#include <openssl/engine.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
#include "internal/provider.h"
-#include "evp_locl.h"
+#include "evp_local.h"
int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
{
case NID_aes_128_ctr:
case NID_aes_128_xts:
case NID_aes_256_xts:
+ case NID_aes_256_ocb:
+ case NID_aes_192_ocb:
+ case NID_aes_128_ocb:
case NID_aes_256_gcm:
case NID_aes_192_gcm:
case NID_aes_128_gcm:
+ case NID_id_aes256_wrap:
+ case NID_id_aes256_wrap_pad:
+ case NID_id_aes192_wrap:
+ case NID_id_aes192_wrap_pad:
+ case NID_id_aes128_wrap:
+ case NID_id_aes128_wrap_pad:
case NID_aria_256_gcm:
case NID_aria_192_gcm:
case NID_aria_128_gcm:
case NID_des_ede_ofb64:
case NID_des_ede_cfb64:
case NID_desx_cbc:
+ case NID_des_cbc:
+ case NID_des_ecb:
+ case NID_des_cfb1:
+ case NID_des_cfb8:
+ case NID_des_cfb64:
+ case NID_des_ofb64:
case NID_id_smime_alg_CMS3DESwrap:
case NID_bf_cbc:
case NID_bf_ecb:
case NID_bf_cfb64:
case NID_bf_ofb64:
- break;
+ case NID_idea_cbc:
+ case NID_idea_ecb:
+ case NID_idea_cfb64:
+ case NID_idea_ofb64:
+ case NID_cast5_cbc:
+ case NID_cast5_ecb:
+ case NID_cast5_cfb64:
+ case NID_cast5_ofb64:
+ case NID_seed_cbc:
+ case NID_seed_ecb:
+ case NID_seed_cfb128:
+ case NID_seed_ofb128:
+ case NID_sm4_cbc:
+ case NID_sm4_ecb:
+ case NID_sm4_ctr:
+ case NID_sm4_cfb128:
+ case NID_sm4_ofb128:
+ case NID_rc4:
+ case NID_rc4_40:
+ break;
default:
goto legacy;
}
return cipher;
}
-static void *evp_cipher_from_dispatch(const char *name,
+/*
+ * FIPS module note: since internal fetches will be entirely
+ * provider based, we know that none of its code depends on legacy
+ * NIDs or any functionality that use them.
+ */
+#ifndef FIPS_MODE
+/* TODO(3.x) get rid of the need for legacy NIDs */
+static void set_legacy_nid(const char *name, void *vlegacy_nid)
+{
+ int nid;
+ int *legacy_nid = vlegacy_nid;
+
+ if (*legacy_nid == -1) /* We found a clash already */
+ return;
+ if ((nid = OBJ_sn2nid(name)) == NID_undef
+ && (nid = OBJ_ln2nid(name)) == NID_undef)
+ return;
+ if (*legacy_nid != NID_undef && *legacy_nid != nid) {
+ *legacy_nid = -1;
+ return;
+ }
+ *legacy_nid = nid;
+}
+#endif
+
+static void *evp_cipher_from_dispatch(const int name_id,
const OSSL_DISPATCH *fns,
OSSL_PROVIDER *prov,
void *unused)
EVP_CIPHER *cipher = NULL;
int fnciphcnt = 0, fnctxcnt = 0;
- if ((cipher = evp_cipher_new()) == NULL
- || (cipher->name = OPENSSL_strdup(name)) == NULL) {
- EVP_CIPHER_free(cipher);
+ if ((cipher = evp_cipher_new()) == NULL) {
EVPerr(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
#ifndef FIPS_MODE
- /*
- * FIPS module note: since internal fetches will be entirely
- * provider based, we know that none of its code depends on legacy
- * NIDs or any functionality that use them.
- *
- * TODO(3.x) get rid of the need for legacy NIDs
- */
- cipher->nid = OBJ_sn2nid(name);
+ /* TODO(3.x) get rid of the need for legacy NIDs */
+ cipher->nid = NID_undef;
+ evp_doall_names(prov, name_id, set_legacy_nid, &cipher->nid);
+ if (cipher->nid == -1) {
+ ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
+ EVP_CIPHER_free(cipher);
+ return NULL;
+ }
#endif
+ cipher->name_id = name_id;
+
for (; fns->function_id != 0; fns++) {
switch (fns->function_id) {
case OSSL_FUNC_CIPHER_NEWCTX:
if (i > 0)
return;
ossl_provider_free(cipher->prov);
- OPENSSL_free(cipher->name);
CRYPTO_THREAD_lock_free(cipher->lock);
OPENSSL_free(cipher);
}