X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=engines%2Fe_dasync.c;h=27a56023641994c4769f651b982fcdd15f62dab1;hp=499262ff918afac328e0a201381827d1f75bfe93;hb=b1a07c38540105077878ad80a6a87c96fdbc18f1;hpb=44ab2dfdf9dc519e6d081646119bdda3ddfd9e85 diff --git a/engines/e_dasync.c b/engines/e_dasync.c index 499262ff91..27a5602364 100644 --- a/engines/e_dasync.c +++ b/engines/e_dasync.c @@ -86,7 +86,7 @@ static const char *engine_dasync_name = "Dummy Async engine support"; static int dasync_destroy(ENGINE *e); static int dasync_init(ENGINE *e); static int dasync_finish(ENGINE *e); -void engine_load_dasync_internal(void); +void engine_load_dasync_int(void); /* Set up digests. Just SHA1 for now */ @@ -101,26 +101,13 @@ static int dasync_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count); static int dasync_sha1_final(EVP_MD_CTX *ctx, unsigned char *md); +/* + * Holds the EVP_MD object for sha1 in this engine. Set up once only during + * engine bind and can then be reused many times. + */ static EVP_MD *_hidden_sha1_md = NULL; static const EVP_MD *dasync_sha1(void) { - if (_hidden_sha1_md == NULL) { - EVP_MD *md; - - if ((md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption)) == NULL - || !EVP_MD_meth_set_result_size(md, SHA_DIGEST_LENGTH) - || !EVP_MD_meth_set_input_blocksize(md, SHA_CBLOCK) - || !EVP_MD_meth_set_app_datasize(md, - sizeof(EVP_MD *) + sizeof(SHA_CTX)) - || !EVP_MD_meth_set_flags(md, EVP_MD_FLAG_DIGALGID_ABSENT) - || !EVP_MD_meth_set_init(md, dasync_sha1_init) - || !EVP_MD_meth_set_update(md, dasync_sha1_update) - || !EVP_MD_meth_set_final(md, dasync_sha1_final)) { - EVP_MD_meth_free(md); - md = NULL; - } - _hidden_sha1_md = md; - } return _hidden_sha1_md; } static void destroy_digests(void) @@ -128,6 +115,7 @@ static void destroy_digests(void) EVP_MD_meth_free(_hidden_sha1_md); _hidden_sha1_md = NULL; } + static int dasync_digest_nids(const int **nids) { static int digest_nids[2] = { 0, 0 }; @@ -161,23 +149,7 @@ static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, static int dasync_rsa_init(RSA *rsa); static int dasync_rsa_finish(RSA *rsa); -static RSA_METHOD dasync_rsa_method = { - "Dummy Async RSA method", - dasync_pub_enc, /* pub_enc */ - dasync_pub_dec, /* pub_dec */ - dasync_rsa_priv_enc, /* priv_enc */ - dasync_rsa_priv_dec, /* priv_dec */ - dasync_rsa_mod_exp, /* rsa_mod_exp */ - BN_mod_exp_mont, /* bn_mod_exp */ - dasync_rsa_init, /* init */ - dasync_rsa_finish, /* finish */ - 0, /* flags */ - NULL, /* app_data */ - 0, /* rsa_sign */ - 0, /* rsa_verify */ - NULL /* rsa_keygen */ -}; - +static RSA_METHOD *dasync_rsa_method = NULL; /* AES */ @@ -201,9 +173,8 @@ static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, size_t inl); static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx); -struct aes_128_cbc_pipeline_ctx { +struct dasync_pipeline_ctx { void *inner_cipher_data; - unsigned char dummy[256]; unsigned int numpipes; unsigned char **inbufs; unsigned char **outbufs; @@ -213,13 +184,95 @@ struct aes_128_cbc_pipeline_ctx { unsigned int aadctr; }; +/* + * Holds the EVP_CIPHER object for aes_128_cbc in this engine. Set up once only + * during engine bind and can then be reused many times. + */ static EVP_CIPHER *_hidden_aes_128_cbc = NULL; static const EVP_CIPHER *dasync_aes_128_cbc(void) { - if (_hidden_aes_128_cbc == NULL) - _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, - 16 /* block size */, - 16 /* key len */); + return _hidden_aes_128_cbc; +} + +/* + * Holds the EVP_CIPHER object for aes_128_cbc_hmac_sha1 in this engine. Set up + * once only during engine bind and can then be reused many times. + */ +static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; +static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) +{ + return _hidden_aes_128_cbc_hmac_sha1; +} + +static void destroy_ciphers(void) +{ + EVP_CIPHER_meth_free(_hidden_aes_128_cbc); + EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); + _hidden_aes_128_cbc = NULL; + _hidden_aes_128_cbc_hmac_sha1 = NULL; +} + +static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid); + +static int dasync_cipher_nids[] = { + NID_aes_128_cbc, + NID_aes_128_cbc_hmac_sha1, + 0 +}; + +static int bind_dasync(ENGINE *e) +{ + /* Setup RSA_METHOD */ + if ((dasync_rsa_method = RSA_meth_new("Dummy Async RSA method", 0)) == NULL + || RSA_meth_set_pub_enc(dasync_rsa_method, dasync_pub_enc) == 0 + || RSA_meth_set_pub_dec(dasync_rsa_method, dasync_pub_dec) == 0 + || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_enc) == 0 + || RSA_meth_set_priv_enc(dasync_rsa_method, dasync_rsa_priv_dec) == 0 + || RSA_meth_set_mod_exp(dasync_rsa_method, dasync_rsa_mod_exp) == 0 + || RSA_meth_set_bn_mod_exp(dasync_rsa_method, BN_mod_exp_mont) == 0 + || RSA_meth_set_init(dasync_rsa_method, dasync_rsa_init) == 0 + || RSA_meth_set_finish(dasync_rsa_method, dasync_rsa_finish) == 0) { + DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); + return 0; + } + + /* Ensure the dasync error handling is set up */ + ERR_load_DASYNC_strings(); + + if (!ENGINE_set_id(e, engine_dasync_id) + || !ENGINE_set_name(e, engine_dasync_name) + || !ENGINE_set_RSA(e, dasync_rsa_method) + || !ENGINE_set_digests(e, dasync_digests) + || !ENGINE_set_ciphers(e, dasync_ciphers) + || !ENGINE_set_destroy_function(e, dasync_destroy) + || !ENGINE_set_init_function(e, dasync_init) + || !ENGINE_set_finish_function(e, dasync_finish)) { + DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); + return 0; + } + + /* + * Set up the EVP_CIPHER and EVP_MD objects for the ciphers/digests + * supplied by this engine + */ + _hidden_sha1_md = EVP_MD_meth_new(NID_sha1, NID_sha1WithRSAEncryption); + if (_hidden_sha1_md == NULL + || !EVP_MD_meth_set_result_size(_hidden_sha1_md, SHA_DIGEST_LENGTH) + || !EVP_MD_meth_set_input_blocksize(_hidden_sha1_md, SHA_CBLOCK) + || !EVP_MD_meth_set_app_datasize(_hidden_sha1_md, + sizeof(EVP_MD *) + sizeof(SHA_CTX)) + || !EVP_MD_meth_set_flags(_hidden_sha1_md, EVP_MD_FLAG_DIGALGID_ABSENT) + || !EVP_MD_meth_set_init(_hidden_sha1_md, dasync_sha1_init) + || !EVP_MD_meth_set_update(_hidden_sha1_md, dasync_sha1_update) + || !EVP_MD_meth_set_final(_hidden_sha1_md, dasync_sha1_final)) { + EVP_MD_meth_free(_hidden_sha1_md); + _hidden_sha1_md = NULL; + } + + _hidden_aes_128_cbc = EVP_CIPHER_meth_new(NID_aes_128_cbc, + 16 /* block size */, + 16 /* key len */); if (_hidden_aes_128_cbc == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc,16) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc, @@ -235,21 +288,15 @@ static const EVP_CIPHER *dasync_aes_128_cbc(void) || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc, dasync_aes128_cbc_ctrl) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc, - sizeof(struct aes_128_cbc_pipeline_ctx))) { + sizeof(struct dasync_pipeline_ctx))) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc); _hidden_aes_128_cbc = NULL; } - return _hidden_aes_128_cbc; -} -static EVP_CIPHER *_hidden_aes_128_cbc_hmac_sha1 = NULL; -static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) -{ - if (_hidden_aes_128_cbc_hmac_sha1 == NULL) - _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( - NID_aes_128_cbc_hmac_sha1, - 16 /* block size */, - 16 /* key len */); + _hidden_aes_128_cbc_hmac_sha1 = EVP_CIPHER_meth_new( + NID_aes_128_cbc_hmac_sha1, + 16 /* block size */, + 16 /* key len */); if (_hidden_aes_128_cbc_hmac_sha1 == NULL || !EVP_CIPHER_meth_set_iv_length(_hidden_aes_128_cbc_hmac_sha1,16) || !EVP_CIPHER_meth_set_flags(_hidden_aes_128_cbc_hmac_sha1, @@ -266,38 +313,10 @@ static const EVP_CIPHER *dasync_aes_128_cbc_hmac_sha1(void) || !EVP_CIPHER_meth_set_ctrl(_hidden_aes_128_cbc_hmac_sha1, dasync_aes128_cbc_hmac_sha1_ctrl) || !EVP_CIPHER_meth_set_impl_ctx_size(_hidden_aes_128_cbc_hmac_sha1, - sizeof(struct aes_128_cbc_pipeline_ctx))) { + sizeof(struct