]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/evp/evp_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Deprecate and replace EVP_CIPHER_CTX_iv()/etc.
[thirdparty/openssl.git] / crypto / evp / evp_lib.c
1 /*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * EVP _meth_ APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include "internal/cryptlib.h"
18 #include <openssl/evp.h>
19 #include <openssl/objects.h>
20 #include <openssl/params.h>
21 #include <openssl/core_names.h>
22 #include <openssl/dh.h>
23 #include <openssl/ec.h>
24 #include "crypto/evp.h"
25 #include "internal/provider.h"
26 #include "evp_local.h"
27
28 #if !defined(FIPS_MODULE)
29 int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
30 {
31 int ret = -1; /* Assume the worst */
32 const EVP_CIPHER *cipher = c->cipher;
33
34 /*
35 * For legacy implementations, we detect custom AlgorithmIdentifier
36 * parameter handling by checking if the function pointer
37 * cipher->set_asn1_parameters is set. We know that this pointer
38 * is NULL for provided implementations.
39 *
40 * Otherwise, for any implementation, we check the flag
41 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
42 * default AI parameter extraction.
43 *
44 * Otherwise, for provided implementations, we convert |type| to
45 * a DER encoded blob and pass to the implementation in OSSL_PARAM
46 * form.
47 *
48 * If none of the above applies, this operation is unsupported.
49 */
50 if (cipher->set_asn1_parameters != NULL) {
51 ret = cipher->set_asn1_parameters(c, type);
52 } else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
53 switch (EVP_CIPHER_mode(cipher)) {
54 case EVP_CIPH_WRAP_MODE:
55 if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap))
56 ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
57 ret = 1;
58 break;
59
60 case EVP_CIPH_GCM_MODE:
61 case EVP_CIPH_CCM_MODE:
62 case EVP_CIPH_XTS_MODE:
63 case EVP_CIPH_OCB_MODE:
64 ret = -2;
65 break;
66
67 default:
68 ret = EVP_CIPHER_set_asn1_iv(c, type);
69 }
70 } else if (cipher->prov != NULL) {
71 OSSL_PARAM params[3], *p = params;
72 unsigned char *der = NULL, *derp;
73
74 /*
75 * We make two passes, the first to get the appropriate buffer size,
76 * and the second to get the actual value.
77 */
78 *p++ = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
79 NULL, 0);
80 *p = OSSL_PARAM_construct_end();
81
82 if (!EVP_CIPHER_CTX_get_params(c, params))
83 goto err;
84
85 /* ... but, we should get a return size too! */
86 if (OSSL_PARAM_modified(params)
87 && params[0].return_size != 0
88 && (der = OPENSSL_malloc(params[0].return_size)) != NULL) {
89 params[0].data = der;
90 params[0].data_size = params[0].return_size;
91 OSSL_PARAM_set_all_unmodified(params);
92 derp = der;
93 if (EVP_CIPHER_CTX_get_params(c, params)
94 && OSSL_PARAM_modified(params)
95 && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
96 params[0].return_size) != NULL) {
97 ret = 1;
98 }
99 OPENSSL_free(der);
100 }
101 } else {
102 ret = -2;
103 }
104
105 err:
106 if (ret == -2)
107 EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, ASN1_R_UNSUPPORTED_CIPHER);
108 else if (ret <= 0)
109 EVPerr(EVP_F_EVP_CIPHER_PARAM_TO_ASN1, EVP_R_CIPHER_PARAMETER_ERROR);
110 if (ret < -1)
111 ret = -1;
112 return ret;
113 }
114
115 int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
116 {
117 int ret = -1; /* Assume the worst */
118 const EVP_CIPHER *cipher = c->cipher;
119
120 /*
121 * For legacy implementations, we detect custom AlgorithmIdentifier
122 * parameter handling by checking if there the function pointer
123 * cipher->get_asn1_parameters is set. We know that this pointer
124 * is NULL for provided implementations.
125 *
126 * Otherwise, for any implementation, we check the flag
127 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply
128 * default AI parameter creation.
129 *
130 * Otherwise, for provided implementations, we get the AI parameter
131 * in DER encoded form from the implementation by requesting the
132 * appropriate OSSL_PARAM and converting the result to a ASN1_TYPE.
