]>
Commit | Line | Data |
---|---|---|
2d5d70b1 | 1 | /* |
6738bf14 | 2 | * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. |
2d5d70b1 | 3 | * |
ab3fa1c0 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
440e5d80 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
2d5d70b1 MC |
8 | */ |
9 | ||
10 | /* | |
11 | * This is the OSSLTEST engine. It provides deliberately crippled digest | |
12 | * implementations for test purposes. It is highly insecure and must NOT be | |
13 | * used for any purpose except testing | |
14 | */ | |
15 | ||
16 | #include <stdio.h> | |
17 | #include <string.h> | |
18 | ||
19 | #include <openssl/engine.h> | |
20 | #include <openssl/sha.h> | |
21 | #include <openssl/md5.h> | |
22 | #include <openssl/rsa.h> | |
23 | #include <openssl/evp.h> | |
24 | #include <openssl/modes.h> | |
25 | #include <openssl/aes.h> | |
c57c32a8 | 26 | #include <openssl/rand.h> |
7b9f8f7f | 27 | #include <openssl/crypto.h> |
2d5d70b1 | 28 | |
2d5d70b1 MC |
29 | #include "e_ossltest_err.c" |
30 | ||
31 | /* Engine Id and Name */ | |
32 | static const char *engine_ossltest_id = "ossltest"; | |
33 | static const char *engine_ossltest_name = "OpenSSL Test engine support"; | |
34 | ||
35 | ||
36 | /* Engine Lifetime functions */ | |
37 | static int ossltest_destroy(ENGINE *e); | |
38 | static int ossltest_init(ENGINE *e); | |
39 | static int ossltest_finish(ENGINE *e); | |
40 | void ENGINE_load_ossltest(void); | |
41 | ||
42 | ||
43 | /* Set up digests */ | |
44 | static int ossltest_digests(ENGINE *e, const EVP_MD **digest, | |
45 | const int **nids, int nid); | |
c57c32a8 | 46 | static const RAND_METHOD *ossltest_rand_method(void); |
2d5d70b1 | 47 | |
2d5d70b1 MC |
48 | /* MD5 */ |
49 | static int digest_md5_init(EVP_MD_CTX *ctx); | |
50 | static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 51 | size_t count); |
2d5d70b1 MC |
52 | static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md); |
53 | ||
cddcea8c RL |
54 | static EVP_MD *_hidden_md5_md = NULL; |
55 | static const EVP_MD *digest_md5(void) | |
56 | { | |
57 | if (_hidden_md5_md == NULL) { | |
58 | EVP_MD *md; | |
59 | ||
60 | if ((md = EVP_MD_meth_new(NID_md5, NID_md5WithRSAEncryption)) == NULL | |
61 | || !EVP_MD_meth_set_result_size(md, MD5_DIGEST_LENGTH) | |
62 | || !EVP_MD_meth_set_input_blocksize(md, MD5_CBLOCK) | |
63 | || !EVP_MD_meth_set_app_datasize(md, | |
64 | sizeof(EVP_MD *) + sizeof(MD5_CTX)) | |
65 | || !EVP_MD_meth_set_flags(md, 0) | |
66 | || !EVP_MD_meth_set_init(md, digest_md5_init) | |
67 | || !EVP_MD_meth_set_update(md, digest_md5_update) | |
68 | || !EVP_MD_meth_set_final(md, digest_md5_final)) { | |
69 | EVP_MD_meth_free(md); | |
70 | md = NULL; | |
71 | } | |
72 | _hidden_md5_md = md; | |
73 | } | |
74 | return _hidden_md5_md; | |
75 | } | |
2d5d70b1 MC |
76 | |
77 | /* SHA1 */ | |
78 | static int digest_sha1_init(EVP_MD_CTX *ctx); | |
79 | static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 80 | size_t count); |
2d5d70b1 MC |
81 | static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); |
82 | ||
cddcea8c RL |
83 | static EVP_MD *_hidden_sha1_md = NULL; |
84 | static const EVP_MD *digest_sha1(void) | |
85 | { | |
86 | if (_hidden_sha1_md == NULL) { | |
87 | EVP_MD *md; | |
88 | ||
89 | if ((md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption)) == NULL | |
90 | || !EVP_MD_meth_set_result_size(md, SHA_DIGEST_LENGTH) | |
91 | || !EVP_MD_meth_set_input_blocksize(md, SHA_CBLOCK) | |
92 | || !EVP_MD_meth_set_app_datasize(md, | |
93 | sizeof(EVP_MD *) + sizeof(SHA_CTX)) | |
94 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
95 | || !EVP_MD_meth_set_init(md, digest_sha1_init) | |
96 | || !EVP_MD_meth_set_update(md, digest_sha1_update) | |
97 | || !EVP_MD_meth_set_final(md, digest_sha1_final)) { | |
98 | EVP_MD_meth_free(md); | |
99 | md = NULL; | |
100 | } | |
101 | _hidden_sha1_md = md; | |
102 | } | |
103 | return _hidden_sha1_md; | |
104 | } | |
2d5d70b1 MC |
105 | |
106 | /* SHA256 */ | |
107 | static int digest_sha256_init(EVP_MD_CTX *ctx); | |
108 | static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 109 | size_t count); |
2d5d70b1 MC |
110 | static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md); |
111 | ||
cddcea8c RL |
112 | static EVP_MD *_hidden_sha256_md = NULL; |
113 | static const EVP_MD *digest_sha256(void) | |
114 | { | |
115 | if (_hidden_sha256_md == NULL) { | |
116 | EVP_MD *md; | |
117 | ||
118 | if ((md = EVP_MD_meth_new(NID_sha256, NID_sha256WithRSAEncryption)) == NULL | |
119 | || !EVP_MD_meth_set_result_size(md, SHA256_DIGEST_LENGTH) | |
120 | || !EVP_MD_meth_set_input_blocksize(md, SHA256_CBLOCK) | |
121 | || !EVP_MD_meth_set_app_datasize(md, | |
122 | sizeof(EVP_MD *) + sizeof(SHA256_CTX)) | |
123 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
124 | || !EVP_MD_meth_set_init(md, digest_sha256_init) | |
125 | || !EVP_MD_meth_set_update(md, digest_sha256_update) | |
126 | || !EVP_MD_meth_set_final(md, digest_sha256_final)) { | |
127 | EVP_MD_meth_free(md); | |
128 | md = NULL; | |
129 | } | |
130 | _hidden_sha256_md = md; | |
131 | } | |
132 | return _hidden_sha256_md; | |
133 | } | |
2d5d70b1 MC |
134 | |
135 | /* SHA384/SHA512 */ | |
136 | static int digest_sha384_init(EVP_MD_CTX *ctx); | |
137 | static int digest_sha512_init(EVP_MD_CTX *ctx); | |
138 | static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 139 | size_t count); |
2d5d70b1 MC |
140 | static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md); |
141 | static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md); | |
142 | ||
cddcea8c RL |
143 | static EVP_MD *_hidden_sha384_md = NULL; |
144 | static const EVP_MD *digest_sha384(void) | |
145 | { | |
146 | if (_hidden_sha384_md == NULL) { | |
147 | EVP_MD *md; | |
148 | ||
149 | if ((md = EVP_MD_meth_new(NID_sha384, NID_sha384WithRSAEncryption)) == NULL | |
150 | || !EVP_MD_meth_set_result_size(md, SHA384_DIGEST_LENGTH) | |
151 | || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK) | |
152 | || !EVP_MD_meth_set_app_datasize(md, | |
153 | sizeof(EVP_MD *) + sizeof(SHA512_CTX)) | |
154 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
