2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* We need to use some engine deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
13 #include <openssl/crypto.h>
14 #include <openssl/evp.h>
15 #include <openssl/core_dispatch.h>
16 #include <openssl/core_names.h>
17 #include <openssl/params.h>
18 #include <openssl/err.h>
20 # include <openssl/engine.h>
22 #include "prov/implementations.h"
23 #include "prov/provider_ctx.h"
24 #include "prov/macsignature.h"
25 #include "prov/providercommon.h"
27 static OSSL_FUNC_signature_newctx_fn mac_hmac_newctx
;
28 static OSSL_FUNC_signature_newctx_fn mac_siphash_newctx
;
29 static OSSL_FUNC_signature_newctx_fn mac_poly1305_newctx
;
30 static OSSL_FUNC_signature_newctx_fn mac_cmac_newctx
;
31 static OSSL_FUNC_signature_digest_sign_init_fn mac_digest_sign_init
;
32 static OSSL_FUNC_signature_digest_sign_update_fn mac_digest_sign_update
;
33 static OSSL_FUNC_signature_digest_sign_final_fn mac_digest_sign_final
;
34 static OSSL_FUNC_signature_freectx_fn mac_freectx
;
35 static OSSL_FUNC_signature_dupctx_fn mac_dupctx
;
36 static OSSL_FUNC_signature_set_ctx_params_fn mac_set_ctx_params
;
37 static OSSL_FUNC_signature_settable_ctx_params_fn mac_hmac_settable_ctx_params
;
38 static OSSL_FUNC_signature_settable_ctx_params_fn mac_siphash_settable_ctx_params
;
39 static OSSL_FUNC_signature_settable_ctx_params_fn mac_poly1305_settable_ctx_params
;
40 static OSSL_FUNC_signature_settable_ctx_params_fn mac_cmac_settable_ctx_params
;
49 static void *mac_newctx(void *provctx
, const char *propq
, const char *macname
)
51 PROV_MAC_CTX
*pmacctx
;
54 if (!ossl_prov_is_running())
57 pmacctx
= OPENSSL_zalloc(sizeof(PROV_MAC_CTX
));
61 pmacctx
->libctx
= PROV_LIBCTX_OF(provctx
);
62 if (propq
!= NULL
&& (pmacctx
->propq
= OPENSSL_strdup(propq
)) == NULL
) {
63 ERR_raise(ERR_LIB_PROV
, ERR_R_MALLOC_FAILURE
);
67 mac
= EVP_MAC_fetch(pmacctx
->libctx
, macname
, propq
);
71 pmacctx
->macctx
= EVP_MAC_CTX_new(mac
);
72 if (pmacctx
->macctx
== NULL
)
80 OPENSSL_free(pmacctx
->propq
);
81 OPENSSL_free(pmacctx
);
86 #define MAC_NEWCTX(funcname, macname) \
87 static void *mac_##funcname##_newctx(void *provctx, const char *propq) \
89 return mac_newctx(provctx, propq, macname); \
92 MAC_NEWCTX(hmac
, "HMAC")
93 MAC_NEWCTX(siphash
, "SIPHASH")
94 MAC_NEWCTX(poly1305
, "POLY1305")
95 MAC_NEWCTX(cmac
, "CMAC")
97 static int mac_digest_sign_init(void *vpmacctx
, const char *mdname
, void *vkey
,
98 const OSSL_PARAM params
[])
100 PROV_MAC_CTX
*pmacctx
= (PROV_MAC_CTX
*)vpmacctx
;
101 const char *ciphername
= NULL
, *engine
= NULL
;
103 if (!ossl_prov_is_running()
106 || !ossl_mac_key_up_ref(vkey
))
109 ossl_mac_key_free(pmacctx
->key
);
112 if (pmacctx
->key
->cipher
.cipher
!= NULL
)
113 ciphername
= (char *)EVP_CIPHER_get0_name(pmacctx
->key
->cipher
.cipher
);
114 #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
115 if (pmacctx
->key
->cipher
.engine
!= NULL
)
116 engine
= (char *)ENGINE_get_id(pmacctx
->key
->cipher
.engine
);
119 if (!ossl_prov_set_macctx(pmacctx
->macctx
, NULL
,
123 pmacctx
->key
->properties
,
127 if (!EVP_MAC_init(pmacctx
->macctx
, pmacctx
->key
->priv_key
,
128 pmacctx
->key
->priv_key_len
, params