133 *
134 * If none of the above applies, this operation is unsupported.
135 */
136 if (cipher->get_asn1_parameters != NULL) {
137 ret = cipher->get_asn1_parameters(c, type);
138 } else if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
139 switch (EVP_CIPHER_mode(cipher)) {
140 case EVP_CIPH_WRAP_MODE:
141 ret = 1;
142 break;
143
144 case EVP_CIPH_GCM_MODE:
145 case EVP_CIPH_CCM_MODE:
146 case EVP_CIPH_XTS_MODE:
147 case EVP_CIPH_OCB_MODE:
148 ret = -2;
149 break;
150
151 default:
152 ret = EVP_CIPHER_get_asn1_iv(c, type);
153 }
154 } else if (cipher->prov != NULL) {
155 OSSL_PARAM params[3], *p = params;
156 unsigned char *der = NULL;
157 int derl = -1;
158
159 if ((derl = i2d_ASN1_TYPE(type, &der)) >= 0) {
160 *p++ =
161 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_ALG_ID,
162 der, (size_t)derl);
163 *p = OSSL_PARAM_construct_end();
164 if (EVP_CIPHER_CTX_set_params(c, params))
165 ret = 1;
166 OPENSSL_free(der);
167 }
168 } else {
169 ret = -2;
170 }
171
172 if (ret == -2)
173 EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_UNSUPPORTED_CIPHER);
174 else if (ret <= 0)
175 EVPerr(EVP_F_EVP_CIPHER_ASN1_TO_PARAM, EVP_R_CIPHER_PARAMETER_ERROR);
176 if (ret < -1)
177 ret = -1;
178 return ret;
179 }
180
181 int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type)
182 {
183 int i = 0;
184 unsigned int l;
185
186 if (type != NULL) {
187 unsigned char iv[EVP_MAX_IV_LENGTH];
188
189 l = EVP_CIPHER_CTX_iv_length(ctx);
190 if (!ossl_assert(l <= sizeof(iv)))
191 return -1;
192 i = ASN1_TYPE_get_octetstring(type, iv, l);
193 if (i != (int)l)
194 return -1;
195
196 if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1))
197 return -1;
198 }
199 return i;
200 }
201
202 int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
203 {
204 int i = 0;
205 unsigned int j;
206 unsigned char *oiv = NULL;
207
208 if (type != NULL) {
209 oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c);
210 j = EVP_CIPHER_CTX_iv_length(c);
211 OPENSSL_assert(j <= sizeof(c->iv));
212 i = ASN1_TYPE_set_octetstring(type, oiv, j);
213 }
214 return i;
215 }
216 #endif /* !defined(FIPS_MODULE) */
217
218 /* Convert the various cipher NIDs and dummies to a proper OID NID */
219 int EVP_CIPHER_type(const EVP_CIPHER *ctx)
220 {
221 int nid;
222 nid = EVP_CIPHER_nid(ctx);
223
224 switch (nid) {
225
226 case NID_rc2_cbc:
227 case NID_rc2_64_cbc:
228 case NID_rc2_40_cbc:
229
230 return NID_rc2_cbc;
231
232 case NID_rc4:
233 case NID_rc4_40:
234
235 return NID_rc4;
236
237 case NID_aes_128_cfb128:
238 case NID_aes_128_cfb8:
239 case NID_aes_128_cfb1:
240
241 return NID_aes_128_cfb128;
242
243 case NID_aes_192_cfb128:
244 case NID_aes_192_cfb8:
245 case NID_aes_192_cfb1:
246
247 return NID_aes_192_cfb128;
248
249 case NID_aes_256_cfb128:
250 case NID_aes_256_cfb8:
251 case NID_aes_256_cfb1:
252
253 return NID_aes_256_cfb128;
254
255 case NID_des_cfb64:
256 case NID_des_cfb8:
257 case NID_des_cfb1:
258
259 return NID_des_cfb64;
260
261 case NID_des_ede3_cfb64:
262 case NID_des_ede3_cfb8:
263 case NID_des_ede3_cfb1:
264
265 return NID_des_cfb64;
266
267 default:
268 #ifdef FIPS_MODULE
269 return NID_undef;
270 #else
271 {
272 /* Check it has an OID and it is valid */
273 ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
274
275 if (OBJ_get0_data(otmp) == NULL)
276 nid = NID_undef;
277 ASN1_OBJECT_free(otmp);
278 return nid;
279 }
280 #endif
281 }
282 }
283
284 int evp_cipher_cache_constants(EVP_CIPHER *cipher)
285 {
286 int ok;
287 size_t ivlen = 0;
288 size_t blksz = 0;
289 size_t keylen = 0;
290 unsigned int mode = 0;
291 unsigned long flags = 0;
292 OSSL_PARAM params[6];
293
294 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz);
295 params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen);
296 params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
297 params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
298 params[4] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &flags);
299 params[5] = OSSL_PARAM_construct_end();
300 ok = evp_do_ciph_getparams(cipher, params);
301 if (ok) {
302 /* Provided implementations may have a custom cipher_cipher */
303 if (cipher->prov != NULL && cipher->ccipher != NULL)
304 flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
305 cipher->block_size = blksz;
306 cipher->iv_len = ivlen;
307 cipher->key_len = keylen;
308 cipher->flags = flags | mode;
309 }
310 return ok;
311 }
312
313 int EVP_CIPHER_block_size(const EVP_CIPHER *cipher)
314 {
315 return cipher->block_size;
316 }
317
318 int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
319 {
320 return EVP_CIPHER_block_size(ctx->cipher);