155 | || !EVP_MD_meth_set_init(md, digest_sha384_init) | |
156 | || !EVP_MD_meth_set_update(md, digest_sha512_update) | |
157 | || !EVP_MD_meth_set_final(md, digest_sha384_final)) { | |
158 | EVP_MD_meth_free(md); | |
159 | md = NULL; | |
160 | } | |
161 | _hidden_sha384_md = md; | |
162 | } | |
163 | return _hidden_sha384_md; | |
164 | } | |
165 | static EVP_MD *_hidden_sha512_md = NULL; | |
166 | static const EVP_MD *digest_sha512(void) | |
167 | { | |
168 | if (_hidden_sha512_md == NULL) { | |
169 | EVP_MD *md; | |
170 | ||
171 | if ((md = EVP_MD_meth_new(NID_sha512, NID_sha512WithRSAEncryption)) == NULL | |
172 | || !EVP_MD_meth_set_result_size(md, SHA512_DIGEST_LENGTH) | |
173 | || !EVP_MD_meth_set_input_blocksize(md, SHA512_CBLOCK) | |
174 | || !EVP_MD_meth_set_app_datasize(md, | |
175 | sizeof(EVP_MD *) + sizeof(SHA512_CTX)) | |
176 | || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) | |
177 | || !EVP_MD_meth_set_init(md, digest_sha512_init) | |
178 | || !EVP_MD_meth_set_update(md, digest_sha512_update) | |
179 | || !EVP_MD_meth_set_final(md, digest_sha512_final)) { | |
180 | EVP_MD_meth_free(md); | |
181 | md = NULL; | |
182 | } | |
183 | _hidden_sha512_md = md; | |
184 | } | |
185 | return _hidden_sha512_md; | |
186 | } | |
187 | static void destroy_digests(void) | |
188 | { | |
189 | EVP_MD_meth_free(_hidden_md5_md); | |
190 | _hidden_md5_md = NULL; | |
191 | EVP_MD_meth_free(_hidden_sha1_md); | |
192 | _hidden_sha1_md = NULL; | |
193 | EVP_MD_meth_free(_hidden_sha256_md); | |
194 | _hidden_sha256_md = NULL; | |
195 | EVP_MD_meth_free(_hidden_sha384_md); | |
196 | _hidden_sha384_md = NULL; | |
197 | EVP_MD_meth_free(_hidden_sha512_md); | |
198 | _hidden_sha512_md = NULL; | |
199 | } | |
200 | static int ossltest_digest_nids(const int **nids) | |
201 | { | |
202 | static int digest_nids[6] = { 0, 0, 0, 0, 0, 0 }; | |
203 | static int pos = 0; | |
204 | static int init = 0; | |
205 | ||
206 | if (!init) { | |
207 | const EVP_MD *md; | |
208 | if ((md = digest_md5()) != NULL) | |
209 | digest_nids[pos++] = EVP_MD_type(md); | |
210 | if ((md = digest_sha1()) != NULL) | |
211 | digest_nids[pos++] = EVP_MD_type(md); | |
212 | if ((md = digest_sha256()) != NULL) | |
213 | digest_nids[pos++] = EVP_MD_type(md); | |
214 | if ((md = digest_sha384()) != NULL) | |
215 | digest_nids[pos++] = EVP_MD_type(md); | |
216 | if ((md = digest_sha512()) != NULL) | |
217 | digest_nids[pos++] = EVP_MD_type(md); | |
218 | digest_nids[pos] = 0; | |
219 | init = 1; | |
220 | } | |
221 | *nids = digest_nids; | |
222 | return pos; | |
223 | } | |
2d5d70b1 MC |
224 | |
225 | /* Setup ciphers */ | |
226 | static int ossltest_ciphers(ENGINE *, const EVP_CIPHER **, | |
227 | const int **, int); | |
228 | ||
229 | static int ossltest_cipher_nids[] = { | |
aad22ba2 | 230 | NID_aes_128_cbc, NID_aes_128_gcm, 0 |
2d5d70b1 MC |
231 | }; |
232 | ||
233 | /* AES128 */ | |
234 | ||
235 | int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
236 | const unsigned char *iv, int enc); | |
