2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DES low level APIs are deprecated for public use, but still ok for internal
14 #include "internal/deprecated.h"
16 #include <openssl/rand.h>
17 #include <openssl/proverr.h>
18 #include "prov/ciphercommon.h"
19 #include "cipher_tdes.h"
20 #include "prov/implementations.h"
21 #include "prov/providercommon.h"
23 void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits,
24 size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw)
28 if (!ossl_prov_is_running())
31 tctx = OPENSSL_zalloc(sizeof(*tctx));
33 ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags,
38 void *ossl_tdes_dupctx(void *ctx)
40 PROV_TDES_CTX *in = (PROV_TDES_CTX *)ctx;
43 if (!ossl_prov_is_running())
46 ret = OPENSSL_malloc(sizeof(*ret));
48 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
51 in->base.hw->copyctx(&ret->base, &in->base);
56 void ossl_tdes_freectx(void *vctx)
58 PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx;
60 ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
61 OPENSSL_clear_free(ctx, sizeof(*ctx));
64 static int tdes_init(void *vctx, const unsigned char *key, size_t keylen,
65 const unsigned char *iv, size_t ivlen,
66 const OSSL_PARAM params[], int enc)
68 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
70 if (!ossl_prov_is_running())
78 if (!ossl_cipher_generic_initiv(ctx, iv, ivlen))
80 } else if (ctx->iv_set
81 && (ctx->mode == EVP_CIPH_CBC_MODE
82 || ctx->mode == EVP_CIPH_CFB_MODE
83 || ctx->mode == EVP_CIPH_OFB_MODE)) {
84 /* reset IV to keep compatibility with 1.1.1 */
85 memcpy(ctx->iv, ctx->oiv, ctx->ivlen);
89 if (keylen != ctx->keylen) {
90 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
93 if (!ctx->hw->init(ctx, key, ctx->keylen))
96 return ossl_cipher_generic_set_ctx_params(ctx, params);
99 int ossl_tdes_einit(void *vctx, const unsigned char *key, size_t keylen,
100 const unsigned char *iv, size_t ivlen,
101 const OSSL_PARAM params[])
103 return tdes_init(vctx, key, keylen, iv, ivlen, params, 1);
106 int ossl_tdes_dinit(void *vctx, const unsigned char *key, size_t keylen,
107 const unsigned char *iv, size_t ivlen,
108 const OSSL_PARAM params[])
110 return tdes_init(vctx, key, keylen, iv, ivlen, params, 0);
113 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_tdes)
114 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
115 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes)
117 static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
120 DES_cblock *deskey = ptr;
121 size_t kl = ctx->keylen;
123 if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl, 0) <= 0)
125 DES_set_odd_parity(deskey);
127 DES_set_odd_parity(deskey + 1);
129 DES_set_odd_parity(deskey + 2);
135 int ossl_tdes_get_ctx_params(void *vctx, OSSL_PARAM params[])
137 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
140 if (!ossl_cipher_generic_get_ctx_params(vctx, params))
143 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
144 if (p != NULL && !tdes_generatekey(ctx, p->data)) {
145 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);