From: Pauli Date: Thu, 18 Sep 2025 06:32:13 +0000 (+1000) Subject: aes_cbc_hmac_sha: convert to generated param decoding X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=549acfde9b98dac41b2142f6d16dba9010e73ced;p=thirdparty%2Fopenssl.git aes_cbc_hmac_sha: convert to generated param decoding Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/28616) --- diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c.in b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c.in index 4f282ac60df..aba2a8a697c 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c.in +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} /* * AES low level APIs are deprecated for public use, but still ok for internal @@ -64,53 +67,55 @@ static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen, return aes_set_ctx_params(ctx, params); } -static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = { - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), -# if !defined(OPENSSL_NO_MULTIBLOCK) - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, NULL), - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, NULL, 0), -# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_END -}; +{- produce_param_decoder('aes_cbc_hmac_sha_set_ctx_params', + (['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT', + 'maxfrag', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD', + 'mb_aad', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE', + 'ileave', 'uint', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC', + 'enc', 'octet_string', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN', + 'enc_in', 'octet_string', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_AEAD_MAC_KEY', 'key', 'octet_string'], + ['OSSL_CIPHER_PARAM_AEAD_TLS1_AAD', 'tlsaad', 'octet_string'], + ['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_TLS_VERSION', 'tlsver', 'uint' ], + )); -} + const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return cipher_aes_known_settable_ctx_params; + return aes_cbc_hmac_sha_set_ctx_params_list; } static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; - PROV_CIPHER_HW_AES_HMAC_SHA *hw = - (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; - const OSSL_PARAM *p; + PROV_CIPHER_HW_AES_HMAC_SHA *hw; + struct aes_cbc_hmac_sha_set_ctx_params_st p; int ret = 1; # if !defined(OPENSSL_NO_MULTIBLOCK) EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; # endif - if (ossl_param_is_empty(params)) - return 1; + if (ctx == NULL || !aes_cbc_hmac_sha_set_ctx_params_decoder(params, &p)) + return 0; + + hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + if (p.key != NULL) { + if (p.key->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - hw->init_mac_key(ctx, p->data, p->data_size); + hw->init_mac_key(ctx, p.key->data, p.key->data_size); } # if !defined(OPENSSL_NO_MULTIBLOCK) - p = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT); - if (p != NULL - && !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) { + if (p.maxfrag != NULL + && !OSSL_PARAM_get_size_t(p.maxfrag, &ctx->multiblock_max_send_fragment)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -123,18 +128,15 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) * ctx->multiblock_interleave * ctx->multiblock_aad_packlen */ - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD); - if (p != NULL) { - const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); - if (p->data_type != OSSL_PARAM_OCTET_STRING - || p1 == NULL - || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) { + if (p.mb_aad != NULL) { + if (p.mb_aad->data_type != OSSL_PARAM_OCTET_STRING + || p.ileave == NULL + || !OSSL_PARAM_get_uint(p.ileave, &mb_param.interleave)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - mb_param.inp = p->data; - mb_param.len = p->data_size; + mb_param.inp = p.mb_aad->data; + mb_param.len = p.mb_aad->data_size; if (hw->tls1_multiblock_aad(vctx, &mb_param) <= 0) return 0; } @@ -148,44 +150,36 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) * The outputs of tls1_multiblock_encrypt are: * ctx->multiblock_encrypt_len */ - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC); - if (p != NULL) { - const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); - const OSSL_PARAM *pin = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); - - if (p->data_type != OSSL_PARAM_OCTET_STRING - || pin == NULL - || pin->data_type != OSSL_PARAM_OCTET_STRING - || p1 == NULL - || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) { + if (p.enc != NULL) { + if (p.enc->data_type != OSSL_PARAM_OCTET_STRING + || p.enc_in == NULL + || p.enc_in->data_type != OSSL_PARAM_OCTET_STRING + || p.ileave == NULL + || !OSSL_PARAM_get_uint(p.ileave, &mb_param.interleave)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - mb_param.out = p->data; - mb_param.inp = pin->data; - mb_param.len = pin->data_size; + mb_param.out = p.enc->data; + mb_param.inp = p.enc_in->data; + mb_param.len = p.enc_in->data_size; if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0) return 0; } # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING || p->data_size > INT_MAX) { + if (p.tlsaad != NULL) { + if (p.tlsaad->data_type != OSSL_PARAM_OCTET_STRING || p.tlsaad->data_size > INT_MAX) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - if (hw->set_tls1_aad(ctx, p->data, (int)p->data_size) <= 0) + if (hw->set_tls1_aad(ctx, p.tlsaad->data, (int)p.tlsaad->data_size) <= 0) return 0; } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { + if (p.keylen != NULL) { size_t keylen; - if (!OSSL_PARAM_get_size_t(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -195,9 +189,8 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION); - if (p != NULL) { - if (!OSSL_PARAM_get_uint(p, &ctx->base.tlsversion)) { + if (p.tlsver != NULL) { + if (!OSSL_PARAM_get_uint(p.tlsver, &ctx->base.tlsversion)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -217,91 +210,96 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return ret; } +{- produce_param_decoder('aes_cbc_hmac_sha_get_ctx_params', + (['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE', + 'max', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE', + 'inter', 'uint', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN', + 'packlen', 'uint', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN', + 'enclen', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"], + ['OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD', 'pad', 'size_t'], + ['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'], + ['OSSL_CIPHER_PARAM_IV', 'iv', 'octet_string'], + ['OSSL_CIPHER_PARAM_UPDATED_IV', 'upd_iv', 'octet_string'], + )); -} + static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; - OSSL_PARAM *p; + struct aes_cbc_hmac_sha_get_ctx_params_st p; + + if (ctx == NULL || !aes_cbc_hmac_sha_get_ctx_params_decoder(params, &p)) + return 0; # if !defined(OPENSSL_NO_MULTIBLOCK) - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE); - if (p != NULL) { + if (p.max != NULL) { PROV_CIPHER_HW_AES_HMAC_SHA *hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; size_t len = hw->tls1_multiblock_max_bufsize(ctx); - if (!OSSL_PARAM_set_size_t(p, len)) { + if (!OSSL_PARAM_set_size_t(p.max, len)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); - if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_interleave)) { + if (p.inter != NULL + && !OSSL_PARAM_set_uint(p.inter, ctx->multiblock_interleave)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN); - if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_aad_packlen)) { + if (p.packlen != NULL + && !OSSL_PARAM_set_uint(p.packlen, ctx->multiblock_aad_packlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->multiblock_encrypt_len)) { + if (p.enclen != NULL + && !OSSL_PARAM_set_size_t(p.enclen, ctx->multiblock_encrypt_len)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tls_aad_pad)) { + if (p.pad != NULL && !OSSL_PARAM_set_size_t(p.pad, ctx->tls_aad_pad)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { + + if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->base.keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { + + if (p.ivlen != NULL && !OSSL_PARAM_set_size_t(p.ivlen, ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); - if (p != NULL - && !OSSL_PARAM_set_octet_string_or_ptr(p, ctx->base.oiv, ctx->base.ivlen)) { + + if (p.iv != NULL + && !OSSL_PARAM_set_octet_string_or_ptr(p.iv, ctx->base.oiv, + ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); - if (p != NULL - && !OSSL_PARAM_set_octet_string_or_ptr(p, ctx->base.iv, ctx->base.ivlen)) { + + if (p.upd_iv != NULL + && !OSSL_PARAM_set_octet_string_or_ptr(p.upd_iv, ctx->base.iv, + ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } return 1; } -static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = { -# if !defined(OPENSSL_NO_MULTIBLOCK) - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, NULL), - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, NULL), -# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), - OSSL_PARAM_END -}; const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return cipher_aes_known_gettable_ctx_params; + return aes_cbc_hmac_sha_get_ctx_params_list; } static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx, diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha_etm.c.in b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha_etm.c.in index 8a191e0a3cd..41299ba16a9 