X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=providers%2Fimplementations%2Fciphers%2Fcipher_aes_cbc_hmac_sha.c;h=ece4341a3fd73c74a3fc41161c21a48950ccf11a;hp=00b46c3f78b24e6fd2b8c300a1df61e79ebdfe02;hb=320d96a32c16de1adbf11f76819fe738f24665b1;hpb=0d2bfe52bb7e839f7bddcdb1160c335f2994df2f diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c index 00b46c3f78..ece4341a3f 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,8 +7,14 @@ * https://www.openssl.org/source/license.html */ -/* Dispatch functions for AES_CBC_HMAC_SHA ciphers */ +/* + * AES low level APIs are deprecated for public use, but still ok for internal + * use where we're using them to implement the higher level EVP interface, as is + * the case here. + */ +#include "internal/deprecated.h" +/* Dispatch functions for AES_CBC_HMAC_SHA ciphers */ #include "cipher_aes_cbc_hmac_sha.h" #include "prov/implementations.h" @@ -63,9 +69,11 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_CIPHER_HW_AES_HMAC_SHA *hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; - EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; - const OSSL_PARAM *p, *p1, *pin; + const OSSL_PARAM *p; int ret = 1; +# if !defined(OPENSSL_NO_MULTIBLOCK) + EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; +# endif p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); if (p != NULL) { @@ -95,8 +103,8 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) */ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD); if (p != NULL) { - p1 = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); if (p->data_type != OSSL_PARAM_OCTET_STRING || p1 == NULL || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) { @@ -120,10 +128,11 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) */ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC); if (p != NULL) { - p1 = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); - pin = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); + const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + const OSSL_PARAM *pin = OSSL_PARAM_locate_const(params, + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); + if (p->data_type != OSSL_PARAM_OCTET_STRING || pin == NULL || pin->data_type != OSSL_PARAM_OCTET_STRING @@ -169,13 +178,13 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; - PROV_CIPHER_HW_AES_HMAC_SHA *hw = - (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; OSSL_PARAM *p; # if !defined(OPENSSL_NO_MULTIBLOCK) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE); if (p != NULL) { + PROV_CIPHER_HW_AES_HMAC_SHA *hw = + (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; size_t len = hw->tls1_multiblock_max_bufsize(ctx); if (!OSSL_PARAM_set_size_t(p, len)) { @@ -220,7 +229,8 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); if (p != NULL - && !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen)) { + && !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen) + && !OSSL_PARAM_set_octet_ptr(p, &ctx->base.oiv, ctx->base.ivlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } @@ -274,7 +284,7 @@ static void aes_cbc_hmac_sha1_freectx(void *vctx) PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; if (ctx != NULL) - OPENSSL_clear_free(ctx, sizeof(ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits, @@ -295,7 +305,7 @@ static void aes_cbc_hmac_sha256_freectx(void *vctx) PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; if (ctx != NULL) - OPENSSL_clear_free(ctx, sizeof(ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } # define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \