From 26e2c9c15085e0a6afe0f878ec3c9a0f4d0047a3 Mon Sep 17 00:00:00 2001 From: Pauli Date: Fri, 19 Sep 2025 14:28:22 +1000 Subject: [PATCH] aes: convert AES ciphers to use generated parameter decoders Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/28616) --- .../ciphers/cipher_aes_gcm_siv.c.in | 80 +++++----- .../ciphers/cipher_aes_ocb.c.in | 137 +++++++++--------- .../ciphers/cipher_aes_siv.c.in | 83 ++++++----- .../ciphers/cipher_aes_wrp.c.in | 30 ++-- 4 files changed, 180 insertions(+), 150 deletions(-) diff --git a/providers/implementations/ciphers/cipher_aes_gcm_siv.c.in b/providers/implementations/ciphers/cipher_aes_gcm_siv.c.in index c9afeddef67..5c07965242f 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_siv.c.in +++ b/providers/implementations/ciphers/cipher_aes_gcm_siv.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} /* Dispatch functions for AES SIV mode */ @@ -172,80 +175,87 @@ static int ossl_aes_gcm_siv_stream_final(void *vctx, unsigned char *out, size_t return !error; } +{- produce_param_decoder('ossl_aes_gcm_siv_get_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_TAGLEN', 'taglen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_TAG', 'tag', 'octet_string'], + )); -} + static int ossl_aes_gcm_siv_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_GCM_SIV_CTX *ctx = (PROV_AES_GCM_SIV_CTX *)vctx; - OSSL_PARAM *p; + struct ossl_aes_gcm_siv_get_ctx_params_st p; + + if (ctx == NULL || !ossl_aes_gcm_siv_get_ctx_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) { + if (p.tag != NULL && p.tag->data_type == OSSL_PARAM_OCTET_STRING) { if (!ctx->enc || !ctx->generated_tag - || p->data_size != sizeof(ctx->tag) - || !OSSL_PARAM_set_octet_string(p, ctx->tag, sizeof(ctx->tag))) { + || p.tag->data_size != sizeof(ctx->tag) + || !OSSL_PARAM_set_octet_string(p.tag, ctx->tag, + sizeof(ctx->tag))) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, sizeof(ctx->tag))) { + + if (p.taglen != NULL && !OSSL_PARAM_set_size_t(p.taglen, sizeof(ctx->tag))) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->key_len)) { + + if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->key_len)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } return 1; } -static const OSSL_PARAM aes_gcm_siv_known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; - static const OSSL_PARAM *ossl_aes_gcm_siv_gettable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return aes_gcm_siv_known_gettable_ctx_params; + return ossl_aes_gcm_siv_get_ctx_params_list; } +{- produce_param_decoder('aes_gcm_siv_set_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_SPEED', 'speed', 'uint'], + ['OSSL_CIPHER_PARAM_AEAD_TAG', 'tag', 'octet_string'], + )); -} + static int ossl_aes_gcm_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_GCM_SIV_CTX *ctx = (PROV_AES_GCM_SIV_CTX *)vctx; - const OSSL_PARAM *p; + struct aes_gcm_siv_set_ctx_params_st p; unsigned int speed = 0; - if (ossl_param_is_empty(params)) - return 1; + if (ctx == NULL || !aes_gcm_siv_set_ctx_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING - || p->data_size != sizeof(ctx->user_tag)) { + if (p.tag != NULL) { + if (p.tag->data_type != OSSL_PARAM_OCTET_STRING + || p.tag->data_size != sizeof(ctx->user_tag)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } if (!ctx->enc) { - memcpy(ctx->user_tag, p->data, sizeof(ctx->tag)); + memcpy(ctx->user_tag, p.tag->data, sizeof(ctx->tag)); ctx->have_user_tag = 1; } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_SPEED); - if (p != NULL) { - if (!OSSL_PARAM_get_uint(p, &speed)) { + + if (p.speed != NULL) { + if (!OSSL_PARAM_get_uint(p.speed, &speed)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } ctx->speed = !!speed; } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { + + if (p.keylen != NULL) { size_t key_len; - if (!OSSL_PARAM_get_size_t(p, &key_len)) { + if (!OSSL_PARAM_get_size_t(p.keylen, &key_len)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -258,16 +268,10 @@ static int ossl_aes_gcm_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[] return 1; } -static const OSSL_PARAM aes_gcm_siv_known_settable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; static const OSSL_PARAM *ossl_aes_gcm_siv_settable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return aes_gcm_siv_known_settable_ctx_params; + return aes_gcm_siv_set_ctx_params_list; } #define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c.in b/providers/implementations/ciphers/cipher_aes_ocb.c.in index a04bd4ef550..153c0d8fe8c 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c.in +++ b/providers/implementations/ciphers/cipher_aes_ocb.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} /* * AES low level APIs are deprecated for public use, but still ok for internal @@ -350,43 +353,54 @@ static void *aes_ocb_dupctx(void *vctx) return ret; } +{- produce_param_decoder('aes_ocb_set_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_IVLEN', 'ivlen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_TAG', 'tag', 'octet_string'], + )); -} + +static const OSSL_PARAM *cipher_ocb_settable_ctx_params(ossl_unused void *cctx, + ossl_unused void *p_ctx) +{ + return aes_ocb_set_ctx_params_list; +} + static int aes_ocb_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; - const OSSL_PARAM *p; + struct aes_ocb_set_ctx_params_st p; size_t sz; - if (ossl_param_is_empty(params)) - return 1; + if (ctx == NULL || !aes_ocb_set_ctx_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + if (p.tag != NULL) { + if (p.tag->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - if (p->data == NULL) { + if (p.tag->data == NULL) { /* Tag len must be 0 to 16 */ - if (p->data_size > OCB_MAX_TAG_LEN) { + if (p.tag->data_size > OCB_MAX_TAG_LEN) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } - ctx->taglen = p->data_size; + ctx->taglen = p.tag->data_size; } else { if (ctx->base.enc) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } - if (p->data_size != ctx->taglen) { + if (p.tag->data_size != ctx->taglen) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } - memcpy(ctx->tag, p->data, p->data_size); + memcpy(ctx->tag, p.tag->data, p.tag->data_size); } - } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_IVLEN); - if (p != NULL) { - if (!OSSL_PARAM_get_size_t(p, &sz)) { + } + + if (p.ivlen != NULL) { + if (!OSSL_PARAM_get_size_t(p.ivlen, &sz)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -398,11 +412,11 @@ static int aes_ocb_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ctx->iv_state = IV_STATE_UNINITIALISED; } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { + + if (p.keylen != NULL) { size_t keylen; - if (!OSSL_PARAM_get_size_t(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -414,93 +428,84 @@ static int aes_ocb_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } +{- produce_param_decoder('aes_ocb_get_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_TAGLEN', 'taglen', 'size_t'], + ['OSSL_CIPHER_PARAM_IV', 'iv', 'octet_string'], + ['OSSL_CIPHER_PARAM_UPDATED_IV', 'upd_iv', 'octet_string'], + ['OSSL_CIPHER_PARAM_AEAD_TAG', 'tag', 'octet_string'], + )); -} + +static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(ossl_unused void *cctx, + ossl_unused void *p_ctx) +{ + return aes_ocb_get_ctx_params_list; +} + static int aes_ocb_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; - OSSL_PARAM *p; + struct aes_ocb_get_ctx_params_st p; - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { + if (ctx == NULL || !aes_ocb_get_ctx_params_decoder(params, &p)) + return 0; + + if (p.ivlen != NULL && !OSSL_PARAM_set_size_t(p.ivlen, ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { + + if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->base.keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); - if (p != NULL) { - if (!OSSL_PARAM_set_size_t(p, ctx->taglen)) { + + if (p.taglen != NULL) { + if (!OSSL_PARAM_set_size_t(p.taglen, ctx->taglen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); - if (p != NULL) { - if (ctx->base.ivlen > p->data_size) { + if (p.iv != NULL) { + if (ctx->base.ivlen > p.iv->data_size) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } - if (!OSSL_PARAM_set_octet_string_or_ptr(p, ctx->base.oiv, ctx->base.ivlen)) { + if (!OSSL_PARAM_set_octet_string_or_ptr(p.iv, ctx->base.oiv, + ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); - if (p != NULL) { - if (ctx->base.ivlen > p->data_size) { + + if (p.upd_iv != NULL) { + if (ctx->base.ivlen > p.upd_iv->data_size) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } - if (!OSSL_PARAM_set_octet_string_or_ptr(p, ctx->base.iv, ctx->base.ivlen)) { + if (!OSSL_PARAM_set_octet_string_or_ptr(p.upd_iv, ctx->base.iv, + ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { + + if (p.tag != NULL) { + if (p.tag->data_type != OSSL_PARAM_OCTET_STRING) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } - if (!ctx->base.enc || p->data_size != ctx->taglen) { + if (!ctx->base.enc || p.tag->data_size != ctx->taglen) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } - memcpy(p->data, ctx->tag, ctx->taglen); + memcpy(p.tag->data, ctx->tag, ctx->taglen); } return 1; } -static const OSSL_PARAM cipher_ocb_known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; -static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *p_ctx) -{ - return cipher_ocb_known_gettable_ctx_params; -} - -static const OSSL_PARAM cipher_ocb_known_settable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; -static const OSSL_PARAM *cipher_ocb_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *p_ctx) -{ - return cipher_ocb_known_settable_ctx_params; -} - static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, size_t outsize, const unsigned char *in, size_t inl) { diff --git a/providers/implementations/ciphers/cipher_aes_siv.c.in b/providers/implementations/ciphers/cipher_aes_siv.c.in index ccac2bbe966..4ab9a248b06 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.c.in +++ b/providers/implementations/ciphers/cipher_aes_siv.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} /* Dispatch functions for AES SIV mode */ @@ -147,78 +150,90 @@ static int siv_stream_final(void *vctx, unsigned char *out, size_t *outl, return 1; } +{- produce_param_decoder('aes_siv_get_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_TAGLEN', 'taglen', 'size_t'], + ['OSSL_CIPHER_PARAM_AEAD_TAG', 'tag', 'octet_string'], + )); -} + static int aes_siv_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; - SIV128_CONTEXT *sctx = &ctx->siv; - OSSL_PARAM *p; + SIV128_CONTEXT *sctx; + struct aes_siv_get_ctx_params_st p; + + if (ctx == NULL || !aes_siv_get_ctx_params_decoder(params, &p)) + return 0; + + sctx = &ctx->siv; - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) { + if (p.tag != NULL) { if (!ctx->enc - || p->data_size != ctx->taglen - || !OSSL_PARAM_set_octet_string(p, &sctx->tag.byte, ctx->taglen)) { + || p.tag->data_type != OSSL_PARAM_OCTET_STRING + || p.tag->data_size != ctx->taglen + || !OSSL_PARAM_set_octet_string(p.tag, &sctx->tag.byte, + ctx->taglen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->taglen)) { + + if (p.taglen != NULL && !OSSL_PARAM_set_size_t(p.taglen, ctx->taglen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { + + if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } return 1; } -static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; static const OSSL_PARAM *aes_siv_gettable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return aes_siv_known_gettable_ctx_params; + return aes_siv_get_ctx_params_list; } + +{- produce_param_decoder('aes_siv_set_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + ['OSSL_CIPHER_PARAM_SPEED', 'speed', 'uint'], + ['OSSL_CIPHER_PARAM_AEAD_TAG', 'tag', 'octet_string'], + )); -} + static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; - const OSSL_PARAM *p; + struct aes_siv_set_ctx_params_st p; unsigned int speed = 0; - if (ossl_param_is_empty(params)) - return 1; + if (ctx == NULL || !aes_siv_set_ctx_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL) { + if (p.tag != NULL) { if (ctx->enc) return 1; - if (p->data_type != OSSL_PARAM_OCTET_STRING - || !ctx->hw->settag(ctx, p->data, p->data_size)) { + if (p.tag->data_type != OSSL_PARAM_OCTET_STRING + || !ctx->hw->settag(ctx, p.tag->data, p.tag->data_size)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_SPEED); - if (p != NULL) { - if (!OSSL_PARAM_get_uint(p, &speed)) { + + if (p.speed != NULL) { + if (!OSSL_PARAM_get_uint(p.speed, &speed)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } ctx->hw->setspeed(ctx, (int)speed); } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { + + if (p.keylen != NULL) { size_t keylen; - if (!OSSL_PARAM_get_size_t(p, &keylen)) { + if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -229,16 +244,10 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; static const OSSL_PARAM *aes_siv_settable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { - return aes_siv_known_settable_ctx_params; + return aes_siv_set_ctx_params_list; } #define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ diff --git a/providers/implementations/ciphers/cipher_aes_wrp.c.in b/providers/implementations/ciphers/cipher_aes_wrp.c.in index f0eea681e6c..fc7d2f5e31f 100644 --- a/providers/implementations/ciphers/cipher_aes_wrp.c.in +++ b/providers/implementations/ciphers/cipher_aes_wrp.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} /* * This file uses the low level AES functions (which are deprecated for @@ -260,18 +263,27 @@ static int aes_wrap_cipher(void *vctx, return 1; } +{- produce_param_decoder('aes_wrap_set_ctx_params', + (['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'], + )); -} + +static const OSSL_PARAM *aes_wrap_settable_ctx_params(ossl_unused void *cctx, + ossl_unused void *provctx) +{ + return aes_wrap_set_ctx_params_list; +} + static int aes_wrap_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - const OSSL_PARAM *p; + struct aes_wrap_set_ctx_params_st p; size_t keylen = 0; - if (ossl_param_is_empty(params)) - return 1; + if (ctx == NULL || !aes_wrap_set_ctx_params_decoder(params, &p)) + return 0; - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { - if (!OSSL_PARAM_get_size_t(p, &keylen)) { + if (p.keylen != NULL) { + if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -311,12 +323,12 @@ static int aes_wrap_set_ctx_params(void *vctx, const OSSL_PARAM params[]) (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))aes_wrap_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))aes_wrap_set_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ + (void (*)(void))aes_wrap_settable_ctx_params }, \ OSSL_DISPATCH_END \ } -- 2.47.3