321 }
322
323 int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
324 {
325 return e->ctx_size;
326 }
327
328 int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
329 const unsigned char *in, unsigned int inl)
330 {
331 if (ctx->cipher->prov != NULL) {
332 /*
333 * If the provided implementation has a ccipher function, we use it,
334 * and translate its return value like this: 0 => -1, 1 => outlen
335 *
336 * Otherwise, we call the cupdate function if in != NULL, or cfinal
337 * if in == NULL. Regardless of which, we return what we got.
338 */
339 int ret = -1;
340 size_t outl = 0;
341 size_t blocksize = EVP_CIPHER_CTX_block_size(ctx);
342
343 if (ctx->cipher->ccipher != NULL)
344 ret = ctx->cipher->ccipher(ctx->provctx, out, &outl,
345 inl + (blocksize == 1 ? 0 : blocksize),
346 in, (size_t)inl)
347 ? (int)outl : -1;
348 else if (in != NULL)
349 ret = ctx->cipher->cupdate(ctx->provctx, out, &outl,
350 inl + (blocksize == 1 ? 0 : blocksize),
351 in, (size_t)inl);
352 else
353 ret = ctx->cipher->cfinal(ctx->provctx, out, &outl,
354 blocksize == 1 ? 0 : blocksize);
355
356 return ret;
357 }
358
359 return ctx->cipher->do_cipher(ctx, out, in, inl);
360 }
361
362 const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
363 {
364 return ctx->cipher;
365 }
366
367 int EVP_CIPHER_CTX_encrypting(const EVP_CIPHER_CTX *ctx)
368 {
369 return ctx->encrypt;
370 }
371
372 unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
373 {
374 return cipher->flags;
375 }
376
377 void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
378 {
379 return ctx->app_data;
380 }
381
382 void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
383 {
384 ctx->app_data = data;
385 }
386
387 void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
388 {
389 return ctx->cipher_data;
390 }
391
392 void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
393 {
394 void *old_cipher_data;
395
396 old_cipher_data = ctx->cipher_data;
397 ctx->cipher_data = cipher_data;
398
399 return old_cipher_data;
400 }
401
402 int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
403 {
404 return cipher->iv_len;
405 }
406
407 int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
408 {
409 int rv, len = EVP_CIPHER_iv_length(ctx->cipher);
410 size_t v = len;
411 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
412
413 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
414 rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
415 if (rv == EVP_CTRL_RET_UNSUPPORTED)
416 goto legacy;
417 return rv != 0 ? (int)v : -1;
418 /* TODO (3.0) Remove legacy support */
419 legacy:
420 if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
421 rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
422 0, &len);
423 return (rv == 1) ? len : -1;
424 }
425 return len;
426 }
427
428 int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
429 {
430 int ret;
431 size_t v = 0;
432 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
433
434 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
435 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
436 return ret == 1 ? (int)v : 0;
437 }
438
439 #ifndef OPENSSL_NO_DEPRECATED_3_0
440 const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
441 {
442 int ok;
443 const unsigned char *v = ctx->oiv;
444 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
445
446 params[0] =
447 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
448 (void **)&v, sizeof(ctx->oiv));
449 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
450
451 return ok != 0 ? v : NULL;
452 }
453
454 /*
455 * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
456 */
457 const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
458 {
459 int ok;
460 const unsigned char *v = ctx->iv;
461 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
462
463 params[0] =
464 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
465 sizeof(ctx->iv));
466 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
467
468 return ok != 0 ? v : NULL;
469 }
470
471 unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
472 {
473 int ok;
474 unsigned char *v = ctx->iv;
475 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
476
477 params[0] =
478 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV_STATE, (void **)&v,
479 sizeof(ctx->iv));
480 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
481
482 return ok != 0 ? v : NULL;
483 }
484 #endif /* OPENSSL_NO_DEPRECATED_3_0_0 */
485
486 int EVP_CIPHER_CTX_get_iv_state(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
487 {
488 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
489
490 params[0] =
491 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV_STATE, buf, len);
492 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
493 }
494
495 int EVP_CIPHER_CTX_get_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
496 {
497 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
498
499 params[0] =
500 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
501 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
502 }
503
504 unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
505 {
506 return ctx->buf;
507 }
508
509 int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
510 {
511 int ok;
512 unsigned int v = (unsigned int)ctx->num;
513 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
514
515 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
516 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
517
518 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
519 }
520
521 int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
522 {
523 int ok;
524 unsigned int n = (unsigned int)num;
525 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
526
527 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
528 ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
529
530 if (ok != 0)
531 ctx->num = (int)n;
532 return ok != 0;
533 }
534
535 int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
536 {
537 return cipher->key_len;
538 }
539
540 int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
541 {
542 int ok;
543 size_t v = ctx->key_len;
544 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
545
546 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
547 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
548
549 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
550 }
551
552 int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
553 {
554 return cipher->nid;
555 }
556
557 int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
558 {
559 return ctx->cipher->nid;
560 }
561
562 int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
563 {
564 if (cipher->prov != NULL)
565 return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
566 return evp_is_a(NULL, 0, EVP_CIPHER_name(cipher), name);
567 }
568
569 int EVP_CIPHER_number(const EVP_CIPHER *cipher)
570 {
571 return cipher->name_id;
572 }
573
574 const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
575 {
576 if (cipher->prov != NULL)
577 return evp_first_name(cipher->prov, cipher->name_id);
578 #ifndef FIPS_MODULE
579 return OBJ_nid2sn(EVP_CIPHER_nid(cipher));
580 #else
581 return NULL;
582 #endif
583 }
584
585 void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
586 void (*fn)(const char *name, void *data),
587 void *data)
588 {
589 if (cipher->prov != NULL)
590 evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
591 }
592
593 const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher)
594 {
595 return cipher->prov;
596 }
597
598 int EVP_CIPHER_mode(const EVP_CIPHER *cipher)
599 {
600 return EVP_CIPHER_flags(cipher) & EVP_CIPH_MODE;
601 }
602
603 int EVP_MD_is_a(const EVP_MD *md, const char *name)
604 {
605 if (md->prov != NULL)
606 return evp_is_a(md->prov, md->name_id, NULL, name);
607 return evp_is_a(NULL, 0, EVP_MD_name(md), name);
608 }
609
610 int EVP_MD_number(const EVP_MD *md)
611 {
612 return md->name_id;
613 }
614
615 const char *EVP_MD_name(const EVP_MD *md)
616 {
617 if (md->prov != NULL)
618 return evp_first_name(md->prov, md->name_id);
619 #ifndef FIPS_MODULE
620 return OBJ_nid2sn(EVP_MD_nid(md));
621 #else
622 return NULL;
623 #endif
624 }
625
626 void EVP_MD_names_do_all(const EVP_MD *md,
627 void (*fn)(const char *name, void *data),
628 void *data)
629 {
630 if (md->prov != NULL)
631 evp_names_do_all(md->prov, md->name_id, fn, data);
632 }
633
634 const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md)
635 {
636 return md->prov;
637 }
638
639 int EVP_MD_block_size(const EVP_MD *md)
640 {
641 int ok;
642 size_t v = md->block_size;
643 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
644
645 if (md == NULL) {
646 EVPerr(EVP_F_EVP_MD_BLOCK_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
647 return -1;
648 }
649
650 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_BLOCK_SIZE, &v);
651 ok = evp_do_md_getparams(md, params);
652
653 return ok != 0 ? (int)v : -1;
654 }
655
656 int EVP_MD_type(const EVP_MD *md)
657 {
658 return md->type;
659 }
660
661 int EVP_MD_pkey_type(const EVP_MD *md)
662 {
663 return md->pkey_type;
664 }
665
666 int EVP_MD_size(const EVP_MD *md)
667 {
668 int ok;
669 size_t v = md->md_size;
670 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