237 | int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
238 | const unsigned char *in, size_t inl); | |
aad22ba2 MC |
239 | int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
240 | const unsigned char *iv, int enc); | |
241 | int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
242 | const unsigned char *in, size_t inl); | |
243 | static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
244 | void *ptr); | |
2d5d70b1 | 245 | |
39e8d0ce RL |
246 | static EVP_CIPHER *_hidden_aes_128_cbc = NULL; |
247 | static const EVP_CIPHER *ossltest_aes_128_cbc(void) | |
248 | { | |
249 | if (_hidden_aes_128_cbc == NULL | |
250 | && ((_hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, | |
251 | 16 /* block size */, | |
252 | 16 /* key len */)) == NULL | |
253 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) | |
254 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, | |
255 | EVP_CIPH_FLAG_DEFAULT_ASN1 | |
256 | | EVP_CIPH_CBC_MODE) | |
257 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_cbc, | |
258 | ossltest_aes128_init_key) | |
259 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_cbc, | |
260 | ossltest_aes128_cbc_cipher) | |
261 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, | |
262 | EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc())))) { | |
263 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
264 | _hidden_aes_128_cbc = NULL; | |
265 | } | |
266 | return _hidden_aes_128_cbc; | |
267 | } | |
aad22ba2 | 268 | static EVP_CIPHER *_hidden_aes_128_gcm = NULL; |
ca0b75ad | 269 | |
aad22ba2 MC |
270 | #define AES_GCM_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 \ |
271 | | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | |
272 | | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \ | |
273 | | EVP_CIPH_CUSTOM_COPY |EVP_CIPH_FLAG_AEAD_CIPHER \ | |
274 | | EVP_CIPH_GCM_MODE) | |
ca0b75ad | 275 | |
aad22ba2 MC |
276 | static const EVP_CIPHER *ossltest_aes_128_gcm(void) |
277 | { | |
278 | if (_hidden_aes_128_gcm == NULL | |
279 | && ((_hidden_aes_128_gcm = EVP_CIPHER_meth_new(NID_aes_128_gcm, | |
280 | 1 /* block size */, | |
281 | 16 /* key len */)) == NULL | |
282 | || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_gcm,12) | |
283 | || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_gcm, AES_GCM_FLAGS) | |
284 | || !EVP_CIPHER_meth_set_init(_hidden_aes_128_gcm, | |
285 | ossltest_aes128_gcm_init_key) | |
286 | || !EVP_CIPHER_meth_set_do_cipher(_hidden_aes_128_gcm, | |
287 | ossltest_aes128_gcm_cipher) | |
288 | || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_gcm, | |
289 | ossltest_aes128_gcm_ctrl) | |
290 | || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_gcm, | |
291 | EVP_CIPHER_impl_ctx_size(EVP_aes_128_gcm())))) { | |
292 | EVP_CIPHER_meth_free(_hidden_aes_128_gcm); | |
293 | _hidden_aes_128_gcm = NULL; | |
294 | } | |
295 | return _hidden_aes_128_gcm; | |
296 | } | |
297 | ||
39e8d0ce RL |
298 | static void destroy_ciphers(void) |
299 | { | |
300 | EVP_CIPHER_meth_free(_hidden_aes_128_cbc); | |
aad22ba2 | 301 | EVP_CIPHER_meth_free(_hidden_aes_128_gcm); |
