2 * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/evp.h>
12 #include "internal/cryptlib.h"
13 #include "internal/evp_int.h"
15 /* typedef EVP_MAC_IMPL */
16 struct evp_mac_impl_st {
17 EVP_CIPHER *cipher; /* Cache GCM cipher */
18 EVP_CIPHER_CTX *ctx; /* Cipher context */
19 ENGINE *engine; /* Engine implementating the algorithm */
22 static void gmac_free(EVP_MAC_IMPL *gctx)
25 EVP_CIPHER_CTX_free(gctx->ctx);
30 static EVP_MAC_IMPL *gmac_new(void)
34 if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) == NULL
35 || (gctx->ctx = EVP_CIPHER_CTX_new()) == NULL) {
42 static int gmac_copy(EVP_MAC_IMPL *gdst, EVP_MAC_IMPL *gsrc)
44 gdst->cipher = gsrc->cipher;
45 gdst->engine = gsrc->engine;
46 return EVP_CIPHER_CTX_copy(gdst->ctx, gsrc->ctx);
49 static size_t gmac_size(EVP_MAC_IMPL *gctx)
51 return EVP_GCM_TLS_TAG_LEN;
54 static int gmac_init(EVP_MAC_IMPL *gctx)
59 static int gmac_update(EVP_MAC_IMPL *gctx, const unsigned char *data,
62 EVP_CIPHER_CTX *ctx = gctx->ctx;
65 while (datalen > INT_MAX) {
66 if (!EVP_EncryptUpdate(ctx, NULL, &outlen, data, INT_MAX))
71 return EVP_EncryptUpdate(ctx, NULL, &outlen, data, datalen);
74 static int gmac_final(EVP_MAC_IMPL *gctx, unsigned char *out)
78 if (!EVP_EncryptFinal_ex(gctx->ctx, out, &hlen)
79 || !EVP_CIPHER_CTX_ctrl(gctx->ctx, EVP_CTRL_AEAD_GET_TAG,
80 gmac_size(gctx), out))
85 static int gmac_ctrl(EVP_MAC_IMPL *gctx, int cmd, va_list args)
87 const unsigned char *p;
89 EVP_CIPHER_CTX *ctx = gctx->ctx;
90 const EVP_CIPHER *cipher;
94 case EVP_MAC_CTRL_SET_CIPHER:
95 cipher = va_arg(args, const EVP_CIPHER *);
98 if (EVP_CIPHER_mode(cipher) != EVP_CIPH_GCM_MODE) {
99 EVPerr(EVP_F_GMAC_CTRL, EVP_R_CIPHER_NOT_GCM_MODE);
102 return EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL);
104 case EVP_MAC_CTRL_SET_KEY:
105 p = va_arg(args, const unsigned char *);
106 len = va_arg(args, size_t);
107 if (len != (size_t)EVP_CIPHER_CTX_key_length(ctx)) {
108 EVPerr(EVP_F_GMAC_CTRL, EVP_R_INVALID_KEY_LENGTH);
111 return EVP_EncryptInit_ex(ctx, NULL, NULL, p, NULL);
113 case EVP_MAC_CTRL_SET_IV:
114 p = va_arg(args, const unsigned char *);
115 len = va_arg(args, size_t);
116 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, len, NULL)
117 && EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, p);
119 case EVP_MAC_CTRL_SET_ENGINE:
120 engine = va_arg(args, ENGINE *);
121 return EVP_EncryptInit_ex(ctx, NULL, engine, NULL, NULL);
128 static int gmac_ctrl_int(EVP_MAC_IMPL *gctx, int cmd, ...)
134 rv = gmac_ctrl(gctx, cmd, args);
140 static int gmac_ctrl_str_cb(void *gctx, int cmd, void *buf, size_t buflen)
142 return gmac_ctrl_int(gctx, cmd, buf, buflen);
145 static int gmac_ctrl_str(EVP_MAC_IMPL *gctx, const char *type,
150 if (strcmp(type, "cipher") == 0) {
151 const EVP_CIPHER *c = EVP_get_cipherbyname(value);
155 return gmac_ctrl_int(gctx, EVP_MAC_CTRL_SET_CIPHER, c);
157 if (strcmp(type, "key") == 0)
158 return EVP_str2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_KEY,
160 if (strcmp(type, "hexkey") == 0)
161 return EVP_hex2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_KEY,
163 if (strcmp(type, "iv") == 0)
164 return EVP_str2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_IV,
166 if (strcmp(type, "hexiv") == 0)
167 return EVP_hex2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_IV,
172 const EVP_MAC gmac_meth = {