))
134 int mac_digest_sign_update(void *vpmacctx
, const unsigned char *data
,
137 PROV_MAC_CTX
*pmacctx
= (PROV_MAC_CTX
*)vpmacctx
;
139 if (pmacctx
== NULL
|| pmacctx
->macctx
== NULL
)
142 return EVP_MAC_update(pmacctx
->macctx
, data
, datalen
);
145 int mac_digest_sign_final(void *vpmacctx
, unsigned char *mac
, size_t *maclen
,
148 PROV_MAC_CTX
*pmacctx
= (PROV_MAC_CTX
*)vpmacctx
;
150 if (!ossl_prov_is_running() || pmacctx
== NULL
|| pmacctx
->macctx
== NULL
)
153 return EVP_MAC_final(pmacctx
->macctx
, mac
, maclen
, macsize
);
156 static void mac_freectx(void *vpmacctx
)
158 PROV_MAC_CTX
*ctx
= (PROV_MAC_CTX
*)vpmacctx
;
160 OPENSSL_free(ctx
->propq
);
161 EVP_MAC_CTX_free(ctx
->macctx
);
162 ossl_mac_key_free(ctx
->key
);
166 static void *mac_dupctx(void *vpmacctx
)
168 PROV_MAC_CTX
*srcctx
= (PROV_MAC_CTX
*)vpmacctx
;
169 PROV_MAC_CTX
*dstctx
;
171 if (!ossl_prov_is_running())
174 dstctx
= OPENSSL_zalloc(sizeof(*srcctx
));
179 dstctx
->propq
= NULL
;
181 dstctx
->macctx
= NULL
;
183 if (srcctx
->propq
!= NULL
&& (dstctx
->propq
= OPENSSL_strdup(srcctx
->propq
)) == NULL
)
186 if (srcctx
->key
!= NULL
&& !ossl_mac_key_up_ref(srcctx
->key
))
188 dstctx
->key
= srcctx
->key
;
190 if (srcctx
->macctx
!= NULL
) {
191 dstctx
->macctx
= EVP_MAC_CTX_dup(srcctx
->macctx
);
192 if (dstctx
->macctx
== NULL
)
202 static int mac_set_ctx_params(void *vpmacctx
, const OSSL_PARAM params
[])
204 PROV_MAC_CTX
*ctx
= (PROV_MAC_CTX
*)vpmacctx
;
206 return EVP_MAC_CTX_set_params(ctx
->macctx
, params
);
209 static const OSSL_PARAM
*mac_settable_ctx_params(ossl_unused
void *ctx
,
213 EVP_MAC
*mac
= EVP_MAC_fetch(PROV_LIBCTX_OF(provctx
), macname
,
215 const OSSL_PARAM
*params
;
220 params
= EVP_MAC_settable_ctx_params(mac
);
226 #define MAC_SETTABLE_CTX_PARAMS(funcname, macname) \
227 static const OSSL_PARAM *mac_##funcname##_settable_ctx_params(void *ctx, \
230 return mac_settable_ctx_params(ctx, provctx, macname); \
233 MAC_SETTABLE_CTX_PARAMS(hmac
, "HMAC")
234 MAC_SETTABLE_CTX_PARAMS(siphash
, "SIPHASH")
235 MAC_SETTABLE_CTX_PARAMS(poly1305
, "POLY1305")
236 MAC_SETTABLE_CTX_PARAMS(cmac
, "CMAC")
238 #define MAC_SIGNATURE_FUNCTIONS(funcname) \
239 const OSSL_DISPATCH ossl_mac_legacy_##funcname##_signature_functions[] = { \
240 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))mac_##funcname##_newctx }, \
241 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, \
242 (void (*)(void))mac_digest_sign_init }, \
243 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, \
244 (void (*)(void))mac_digest_sign_update }, \
245 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, \
246 (void (*)(void))mac_digest_sign_final }, \
247 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))mac_freectx }, \
248 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))mac_dupctx }, \
249 { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, \
250 (void (*)(void))mac_set_ctx_params }, \
251 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \
252 (void (*)(void))mac_##funcname##_settable_ctx_params }, \
256 MAC_SIGNATURE_FUNCTIONS(hmac
)
257 MAC_SIGNATURE_FUNCTIONS(siphash
)
258 MAC_SIGNATURE_FUNCTIONS(poly1305
)
259 MAC_SIGNATURE_FUNCTIONS(cmac
)