39e8d0ce RL |
302 | _hidden_aes_128_cbc = NULL; |
303 | } | |
2d5d70b1 MC |
304 | |
305 | static int bind_ossltest(ENGINE *e) | |
306 | { | |
307 | /* Ensure the ossltest error handling is set up */ | |
308 | ERR_load_OSSLTEST_strings(); | |
309 | ||
310 | if (!ENGINE_set_id(e, engine_ossltest_id) | |
311 | || !ENGINE_set_name(e, engine_ossltest_name) | |
312 | || !ENGINE_set_digests(e, ossltest_digests) | |
313 | || !ENGINE_set_ciphers(e, ossltest_ciphers) | |
c57c32a8 | 314 | || !ENGINE_set_RAND(e, ossltest_rand_method()) |
2d5d70b1 MC |
315 | || !ENGINE_set_destroy_function(e, ossltest_destroy) |
316 | || !ENGINE_set_init_function(e, ossltest_init) | |
317 | || !ENGINE_set_finish_function(e, ossltest_finish)) { | |
318 | OSSLTESTerr(OSSLTEST_F_BIND_OSSLTEST, OSSLTEST_R_INIT_FAILED); | |
319 | return 0; | |
320 | } | |
321 | ||
322 | return 1; | |
323 | } | |
324 | ||
c0cbb4c1 | 325 | #ifndef OPENSSL_NO_DYNAMIC_ENGINE |
2d5d70b1 MC |
326 | static int bind_helper(ENGINE *e, const char *id) |
327 | { | |
328 | if (id && (strcmp(id, engine_ossltest_id) != 0)) | |
329 | return 0; | |
330 | if (!bind_ossltest(e)) | |
331 | return 0; | |
332 | return 1; | |
333 | } | |
334 | ||
335 | IMPLEMENT_DYNAMIC_CHECK_FN() | |
336 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) | |
c0cbb4c1 RL |
337 | #endif |
338 | ||
2d5d70b1 MC |
339 | static ENGINE *engine_ossltest(void) |
340 | { | |
341 | ENGINE *ret = ENGINE_new(); | |
55646005 | 342 | if (ret == NULL) |
2d5d70b1 MC |
343 | return NULL; |
344 | if (!bind_ossltest(ret)) { | |
345 | ENGINE_free(ret); | |
346 | return NULL; | |
347 | } | |
348 | return ret; | |
349 | } | |
350 | ||
351 | void ENGINE_load_ossltest(void) | |
352 | { | |
353 | /* Copied from eng_[openssl|dyn].c */ | |
354 | ENGINE *toadd = engine_ossltest(); | |
355 | if (!toadd) | |
356 | return; | |
357 | ENGINE_add(toadd); | |
358 | ENGINE_free(toadd); | |
359 | ERR_clear_error(); | |
360 | } | |
2d5d70b1 MC |
361 | |
362 | ||
363 | static int ossltest_init(ENGINE *e) | |
364 | { | |
365 | return 1; | |
366 | } | |
367 | ||
368 | ||
369 | static int ossltest_finish(ENGINE *e) | |
370 | { | |
371 | return 1; | |
372 | } | |
373 | ||
374 | ||
375 | static int ossltest_destroy(ENGINE *e) | |
376 | { | |
cddcea8c | 377 | destroy_digests(); |
39e8d0ce | 378 | destroy_ciphers(); |
2d5d70b1 MC |
379 | ERR_unload_OSSLTEST_strings(); |
380 | return 1; | |
381 | } | |
382 | ||
383 | static int ossltest_digests(ENGINE *e, const EVP_MD **digest, | |
384 | const int **nids, int nid) | |
385 | { | |
386 | int ok = 1; | |
387 | if (!digest) { | |
388 | /* We are returning a list of supported nids */ | |
cddcea8c | 389 | return ossltest_digest_nids(nids); |
2d5d70b1 MC |
390 | } |
391 | /* We are being asked for a specific digest */ | |
392 | switch (nid) { | |
393 | case NID_md5: | |
cddcea8c | 394 | *digest = digest_md5(); |
2d5d70b1 MC |
395 | break; |
396 | case NID_sha1: | |
cddcea8c | 397 | *digest = digest_sha1(); |
2d5d70b1 MC |
398 | break; |
399 | case NID_sha256: | |
cddcea8c | 400 | *digest = digest_sha256(); |
2d5d70b1 MC |
401 | break; |
402 | case NID_sha384: | |
cddcea8c | 403 | *digest = digest_sha384(); |
2d5d70b1 MC |
404 | break; |
405 | case NID_sha512: | |
cddcea8c | 406 | *digest = digest_sha512(); |
2d5d70b1 MC |
407 | break; |
408 | default: | |
409 | ok = 0; | |
410 | *digest = NULL; | |
411 | break; | |
412 | } | |
413 | return ok; | |
414 | } | |
415 | ||
416 | static int ossltest_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
417 | const int **nids, int nid) | |
418 | { | |
419 | int ok = 1; | |
420 | if (!cipher) { | |
421 | /* We are returning a list of supported nids */ | |
422 | *nids = ossltest_cipher_nids; | |
423 | return (sizeof(ossltest_cipher_nids) - 1) | |
424 | / sizeof(ossltest_cipher_nids[0]); | |
425 | } | |
426 | /* We are being asked for a specific cipher */ | |
427 | switch (nid) { | |
428 | case NID_aes_128_cbc: | |
39e8d0ce | 429 | *cipher = ossltest_aes_128_cbc(); |
2d5d70b1 | 430 | break; |
aad22ba2 MC |
431 | case NID_aes_128_gcm: |
432 | *cipher = ossltest_aes_128_gcm(); | |
433 | break; | |
2d5d70b1 MC |
434 | default: |
435 | ok = 0; | |
436 | *cipher = NULL; | |
437 | break; | |
438 | } | |
439 | return ok; | |
440 | } | |
441 | ||
442 | static void fill_known_data(unsigned char *md, unsigned int len) | |
443 | { | |
444 | unsigned int i; | |
445 | ||
446 | for (i=0; i<len; i++) { | |
447 | md[i] = (unsigned char)(i & 0xff); | |
448 | } | |
449 | } | |
450 | ||
451 | /* | |
452 | * MD5 implementation. We go through the motions of doing MD5 by deferring to | |
453 | * the standard implementation. Then we overwrite the result with a will defined | |
454 | * value, so that all "MD5" digests using the test engine always end up with | |
455 | * the same value. | |
456 | */ | |
457 | #undef data | |
6e59a892 | 458 | #define data(ctx) ((MD5_CTX *)EVP_MD_CTX_md_data(ctx)) |
2d5d70b1 MC |
459 | static int digest_md5_init(EVP_MD_CTX *ctx) |
460 | { | |
461 | return MD5_Init(data(ctx)); | |
462 | } | |
463 | ||
464 | static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 465 | size_t count) |
2d5d70b1 MC |
466 | { |
467 | return MD5_Update(data(ctx), data, (size_t)count); | |
468 | } | |
469 | ||
470 | static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md) | |
471 | { | |
472 | int ret; | |
473 | ret = MD5_Final(md, data(ctx)); | |
474 | ||
475 | if (ret > 0) { | |
476 | fill_known_data(md, MD5_DIGEST_LENGTH); | |
477 | } | |
478 | return ret; | |
479 | } | |
480 | ||
481 | /* | |
482 | * SHA1 implementation. | |
483 | */ | |
484 | #undef data | |
6e59a892 | 485 | #define data(ctx) ((SHA_CTX *)EVP_MD_CTX_md_data(ctx)) |
2d5d70b1 MC |
486 | static int digest_sha1_init(EVP_MD_CTX *ctx) |
487 | { | |
488 | return SHA1_Init(data(ctx)); | |
489 | } | |
490 | ||
491 | static int digest_sha1_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 492 | size_t count) |
2d5d70b1 MC |
493 | { |
494 | return SHA1_Update(data(ctx), data, (size_t)count); | |
495 | } | |
496 | ||
497 | static int digest_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) | |