dasync_pipeline_ctx))) { EVP_CIPHER_meth_free(_hidden_aes_128_cbc_hmac_sha1); _hidden_aes_128_cbc_hmac_sha1 = NULL; } - return _hidden_aes_128_cbc_hmac_sha1; -} - -static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); - -static int dasync_cipher_nids[] = { - NID_aes_128_cbc, - NID_aes_128_cbc_hmac_sha1, - 0 -}; - -static int bind_dasync(ENGINE *e) -{ - /* Ensure the dasync error handling is set up */ - ERR_load_DASYNC_strings(); - - if (!ENGINE_set_id(e, engine_dasync_id) - || !ENGINE_set_name(e, engine_dasync_name) - || !ENGINE_set_RSA(e, &dasync_rsa_method) - || !ENGINE_set_digests(e, dasync_digests) - || !ENGINE_set_ciphers(e, dasync_ciphers) - || !ENGINE_set_destroy_function(e, dasync_destroy) - || !ENGINE_set_init_function(e, dasync_init) - || !ENGINE_set_finish_function(e, dasync_finish)) { - DASYNCerr(DASYNC_F_BIND_DASYNC, DASYNC_R_INIT_FAILED); - return 0; - } return 1; } @@ -328,7 +347,7 @@ static ENGINE *engine_dasync(void) return ret; } -void engine_load_dasync_internal(void) +void engine_load_dasync_int(void) { ENGINE *toadd = engine_dasync(); if (!toadd) @@ -353,6 +372,8 @@ static int dasync_finish(ENGINE *e) static int dasync_destroy(ENGINE *e) { destroy_digests(); + destroy_ciphers(); + RSA_meth_free(dasync_rsa_method); ERR_unload_DASYNC_strings(); return 1; } @@ -382,7 +403,7 @@ static int dasync_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) { int ok = 1; - if (!cipher) { + if (cipher == NULL) { /* We are returning a list of supported nids */ *nids = dasync_cipher_nids; return (sizeof(dasync_cipher_nids) - @@ -523,14 +544,16 @@ static int dasync_pub_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { /* Ignore errors - we carry on anyway */ dummy_pause_job(); - return RSA_PKCS1_OpenSSL()->rsa_pub_enc(flen, from, to, rsa, padding); + return RSA_meth_get_pub_enc(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); } static int dasync_pub_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { /* Ignore errors - we carry on anyway */ dummy_pause_job(); - return RSA_PKCS1_OpenSSL()->rsa_pub_dec(flen, from, to, rsa, padding); + return RSA_meth_get_pub_dec(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); } static int dasync_rsa_priv_enc(int flen, const unsigned char *from, @@ -538,7 +561,8 @@ static int dasync_rsa_priv_enc(int flen, const unsigned char *from, { /* Ignore errors - we carry on anyway */ dummy_pause_job(); - return RSA_PKCS1_OpenSSL()->rsa_priv_enc(flen, from, to, rsa, padding); + return RSA_meth_get_priv_enc(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); } static int dasync_rsa_priv_dec(int flen, const unsigned char *from, @@ -546,137 +570,34 @@ static int dasync_rsa_priv_dec(int flen, const unsigned char *from, { /* Ignore errors - we carry on anyway */ dummy_pause_job(); - return RSA_PKCS1_OpenSSL()->rsa_priv_dec(flen, from, to, rsa, padding); + return RSA_meth_get_priv_dec(RSA_PKCS1_OpenSSL()) + (flen, from, to, rsa, padding); } static int dasync_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { /* Ignore errors - we carry on anyway */ dummy_pause_job(); - return RSA_PKCS1_OpenSSL()->rsa_mod_exp(r0, I, rsa, ctx); + return RSA_meth_get_mod_exp(RSA_PKCS1_OpenSSL())(r0, I, rsa, ctx); } static int dasync_rsa_init(RSA *rsa) { - return RSA_PKCS1_OpenSSL()->init(rsa); + return RSA_meth_get_init(RSA_PKCS1_OpenSSL())(rsa); } static int dasync_rsa_finish(RSA *rsa) { - return RSA_PKCS1_OpenSSL()->finish(rsa); + return RSA_meth_get_finish(RSA_PKCS1_OpenSSL())(rsa); } -/* - * AES128 Implementation - */ +/* Cipher helper functions */ -static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, - void *ptr) -{ - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - if (pipe_ctx == NULL) - return 0; - - switch (type) { - case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: - pipe_ctx->numpipes = arg; - pipe_ctx->outbufs = (unsigned char **)ptr; - break; - - case EVP_CTRL_SET_PIPELINE_INPUT_BUFS: - pipe_ctx->numpipes = arg; - pipe_ctx->inbufs = (unsigned char **)ptr; - break; - - case EVP_CTRL_SET_PIPELINE_INPUT_LENS: - pipe_ctx->numpipes = arg; - pipe_ctx->lens = (size_t *)ptr; - break; - - default: - return 0; - } - - return 1; -} - -static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) +static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr, int aeadcapable) { int ret; - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - if (pipe_ctx->inner_cipher_data == NULL - && EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc()) != 0) { - pipe_ctx->inner_cipher_data = OPENSSL_zalloc( - EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc())); - if (pipe_ctx->inner_cipher_data == NULL) { - DASYNCerr(DASYNC_F_DASYNC_AES128_INIT_KEY, - ERR_R_MALLOC_FAILURE); - return 0; - } - } - - pipe_ctx->numpipes = 0; - pipe_ctx->aadctr = 0; - - EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); - ret = EVP_CIPHER_meth_get_init(EVP_aes_128_cbc())(ctx, key, iv, enc); - EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); - - return ret; -} - -static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - int ret = 1; - unsigned int i, pipes; - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - pipes = pipe_ctx->numpipes; - EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); - if (pipes == 0) { - ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc()) - (ctx, out, in, inl); - } else { - for (i = 0; i < pipes; i++) { - ret = ret && EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc()) - (ctx, pipe_ctx->outbufs[i], - pipe_ctx->inbufs[i], - pipe_ctx->lens[i]); - } - pipe_ctx->numpipes = 0; - } - EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); - return ret; -} - -static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) -{ - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); - - OPENSSL_clear_free(pipe_ctx->inner_cipher_data, - EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc())); - - return 1; -} - - -/* - * AES128 CBC HMAC SHA1 Implementation - */ - -static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, - int arg, void *ptr) -{ - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); - int ret; + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); if (pipe_ctx == NULL) return 0; @@ -698,6 +619,8 @@ static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, break; case EVP_CTRL_AEAD_SET_MAC_KEY: + if (!aeadcapable) + return -1; EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); ret = EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) (ctx, type, arg, ptr); @@ -709,7 +632,7 @@ static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, unsigned char *p = ptr; unsigned int len; - if (arg != EVP_AEAD_TLS1_AAD_LEN) + if (!aeadcapable || arg != EVP_AEAD_TLS1_AAD_LEN) return -1; if (pipe_ctx->aadctr >= SSL_MAX_PIPELINES) @@ -733,7 +656,6 @@ static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, } } - default: return 0; } @@ -741,48 +663,44 @@ static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, return 1; } -static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, - const unsigned char *key, - const unsigned char *iv, - int enc) +static int dasync_cipher_init_key_helper(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, int enc, + const EVP_CIPHER *cipher) { int ret; - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); if (pipe_ctx->inner_cipher_data == NULL - && EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc_hmac_sha1()) - != 0) { - pipe_ctx->inner_cipher_data = - OPENSSL_zalloc(EVP_CIPHER_impl_ctx_size( - EVP_aes_128_cbc_hmac_sha1())); + && EVP_CIPHER_impl_ctx_size(cipher) != 0) { + pipe_ctx->inner_cipher_data = OPENSSL_zalloc( + EVP_CIPHER_impl_ctx_size(cipher)); if (pipe_ctx->inner_cipher_data == NULL) { - DASYNCerr(DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY, + DASYNCerr(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, ERR_R_MALLOC_FAILURE); return 