671
672 if (md == NULL) {
673 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
674 return -1;
675 }
676
677 params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &v);
678 ok = evp_do_md_getparams(md, params);
679
680 return ok != 0 ? (int)v : -1;
681 }
682
683 unsigned long EVP_MD_flags(const EVP_MD *md)
684 {
685 int ok;
686 unsigned long v = md->flags;
687 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
688
689 params[0] = OSSL_PARAM_construct_ulong(OSSL_CIPHER_PARAM_FLAGS, &v);
690 ok = evp_do_md_getparams(md, params);
691
692 return ok != 0 ? v : 0;
693 }
694
695 EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
696 {
697 EVP_MD *md = evp_md_new();
698
699 if (md != NULL) {
700 md->type = md_type;
701 md->pkey_type = pkey_type;
702 }
703 return md;
704 }
705
706 EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
707 {
708 EVP_MD *to = NULL;
709
710 /*
711 * Non-legacy EVP_MDs can't be duplicated like this.
712 * Use EVP_MD_up_ref() instead.
713 */
714 if (md->prov != NULL)
715 return NULL;
716
717 if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
718 CRYPTO_RWLOCK *lock = to->lock;
719
720 memcpy(to, md, sizeof(*to));
721 to->lock = lock;
722 }
723 return to;
724 }
725
726 void EVP_MD_meth_free(EVP_MD *md)
727 {
728 EVP_MD_free(md);
729 }
730 int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
731 {
732 if (md->block_size != 0)
733 return 0;
734
735 md->block_size = blocksize;
736 return 1;
737 }
738 int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize)
739 {
740 if (md->md_size != 0)
741 return 0;
742
743 md->md_size = resultsize;
744 return 1;
745 }
746 int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
747 {
748 if (md->ctx_size != 0)
749 return 0;
750
751 md->ctx_size = datasize;
752 return 1;
753 }
754 int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
755 {
756 if (md->flags != 0)
757 return 0;
758
759 md->flags = flags;
760 return 1;
761 }
762 int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
763 {
764 if (md->init != NULL)
765 return 0;
766
767 md->init = init;
768 return 1;
769 }
770 int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
771 const void *data,
772 size_t count))
773 {
774 if (md->update != NULL)
775 return 0;
776
777 md->update = update;
778 return 1;
779 }
780 int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
781 unsigned char *md))
782 {
783 if (md->final != NULL)
784 return 0;
785
786 md->final = final;
787 return 1;
788 }
789 int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
790 const EVP_MD_CTX *from))
791 {
792 if (md->copy != NULL)
793 return 0;
794
795 md->copy = copy;
796 return 1;
797 }
798 int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
799 {
800 if (md->cleanup != NULL)
801 return 0;
802
803 md->cleanup = cleanup;
804 return 1;
805 }
806 int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
807 int p1, void *p2))
808 {
809 if (md->md_ctrl != NULL)
810 return 0;
811
812 md->md_ctrl = ctrl;
813 return 1;
814 }
815
816 int EVP_MD_meth_get_input_blocksize(const EVP_MD *md)
817 {
818 return md->block_size;
819 }
820 int EVP_MD_meth_get_result_size(const EVP_MD *md)
821 {
822 return md->md_size;
823 }
824 int EVP_MD_meth_get_app_datasize(const EVP_MD *md)
825 {
826 return md->ctx_size;
827 }
828 unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
829 {
830 return md->flags;
831 }
832 int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
833 {
834 return md->init;
835 }
836 int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
837 const void *data,
838 size_t count)
839 {
840 return md->update;
841 }
842 int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
843 unsigned char *md)
844 {
845 return md->final;
846 }
847 int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
848 const EVP_MD_CTX *from)
849 {
850 return md->copy;
851 }
852 int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
853 {
854 return md->cleanup;
855 }
856 int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
857 int p1, void *p2)
858 {
859 return md->md_ctrl;
860 }
861
862 const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
863 {
864 if (ctx == NULL)
865 return NULL;
866 return ctx->reqdigest;
867 }
868
869 EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx)
870 {
871 return ctx->pctx;
872 }
873
874 #if !defined(FIPS_MODULE)
875 /* TODO(3.0): EVP_DigestSign* not yet supported in FIPS module */
876 void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
877 {
878 /*
879 * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
880 * we have to deal with the cleanup job here.