498 | { | |
499 | int ret; | |
500 | ret = SHA1_Final(md, data(ctx)); | |
501 | ||
502 | if (ret > 0) { | |
503 | fill_known_data(md, SHA_DIGEST_LENGTH); | |
504 | } | |
505 | return ret; | |
506 | } | |
507 | ||
508 | /* | |
509 | * SHA256 implementation. | |
510 | */ | |
511 | #undef data | |
6e59a892 | 512 | #define data(ctx) ((SHA256_CTX *)EVP_MD_CTX_md_data(ctx)) |
2d5d70b1 MC |
513 | static int digest_sha256_init(EVP_MD_CTX *ctx) |
514 | { | |
515 | return SHA256_Init(data(ctx)); | |
516 | } | |
517 | ||
518 | static int digest_sha256_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 519 | size_t count) |
2d5d70b1 MC |
520 | { |
521 | return SHA256_Update(data(ctx), data, (size_t)count); | |
522 | } | |
523 | ||
524 | static int digest_sha256_final(EVP_MD_CTX *ctx, unsigned char *md) | |
525 | { | |
526 | int ret; | |
527 | ret = SHA256_Final(md, data(ctx)); | |
528 | ||
529 | if (ret > 0) { | |
530 | fill_known_data(md, SHA256_DIGEST_LENGTH); | |
531 | } | |
532 | return ret; | |
533 | } | |
534 | ||
535 | /* | |
536 | * SHA384/512 implementation. | |
537 | */ | |
538 | #undef data | |
6e59a892 | 539 | #define data(ctx) ((SHA512_CTX *)EVP_MD_CTX_md_data(ctx)) |
2d5d70b1 MC |
540 | static int digest_sha384_init(EVP_MD_CTX *ctx) |
541 | { | |
542 | return SHA384_Init(data(ctx)); | |
543 | } | |
544 | ||
545 | static int digest_sha512_init(EVP_MD_CTX *ctx) | |
546 | { | |
547 | return SHA512_Init(data(ctx)); | |
548 | } | |
549 | ||
550 | static int digest_sha512_update(EVP_MD_CTX *ctx, const void *data, | |
16a9542a | 551 | size_t count) |
2d5d70b1 MC |
552 | { |
553 | return SHA512_Update(data(ctx), data, (size_t)count); | |
554 | } | |
555 | ||
556 | static int digest_sha384_final(EVP_MD_CTX *ctx, unsigned char *md) | |
557 | { | |
558 | int ret; | |
559 | /* Actually uses SHA512_Final! */ | |
560 | ret = SHA512_Final(md, data(ctx)); | |
561 | ||
562 | if (ret > 0) { | |
563 | fill_known_data(md, SHA384_DIGEST_LENGTH); | |
564 | } | |
565 | return ret; | |
566 | } | |
567 | ||
568 | static int digest_sha512_final(EVP_MD_CTX *ctx, unsigned char *md) | |
569 | { | |
570 | int ret; | |
571 | ret = SHA512_Final(md, data(ctx)); | |
572 | ||
573 | if (ret > 0) { | |
574 | fill_known_data(md, SHA512_DIGEST_LENGTH); | |
575 | } | |
576 | return ret; | |
577 | } | |
578 | ||
579 | /* | |
580 | * AES128 Implementation | |
581 | */ | |
582 | ||
583 | int ossltest_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
584 | const unsigned char *iv, int enc) | |
585 | { | |
39e8d0ce | 586 | return EVP_CIPHER_meth_get_init(EVP_aes_128_cbc()) (ctx, key, iv, enc); |
2d5d70b1 MC |
587 | } |
588 | ||
589 | int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
590 | const unsigned char *in, size_t inl) | |
591 | { | |
592 | unsigned char *tmpbuf; | |
593 | int ret; | |
594 | ||
595 | tmpbuf = OPENSSL_malloc(inl); | |
04e3bb04 MC |
596 | |
597 | /* OPENSSL_malloc will return NULL if inl == 0 */ | |
598 | if (tmpbuf == NULL && inl > 0) | |
2d5d70b1 MC |
599 | return -1; |
600 | ||
601 | /* Remember what we were asked to encrypt */ | |