0; } } pipe_ctx->numpipes = 0; - pipe_ctx->enc = enc; + pipe_ctx->aadctr = 0; EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); - ret = EVP_CIPHER_meth_get_init(EVP_aes_128_cbc_hmac_sha1()) - (ctx, key, iv, enc); + ret = EVP_CIPHER_meth_get_init(cipher)(ctx, key, iv, enc); EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx); return ret; } -static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, - unsigned char *out, - const unsigned char *in, - size_t inl) +static int dasync_cipher_helper(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl, + const EVP_CIPHER *cipher) { int ret = 1; unsigned int i, pipes; - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); pipes = pipe_ctx->numpipes; EVP_CIPHER_CTX_set_cipher_data(ctx, pipe_ctx->inner_cipher_data); @@ -790,25 +708,24 @@ static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, if (pipe_ctx->aadctr != 0) { if (pipe_ctx->aadctr != 1) return -1; - EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) + EVP_CIPHER_meth_get_ctrl(cipher) (ctx, EVP_CTRL_AEAD_TLS1_AAD, EVP_AEAD_TLS1_AAD_LEN, pipe_ctx->tlsaad[0]); } - ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc_hmac_sha1()) + ret = EVP_CIPHER_meth_get_do_cipher(cipher) (ctx, out, in, inl); } else { if (pipe_ctx->aadctr > 0 && pipe_ctx->aadctr != pipes) return -1; for (i = 0; i < pipes; i++) { if (pipe_ctx->aadctr > 0) { - EVP_CIPHER_meth_get_ctrl(EVP_aes_128_cbc_hmac_sha1()) + EVP_CIPHER_meth_get_ctrl(cipher) (ctx, EVP_CTRL_AEAD_TLS1_AAD, EVP_AEAD_TLS1_AAD_LEN, pipe_ctx->tlsaad[i]); } - ret = ret && EVP_CIPHER_meth_get_do_cipher( - EVP_aes_128_cbc_hmac_sha1()) + ret = ret && EVP_CIPHER_meth_get_do_cipher(cipher) (ctx, pipe_ctx->outbufs[i], pipe_ctx->inbufs[i], pipe_ctx->lens[i]); } @@ -819,13 +736,74 @@ static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, return ret; } -static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx) +static int dasync_cipher_cleanup_helper(EVP_CIPHER_CTX *ctx, + const EVP_CIPHER *cipher) { - struct aes_128_cbc_pipeline_ctx *pipe_ctx = - (struct aes_128_cbc_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); + struct dasync_pipeline_ctx *pipe_ctx = + (struct dasync_pipeline_ctx *)EVP_CIPHER_CTX_get_cipher_data(ctx); OPENSSL_clear_free(pipe_ctx->inner_cipher_data, - EVP_CIPHER_impl_ctx_size(EVP_aes_128_cbc_hmac_sha1())); + EVP_CIPHER_impl_ctx_size(cipher)); return 1; } + +/* + * AES128 CBC Implementation + */ + +static int dasync_aes128_cbc_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, + void *ptr) +{ + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 0); +} + +static int dasync_aes128_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc) +{ + return dasync_cipher_init_key_helper(ctx, key, iv, enc, EVP_aes_128_cbc()); +} + +static int dasync_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) +{ + return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc()); +} + +static int dasync_aes128_cbc_cleanup(EVP_CIPHER_CTX *ctx) +{ + return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc()); +} + + +/* + * AES128 CBC HMAC SHA1 Implementation + */ + +static int dasync_aes128_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, + int arg, void *ptr) +{ + return dasync_cipher_ctrl_helper(ctx, type, arg, ptr, 1); +} + +static int dasync_aes128_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, + const unsigned char *key, + const unsigned char *iv, + int enc) +{ + return dasync_cipher_init_key_helper(ctx, key, iv, enc, + EVP_aes_128_cbc_hmac_sha1()); +} + +static int dasync_aes128_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, + unsigned char *out, + const unsigned char *in, + size_t inl) +{ + return dasync_cipher_helper(ctx, out, in, inl, EVP_aes_128_cbc_hmac_sha1()); +} + +static int dasync_aes128_cbc_hmac_sha1_cleanup(EVP_CIPHER_CTX *ctx) +{ + return dasync_cipher_cleanup_helper(ctx, EVP_aes_128_cbc_hmac_sha1()); +}