2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * Generic dispatch table functions for ciphers.
14 #include "cipher_locl.h"
15 #include "internal/provider_ctx.h"
16 #include "internal/providercommonerr.h"
19 * Generic cipher functions for OSSL_PARAM gettables and settables
21 static const OSSL_PARAM cipher_known_gettable_params[] = {
22 OSSL_PARAM_int(OSSL_CIPHER_PARAM_MODE, NULL),
23 OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
24 OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL),
25 OSSL_PARAM_int(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL),
28 const OSSL_PARAM *cipher_generic_gettable_params(void)
30 return cipher_known_gettable_params;
33 int cipher_generic_get_params(OSSL_PARAM params[], int md, unsigned long flags,
34 int kbits, int blkbits, int ivbits)
38 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE);
39 if (p != NULL && !OSSL_PARAM_set_int(p, md)) {
40 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
43 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_FLAGS);
44 if (p != NULL && !OSSL_PARAM_set_ulong(p, flags)) {
45 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
48 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
49 if (p != NULL && !OSSL_PARAM_set_int(p, kbits / 8)) {
50 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
53 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE);
54 if (p != NULL && !OSSL_PARAM_set_int(p, blkbits / 8)) {
55 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
58 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
59 if (p != NULL && !OSSL_PARAM_set_int(p, ivbits / 8)) {
60 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
66 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(cipher_generic)
67 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(cipher_generic)
69 static const OSSL_PARAM cipher_known_settable_ctx_params[] = {
70 OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
71 OSSL_PARAM_int(OSSL_CIPHER_PARAM_PADDING, NULL),
72 OSSL_PARAM_int(OSSL_CIPHER_PARAM_NUM, NULL),
75 const OSSL_PARAM *cipher_generic_settable_ctx_params(void)
77 return cipher_known_settable_ctx_params;
81 * AEAD cipher functions for OSSL_PARAM gettables and settables
83 static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
84 OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
85 OSSL_PARAM_int(OSSL_CIPHER_PARAM_IVLEN, NULL),
86 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
87 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
88 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
91 const OSSL_PARAM *cipher_aead_gettable_ctx_params(void)
93 return cipher_aead_known_gettable_ctx_params;
96 static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = {
97 OSSL_PARAM_int(OSSL_CIPHER_PARAM_KEYLEN, NULL),
98 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL),
99 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
100 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
101 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0),
104 const OSSL_PARAM *cipher_aead_settable_ctx_params(void)
106 return cipher_aead_known_settable_ctx_params;
109 static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx,
110 const unsigned char *key, size_t keylen,
111 const unsigned char *iv, size_t ivlen,
116 if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) {
117 if (ivlen != ctx->ivlen) {
118 ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
121 memcpy(ctx->iv, iv, ctx->ivlen);
124 if (keylen != ctx->keylen) {
125 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN);
128 return ctx->hw->init(ctx, key, ctx->keylen);
133 int cipher_generic_einit(void *vctx, const unsigned char *key, size_t keylen,
134 const unsigned char *iv, size_t ivlen)
136 return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen,
140 int cipher_generic_dinit(void *vctx, const unsigned char *key, size_t keylen,
141 const unsigned char *iv, size_t ivlen)
143 return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen,
147 int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl,
148 size_t outsize, const unsigned char *in,
152 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
153 size_t blksz = ctx->blocksize;
154 size_t nextblocks = fillblock(ctx->buf, &ctx->bufsz, blksz, &in, &inl);
157 * If we're decrypting and we end an update on a block boundary we hold
158 * the last block back in case this is the last update call and the last
161 if (ctx->bufsz == blksz && (ctx->enc || inl > 0 || !ctx->pad)) {
162 if (outsize < blksz) {
163 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
166 if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
167 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
174 if (nextblocks > 0) {
175 if (!ctx->enc && ctx->pad && nextblocks == inl) {
176 if (!ossl_assert(inl >= blksz)) {
177 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
182 outlint += nextblocks;
183 if (outsize < outlint) {
184 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
187 if (!ctx->hw->cipher(ctx, out, in, nextblocks)) {
188 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
194 if (!trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) {
195 /* ERR_raise already called */
203 int cipher_generic_block_final(void *vctx, unsigned char *out, size_t *outl,
206 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
207 size_t blksz = ctx->blocksize;
211 padblock(ctx->buf, &ctx->bufsz, blksz);
212 } else if (ctx->bufsz == 0) {
215 } else if (ctx->bufsz != blksz) {
216 ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
220 if (outsize < blksz) {
221 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
224 if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
225 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
234 if (ctx->bufsz != blksz) {
235 if (ctx->bufsz == 0 && !ctx->pad) {
239 ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
243 if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) {
244 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
248 if (ctx->pad && !unpadblock(ctx->buf, &ctx->bufsz, blksz)) {
249 /* ERR_raise already called */
253 if (outsize < ctx->bufsz) {
254 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
257 memcpy(out, ctx->buf, ctx->bufsz);
263 int cipher_generic_stream_update(void *vctx, unsigned char *out, size_t *outl,
264 size_t outsize, const unsigned char *in,
267 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
270 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
274 if (!ctx->hw->cipher(ctx, out, in, inl)) {
275 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
282 int cipher_generic_stream_final(void *vctx, unsigned char *out, size_t *outl,
289 int cipher_generic_cipher(void *vctx,
290 unsigned char *out, size_t *outl, size_t outsize,
291 const unsigned char *in, size_t inl)
293 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
296 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
300 if (!ctx->hw->cipher(ctx, out, in, inl)) {
301 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
309 int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
311 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
314 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
315 if (p != NULL && !OSSL_PARAM_set_int(p, ctx->ivlen)) {
316 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
319 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
320 if (p != NULL && !OSSL_PARAM_set_int(p, ctx->pad)) {
321 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
324 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
326 && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen)
327 && !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) {
328 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
331 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM);
332 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->num)) {
333 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
336 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
337 if (p != NULL && !OSSL_PARAM_set_int(p, ctx->keylen)) {
338 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
345 int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
347 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
350 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING);
354 if (!OSSL_PARAM_get_int(p, &pad)) {
355 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
358 ctx->pad = pad ? 1 : 0;
360 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM);
364 if (!OSSL_PARAM_get_int(p, &num)) {
365 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
370 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
374 if (!OSSL_PARAM_get_int(p, &keylen)) {
375 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
378 ctx->keylen = keylen;
383 void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
384 size_t ivbits, int mode,
385 const PROV_CIPHER_HW *hw, void *provctx)
387 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
390 ctx->keylen = ((kbits) / 8);
391 ctx->ivlen = ((ivbits) / 8);
394 ctx->blocksize = blkbits / 8;
396 ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); /* used for rand */