/*
- * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
-#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/cmac.h>
+#include <openssl/err.h>
+#include <openssl/proverr.h>
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
return NULL;
dst = cmac_new(src->provctx);
+ if (dst == NULL)
+ return NULL;
if (!CMAC_CTX_copy(dst->ctx, src->ctx)
|| !ossl_prov_cipher_copy(&dst->cipher, &src->cipher)) {
cmac_free(dst);
static size_t cmac_size(void *vmacctx)
{
struct cmac_data_st *macctx = vmacctx;
+ const EVP_CIPHER_CTX *cipherctx = CMAC_CTX_get0_cipher_ctx(macctx->ctx);
+
+ if (EVP_CIPHER_CTX_get0_cipher(cipherctx) == NULL)
+ return 0;
- return EVP_CIPHER_CTX_block_size(CMAC_CTX_get0_cipher_ctx(macctx->ctx));
+ return EVP_CIPHER_CTX_get_block_size(cipherctx);
}
-static int cmac_init(void *vmacctx)
+static int cmac_setkey(struct cmac_data_st *macctx,
+ const unsigned char *key, size_t keylen)
+{
+ int rv = CMAC_Init(macctx->ctx, key, keylen,
+ ossl_prov_cipher_cipher(&macctx->cipher),
+ ossl_prov_cipher_engine(&macctx->cipher));
+ ossl_prov_cipher_reset(&macctx->cipher);
+ return rv;
+}
+
+static int cmac_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
{
struct cmac_data_st *macctx = vmacctx;
- int rv;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !cmac_set_ctx_params(macctx, params))
return 0;
-
- rv = CMAC_Init(macctx->ctx, NULL, 0,
- ossl_prov_cipher_cipher(&macctx->cipher),
- ossl_prov_cipher_engine(&macctx->cipher));
-
- ossl_prov_cipher_reset(&macctx->cipher);
- return rv;
+ if (key != NULL)
+ return cmac_setkey(macctx, key, keylen);
+ /* Reinitialize the CMAC context */
+ return CMAC_Init(macctx->ctx, NULL, 0, NULL, NULL);
}
static int cmac_update(void *vmacctx, const unsigned char *data,
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_PARAM_END
};
-static const OSSL_PARAM *cmac_gettable_ctx_params(ossl_unused void *provctx)
+static const OSSL_PARAM *cmac_gettable_ctx_params(ossl_unused void *ctx,
+ ossl_unused void *provctx)
{
return known_gettable_ctx_params;
}
{
OSSL_PARAM *p;
- if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
- return OSSL_PARAM_set_size_t(p, cmac_size(vmacctx));
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)))
+ return 0;
+
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)))
+ return 0;
return 1;
}
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_END
};
-static const OSSL_PARAM *cmac_settable_ctx_params(ossl_unused void *provctx)
+static const OSSL_PARAM *cmac_settable_ctx_params(ossl_unused void *ctx,
+ ossl_unused void *provctx)
{
return known_settable_ctx_params;
}
static int cmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
struct cmac_data_st *macctx = vmacctx;
- OPENSSL_CTX *ctx = PROV_LIBRARY_CONTEXT_OF(macctx->provctx);
+ OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx);
const OSSL_PARAM *p;
- if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, ctx))
- return 0;
+ if (params == NULL)
+ return 1;
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
- if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
+ if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, ctx))
return 0;
- if (!CMAC_Init(macctx->ctx, p->data, p->data_size,
- ossl_prov_cipher_cipher(&macctx->cipher),
- ossl_prov_cipher_engine(&macctx->cipher)))
+ if (EVP_CIPHER_get_mode(ossl_prov_cipher_cipher(&macctx->cipher))
+ != EVP_CIPH_CBC_MODE) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
return 0;
+ }
+ }
- ossl_prov_cipher_reset(&macctx->cipher);
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
+ if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ return 0;
+ return cmac_setkey(macctx, p->data, p->data_size);
}
return 1;
}
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))cmac_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))cmac_set_ctx_params },
- { 0, NULL }
+ OSSL_DISPATCH_END
};
projects / openssl.git / blobdiff