From: Pauli Date: Thu, 19 Jun 2025 01:40:46 +0000 (+1000) Subject: cipher: use table based param decoding for ciphers X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d09a7cad9ab7403d3c40267bb5a62dfae3c13deb;p=thirdparty%2Fopenssl.git cipher: use table based param decoding for ciphers Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/27859) --- diff --git a/providers/implementations/ciphers/ciphercommon.c.in b/providers/implementations/ciphers/ciphercommon.c.in index 639d4d1e7c4..4b33caaf012 100644 --- a/providers/implementations/ciphers/ciphercommon.c.in +++ b/providers/implementations/ciphers/ciphercommon.c.in @@ -28,7 +28,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); /*- * Generic cipher functions for OSSL_PARAM gettables and settables */ -{- produce_param_decoder('ossl_cipher_generic_get_ctx_params', +{- produce_param_decoder('ossl_cipher_generic_get_params', (['CIPHER_PARAM_MODE', 'mode', 'uint'], ['CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], ['CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'], @@ -43,16 +43,16 @@ use OpenSSL::paramnames qw(produce_param_decoder); const OSSL_PARAM *ossl_cipher_generic_gettable_params(ossl_unused void *provctx) { - return ossl_cipher_generic_get_ctx_params_list; + return ossl_cipher_generic_get_params_list; } int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, uint64_t flags, size_t kbits, size_t blkbits, size_t ivbits) { - struct ossl_cipher_generic_get_ctx_params_st p; + struct ossl_cipher_generic_get_params_st p; - p = ossl_cipher_generic_get_ctx_params_decoder(params); + p = ossl_cipher_generic_get_params_decoder(params); if (p.mode != NULL && !OSSL_PARAM_set_uint(p.mode, md)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); @@ -103,34 +103,76 @@ int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, return 1; } -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic) -{ OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED }, -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic) +#define cipher_generic_get_ctx_params_st ossl_cipher_get_ctx_param_list_st -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic) -OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL), -OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL), -OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic) +{- produce_param_decoder('cipher_generic_get_ctx_params', + (['CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'], + ['CIPHER_PARAM_PADDING', 'pad', 'uint'], + ['CIPHER_PARAM_NUM', 'num', 'uint' ], + ['CIPHER_PARAM_IV', 'iv', 'octet_string' ], + ['CIPHER_PARAM_UPDATED_IV', 'updiv', 'octet_string' ], + ['CIPHER_PARAM_TLS_MAC', 'tlsmac', 'octet_string' ], + )); -} + +const OSSL_PARAM *ossl_cipher_generic_gettable_ctx_params + (ossl_unused void *cctx, ossl_unused void *provctx) +{ + return cipher_generic_get_ctx_params_list; +} + +#define cipher_generic_set_ctx_params_st ossl_cipher_set_ctx_param_list_st + +{- produce_param_decoder('cipher_generic_set_ctx_params', + (['CIPHER_PARAM_PADDING', 'pad', 'uint'], + ['CIPHER_PARAM_NUM', 'num', 'uint'], + ['CIPHER_PARAM_USE_BITS', 'bits', 'uint'], + ['CIPHER_PARAM_TLS_VERSION', 'tlsvers', 'uint'], + ['CIPHER_PARAM_TLS_MAC_SIZE', 'tlsmacsize', 'size_t'], + )); -} + +const OSSL_PARAM *ossl_cipher_generic_settable_ctx_params + (ossl_unused void *cctx, ossl_unused void *provctx) +{ + return cipher_generic_set_ctx_params_list; +} /* * Variable key length cipher functions for OSSL_PARAM settables */ +#define cipher_var_keylen_set_ctx_params_st ossl_cipher_set_ctx_param_list_st + +{- produce_param_decoder('cipher_var_keylen_set_ctx_params', + (['CIPHER_PARAM_PADDING', 'pad', 'uint'], + ['CIPHER_PARAM_NUM', 'num', 'uint'], + ['CIPHER_PARAM_USE_BITS', 'bits', 'uint'], + ['CIPHER_PARAM_TLS_VERSION', 'tlsvers', 'uint'], + ['CIPHER_PARAM_TLS_MAC_SIZE', 'tlsmacsize', 'size_t'], + ['CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + )); -} + +const OSSL_PARAM *ossl_cipher_var_keylen_settable_ctx_params + (ossl_unused void *cctx, ossl_unused void *provctx) +{ + return cipher_var_keylen_set_ctx_params_list; +} + int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - const OSSL_PARAM *p; + struct ossl_cipher_set_ctx_param_list_st p; if (ossl_param_is_empty(params)) return 1; - if (!ossl_cipher_generic_set_ctx_params(vctx, params)) + p = cipher_var_keylen_set_ctx_params_decoder(params); + if (!ossl_cipher_common_set_ctx_params(ctx, &p)) return 0; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { + + if (p.keylen != NULL) { size_t keylen; - if (!OSSL_PARAM_get_size_t(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -142,11 +184,6 @@ int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen) -OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen) - - void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) { if (ctx != NULL && ctx->alloced) { @@ -564,99 +601,99 @@ int ossl_cipher_generic_cipher(void *vctx, unsigned char *out, size_t *outl, return 1; } -int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) +int ossl_cipher_common_get_ctx_params + (PROV_CIPHER_CTX *ctx, const struct ossl_cipher_get_ctx_param_list_st *p) { - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - OSSL_PARAM *p; - - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) { + if (p->ivlen != NULL && !OSSL_PARAM_set_size_t(p->ivlen, ctx->ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING); - if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) { + + if (p->pad != NULL && !OSSL_PARAM_set_uint(p->pad, ctx->pad)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); - if (p != NULL - && !OSSL_PARAM_set_octet_string_or_ptr(p, ctx->oiv, ctx->ivlen)) { + + if (p->iv != NULL + && !OSSL_PARAM_set_octet_string_or_ptr(p->iv, ctx->oiv, ctx->ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); - if (p != NULL - && !OSSL_PARAM_set_octet_string_or_ptr(p, ctx->iv, ctx->ivlen)) { + + if (p->updiv != NULL + && !OSSL_PARAM_set_octet_string_or_ptr(p->updiv, ctx->iv, ctx->ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM); - if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) { + + if (p->num != NULL && !OSSL_PARAM_set_uint(p->num, ctx->num)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { + + if (p->keylen != NULL && !OSSL_PARAM_set_size_t(p->keylen, ctx->keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS_MAC); - if (p != NULL - && !OSSL_PARAM_set_octet_ptr(p, ctx->tlsmac, ctx->tlsmacsize)) { + + if (p->tlsmac != NULL + && !OSSL_PARAM_set_octet_ptr(p->tlsmac, ctx->tlsmac, ctx->tlsmacsize)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } return 1; } -int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) +int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - const OSSL_PARAM *p; + struct ossl_cipher_get_ctx_param_list_st p; - if (ossl_param_is_empty(params)) - return 1; + p = cipher_generic_get_ctx_params_decoder(params); + return ossl_cipher_common_get_ctx_params(ctx, &p); +} - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING); - if (p != NULL) { +int ossl_cipher_common_set_ctx_params + (PROV_CIPHER_CTX *ctx, const struct ossl_cipher_set_ctx_param_list_st *p) +{ + if (p->pad != NULL) { unsigned int pad; - if (!OSSL_PARAM_get_uint(p, &pad)) { + if (!OSSL_PARAM_get_uint(p->pad, &pad)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } ctx->pad = pad ? 1 : 0; } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_USE_BITS); - if (p != NULL) { + + if (p->bits != NULL) { unsigned int bits; - if (!OSSL_PARAM_get_uint(p, &bits)) { + if (!OSSL_PARAM_get_uint(p->bits, &bits)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } ctx->use_bits = bits ? 1 : 0; } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION); - if (p != NULL) { - if (!OSSL_PARAM_get_uint(p, &ctx->tlsversion)) { + + if (p->tlsvers != NULL) { + if (!OSSL_PARAM_get_uint(p->tlsvers, &ctx->tlsversion)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_MAC_SIZE); - if (p != NULL) { - if (!OSSL_PARAM_get_size_t(p, &ctx->tlsmacsize)) { + + if (p->tlsmacsize != NULL) { + if (!OSSL_PARAM_get_size_t(p->tlsmacsize, &ctx->tlsmacsize)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM); - if (p != NULL) { + + if (p->num != NULL) { unsigned int num; - if (!OSSL_PARAM_get_uint(p, &num)) { + if (!OSSL_PARAM_get_uint(p->num, &num)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -665,6 +702,18 @@ int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } +int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) +{ + PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; + struct ossl_cipher_set_ctx_param_list_st p; + + if (ossl_param_is_empty(params)) + return 1; + + p = cipher_generic_set_ctx_params_decoder(params); + return ossl_cipher_common_set_ctx_params(ctx, &p); +} + int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, size_t ivlen) {