_t ivbits, unsigned int mode, |
4a42e264 | 387 | const PROV_CIPHER_HW *hw, void *provctx) |
e1178600 SL |
388 | { |
389 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; | |
390 | ||
391 | ctx->pad = 1; | |
392 | ctx->keylen = ((kbits) / 8); | |
4a42e264 | 393 | ctx->ivlen = ((ivbits) / 8); |
e1178600 SL |
394 | ctx->hw = hw; |
395 | ctx->mode = mode; | |
4a42e264 SL |
396 | ctx->blocksize = blkbits / 8; |
397 | if (provctx != NULL) | |
398 | ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); /* used for rand */ | |
e1178600 | 399 | } |