04e3bb04 MC |
602 | if (tmpbuf != NULL) |
603 | memcpy(tmpbuf, in, inl); | |
2d5d70b1 MC |
604 | |
605 | /* Go through the motions of encrypting it */ | |
39e8d0ce | 606 | ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc())(ctx, out, in, inl); |
2d5d70b1 MC |
607 | |
608 | /* Throw it all away and just use the plaintext as the output */ | |
04e3bb04 MC |
609 | if (tmpbuf != NULL) |
610 | memcpy(out, tmpbuf, inl); | |
2d5d70b1 MC |
611 | OPENSSL_free(tmpbuf); |
612 | ||
613 | return ret; | |
614 | } | |
aad22ba2 MC |
615 | |
616 | int ossltest_aes128_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
617 | const unsigned char *iv, int enc) | |
618 | { | |
619 | return EVP_CIPHER_meth_get_init(EVP_aes_128_gcm()) (ctx, key, iv, enc); | |
620 | } | |
621 | ||
622 | ||
623 | int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
624 | const unsigned char *in, size_t inl) | |
625 | { | |
bebc0c7d | 626 | unsigned char *tmpbuf = OPENSSL_malloc(inl); |
aad22ba2 | 627 | |
6606d600 | 628 | /* OPENSSL_malloc will return NULL if inl == 0 */ |
bebc0c7d | 629 | if (tmpbuf == NULL && inl > 0) |
aad22ba2 MC |
630 | return -1; |
631 | ||
632 | /* Remember what we were asked to encrypt */ | |
04e3bb04 MC |
633 | if (tmpbuf != NULL) |
634 | memcpy(tmpbuf, in, inl); | |
aad22ba2 MC |
635 | |
636 | /* Go through the motions of encrypting it */ | |
637 | EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_gcm())(ctx, out, in, inl); | |
638 | ||
6606d600 | 639 | /* Throw it all away and just use the plaintext as the output */ |
3295d242 | 640 | if (tmpbuf != NULL && out != NULL) |
04e3bb04 | 641 | memcpy(out, tmpbuf, inl); |
aad22ba2 MC |
642 | OPENSSL_free(tmpbuf); |
643 | ||
bebc0c7d | 644 | return inl; |
aad22ba2 MC |
645 | } |
646 | ||
647 | static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | |
648 | void *ptr) | |
649 | { | |
aad22ba2 | 650 | /* Pass the ctrl down */ |
6606d600 | 651 | int ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_gcm())(ctx, type, arg, ptr); |
bebc0c7d MC |
652 | |
653 | if (ret <= 0) | |
654 | return ret; | |
655 | ||
656 | switch(type) { | |
657 | case EVP_CTRL_AEAD_GET_TAG: | |
658 | /* Always give the same tag */ | |
659 | memset(ptr, 0, EVP_GCM_TLS_TAG_LEN); | |
660 | break; | |
661 | ||
662 | default: | |
663 | break; | |
664 | } | |
665 | ||
666 | return 1; | |
aad22ba2 | 667 | } |
c57c32a8 DSH |
668 | |
669 | static int ossltest_rand_bytes(unsigned char *buf, int num) | |
670 | { | |
671 | unsigned char val = 1; | |
672 | ||
673 | while (--num >= 0) | |
674 | *buf++ = val++; | |
675 | return 1; | |
676 | } | |
677 | ||
678 | static int ossltest_rand_status(void) | |
679 | { | |
680 | return 1; | |
681 | } | |
682 | ||
683 | static const RAND_METHOD *ossltest_rand_method(void) | |
684 | { | |
685 | ||
686 | static RAND_METHOD osslt_rand_meth = { | |
687 | NULL, | |
688 | ossltest_rand_bytes, | |
689 | NULL, | |
690 | NULL, | |
691 | ossltest_rand_bytes, | |
692 | ossltest_rand_status | |
693 | }; | |
694 | ||
695 | return &osslt_rand_meth; | |
696 | } |