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha_etm.c.in +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha_etm.c.in @@ -6,6 +6,10 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + #include "internal/deprecated.h" #include "cipher_aes_cbc_hmac_sha_etm.h" @@ -28,30 +32,34 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn aes_settable_ctx_params; # define aes_final ossl_cipher_generic_stream_final # define aes_cipher ossl_cipher_generic_cipher +{- produce_param_decoder('aes_cbc_hmac_sha_etm_set_ctx_params', + (['OSSL_CIPHER_PARAM_AEAD_MAC_KEY', 'key', 'octet_string'], + ['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_HMAC_PARAM_MAC', 'mac', 'octet_string'], + )); -} + static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_HMAC_SHA_ETM_CTX *ctx = (PROV_AES_HMAC_SHA_ETM_CTX *)vctx; - PROV_CIPHER_HW_AES_HMAC_SHA_ETM *hw = - (PROV_CIPHER_HW_AES_HMAC_SHA_ETM *)ctx->hw; - const OSSL_PARAM *p; + PROV_CIPHER_HW_AES_HMAC_SHA_ETM *hw; + struct aes_cbc_hmac_sha_etm_set_ctx_params_st p; - if (params == NULL) - return 1; + if (ctx == NULL || !aes_cbc_hmac_sha_etm_set_ctx_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + hw = (PROV_CIPHER_HW_AES_HMAC_SHA_ETM *)ctx->hw; + if (p.key != NULL) { + if (p.key->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - hw->init_mac_key(ctx, p->data, p->data_size); + hw->init_mac_key(ctx, p.key->data, p.key->data_size); } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { + if (p.keylen != NULL) { size_t keylen; - if (!OSSL_PARAM_get_size_t(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -61,13 +69,12 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_HMAC_PARAM_MAC); - if (p != NULL) { + if (p.mac != NULL) { size_t sz; void *vp; vp = &ctx->exp_tag; - if (!OSSL_PARAM_get_octet_string(p, &vp, AES_CBC_MAX_HMAC_SIZE, &sz)) { + if (!OSSL_PARAM_get_octet_string(p.mac, &vp, AES_CBC_MAX_HMAC_SIZE, &sz)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -99,39 +106,49 @@ static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen, return aes_set_ctx_params(ctx, params); } +{- produce_param_decoder('aes_cbc_hmac_sha_etm_get_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'], + ['OSSL_CIPHER_PARAM_IV', 'iv', 'octet_string'], + ['OSSL_CIPHER_PARAM_UPDATED_IV', 'upd_iv', 'octet_string'], + ['OSSL_CIPHER_HMAC_PARAM_MAC', 'mac', 'octet_string'], + )); -} + static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_HMAC_SHA_ETM_CTX *ctx = (PROV_AES_HMAC_SHA_ETM_CTX *)vctx; - OSSL_PARAM *p; + struct aes_cbc_hmac_sha_etm_get_ctx_params_st p; size_t sz; - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { + if (ctx == NULL || !aes_cbc_hmac_sha_etm_get_ctx_params_decoder(params, &p)) + return 0; + + if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->base.keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { + + if (p.ivlen != NULL && !OSSL_PARAM_set_size_t(p.ivlen, ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); - if (p != NULL - && !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen) - && !OSSL_PARAM_set_octet_ptr(p, &ctx->base.oiv, ctx->base.ivlen)) { + + if (p.iv != NULL + && !OSSL_PARAM_set_octet_string(p.iv, ctx->base.oiv, ctx->base.ivlen) + && !OSSL_PARAM_set_octet_ptr(p.iv, &ctx->base.oiv, ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); - if (p != NULL - && !OSSL_PARAM_set_octet_string(p, ctx->base.iv, ctx->base.ivlen) - && !OSSL_PARAM_set_octet_ptr(p, &ctx->base.iv, ctx->base.ivlen)) { + + if (p.upd_iv != NULL + && !OSSL_PARAM_set_octet_string(p.upd_iv, ctx->base.iv, ctx->base.ivlen) + && !OSSL_PARAM_set_octet_ptr(p.upd_iv, &ctx->base.iv, ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_HMAC_PARAM_MAC); - if (p != NULL) { - sz = p->data_size; + + if (p.mac != NULL) { + sz = p.mac->data_size; if (sz == 0 || sz > AES_CBC_MAX_HMAC_SIZE || !ctx->base.enc @@ -139,7 +156,7 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG); return 0; } - if (!OSSL_PARAM_set_octet_string(p, ctx->tag, sz)) { + if (!OSSL_PARAM_set_octet_string(p.mac, ctx->tag, sz)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -147,31 +164,16 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 1; } -static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), - OSSL_PARAM_END -}; - const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return cipher_aes_known_gettable_ctx_params; + return aes_cbc_hmac_sha_etm_get_ctx_params_list; } -static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = { - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_END -}; - const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return cipher_aes_known_settable_ctx_params; + return aes_cbc_hmac_sha_etm_set_ctx_params_list; } static void base_ctx_init(void *provctx, PROV_AES_HMAC_SHA_ETM_CTX *ctx,