881 */
882 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
883 EVP_PKEY_CTX_free(ctx->pctx);
884
885 ctx->pctx = pctx;
886
887 if (pctx != NULL) {
888 /* make sure pctx is not freed when destroying EVP_MD_CTX */
889 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
890 } else {
891 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
892 }
893 }
894 #endif /* !defined(FIPS_MODULE) */
895
896 void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx)
897 {
898 return ctx->md_data;
899 }
900
901 int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
902 const void *data, size_t count)
903 {
904 return ctx->update;
905 }
906
907 void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
908 int (*update) (EVP_MD_CTX *ctx,
909 const void *data, size_t count))
910 {
911 ctx->update = update;
912 }
913
914 void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
915 {
916 ctx->flags |= flags;
917 }
918
919 void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
920 {
921 ctx->flags &= ~flags;
922 }
923
924 int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
925 {
926 return (ctx->flags & flags);
927 }
928
929 void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
930 {
931 ctx->flags |= flags;
932 }
933
934 void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
935 {
936 ctx->flags &= ~flags;
937 }
938
939 int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
940 {
941 return (ctx->flags & flags);
942 }
943
944 int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
945 void *ctx, int cmd, const char *value)
946 {
947 size_t len;
948
949 len = strlen(value);
950 if (len > INT_MAX)
951 return -1;
952 return cb(ctx, cmd, (void *)value, len);
953 }
954
955 int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen),
956 void *ctx, int cmd, const char *hex)
957 {
958 unsigned char *bin;
959 long binlen;
960 int rv = -1;
961
962 bin = OPENSSL_hexstr2buf(hex, &binlen);
963 if (bin == NULL)
964 return 0;
965 if (binlen <= INT_MAX)
966 rv = cb(ctx, cmd, bin, binlen);
967 OPENSSL_free(bin);
968 return rv;
969 }
970
971 int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name)
972 {
973 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
974 OSSL_PARAM *p = params;
975
976 if (ctx == NULL) {
977 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
978 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
979 return -2;
980 }
981
982 if (!EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
983 #ifndef FIPS_MODULE
984 int nid;
985
986 /* Could be a legacy key, try and convert to a ctrl */
987 if (ctx->pmeth != NULL && (nid = OBJ_txt2nid(name)) != NID_undef) {
988 # ifndef OPENSSL_NO_DH
989 if (ctx->pmeth->pkey_id == EVP_PKEY_DH)
990 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
991 EVP_PKEY_OP_PARAMGEN
992 | EVP_PKEY_OP_KEYGEN,
993 EVP_PKEY_CTRL_DH_NID, nid, NULL);
994 # endif
995 # ifndef OPENSSL_NO_EC
996 if (ctx->pmeth->pkey_id == EVP_PKEY_EC)
997 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
998 EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
999 EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
1000 nid, NULL);
1001 # endif
1002 }
1003 #endif
1004 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1005 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1006 return -2;
1007 }
1008
1009 if (name == NULL)
1010 return -1;
1011
1012 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1013 (char *)name, 0);
1014 return EVP_PKEY_CTX_set_params(ctx, params);
1015 }
1016
1017 int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
1018 {
1019 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1020 OSSL_PARAM *p = params;
1021
1022 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
1023 /* There is no legacy support for this */
1024 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1025 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1026 return -2;
1027 }
1028
1029 if (name == NULL)
1030 return -1;
1031
1032 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1033 name, namelen);
1034 if (!EVP_PKEY_CTX_get_params(ctx, params))
1035 return -1;
1036 return 1;
1037 }
A mirror of the official openssl repository