Remove EVP_CIPH_FLAG_DEFAULT_ASN1 from all provided implementations

Since that flag has lost its relevance, don't use it any more.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)

diff --git a/providers/common/ciphers/cipher_aes_wrp.c b/providers/common/ciphers/cipher_aes_wrp.c
index ae05aed54083ff38465007aa3567f0649c615688..70f387f515e6670a2fe4a3f2064195258bc784a4 100644 (file)
--- a/providers/common/ciphers/cipher_aes_wrp.c
+++ b/providers/common/ciphers/cipher_aes_wrp.c
@@ -18,7 +18,7 @@
 /* TODO(3.0) Figure out what flags need to be passed */
 #define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \
                    | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
-                   | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1)
+                   | EVP_CIPH_ALWAYS_CALL_INIT)
 
 typedef size_t (*aeswrap_fn)(void *key, const unsigned char *iv,
                              unsigned char *out, const unsigned char *in,

diff --git a/providers/common/ciphers/cipher_aes_xts.c b/providers/common/ciphers/cipher_aes_xts.c
index 0d642368b39212f806650f99b0936ac611b1274d..f114793ba8aa405470010b944c0fa4bde2710c63 100644 (file)
--- a/providers/common/ciphers/cipher_aes_xts.c
+++ b/providers/common/ciphers/cipher_aes_xts.c
@@ -12,8 +12,9 @@
 #include "internal/providercommonerr.h"
 
 /* TODO (3.0) Figure out what flags need to be set */
-#define AES_XTS_FLAGS (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV         \
-                       | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT        \
+#define AES_XTS_FLAGS (EVP_CIPH_CUSTOM_IV          \
+                       | EVP_CIPH_ALWAYS_CALL_INIT \
+                       | EVP_CIPH_CTRL_INIT        \
                        | EVP_CIPH_CUSTOM_COPY)
 
 #define AES_XTS_IV_BITS 128

diff --git a/providers/common/include/internal/ciphers/cipher_aead.h b/providers/common/include/internal/ciphers/cipher_aead.h
index 1ddba1c325972e21c0fb16e695172e4ac2225884..0b7d595b7d840254b6248d891aa1bd75130a679e 100644 (file)
--- a/providers/common/include/internal/ciphers/cipher_aead.h
+++ b/providers/common/include/internal/ciphers/cipher_aead.h
@@ -10,10 +10,12 @@
 #define UNINITIALISED_SIZET ((size_t)-1)
 
 /* TODO(3.0) Figure out what flags are really needed */
-#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1     \
-                       | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER      \
-                       | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT        \
-                       | EVP_CIPH_CUSTOM_COPY)
+#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER           \
+                    | EVP_CIPH_CUSTOM_IV                \
+                    | EVP_CIPH_FLAG_CUSTOM_CIPHER       \
+                    | EVP_CIPH_ALWAYS_CALL_INIT         \
+                    | EVP_CIPH_CTRL_INIT                \
+                    | EVP_CIPH_CUSTOM_COPY)
 
 #define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits)  \
 static OSSL_OP_cipher_get_params_fn alg##_##kbits##_##lc##_get_params;         \

diff --git a/providers/common/include/internal/ciphers/cipher_tdes.h b/providers/common/include/internal/ciphers/cipher_tdes.h
index 120201d1ad5cfa3d2fcb46db68d1a63893323f6b..7bb879fb4f2c33faf348d49e14ae30b038f8e5ec 100644 (file)
--- a/providers/common/include/internal/ciphers/cipher_tdes.h
+++ b/providers/common/include/internal/ciphers/cipher_tdes.h
@@ -14,7 +14,7 @@
 #define TDES_IVLEN 8
 
 /* TODO(3.0) Figure out what flags need to be here */
-#define TDES_FLAGS (EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1)
+#define TDES_FLAGS (EVP_CIPH_RAND_KEY)
 
 typedef struct prov_tdes_ctx_st {
     PROV_CIPHER_CTX base;      /* Must be first */

diff --git a/providers/default/ciphers/cipher_blowfish.c b/providers/default/ciphers/cipher_blowfish.c
index 9e2920df962c3e43a2abfb5db1854a6050be4446..4730f1fd40e5d4f32b33d808108f1fced7b382de 100644 (file)
--- a/providers/default/ciphers/cipher_blowfish.c
+++ b/providers/default/ciphers/cipher_blowfish.c
@@ -12,6 +12,8 @@
 #include "cipher_blowfish.h"
 #include "internal/provider_algs.h"
 
+#define BF_FLAGS (EVP_CIPH_VARIABLE_LENGTH)
+
 static OSSL_OP_cipher_freectx_fn blowfish_freectx;
 static OSSL_OP_cipher_dupctx_fn blowfish_dupctx;
 
@@ -37,10 +39,10 @@ static void *blowfish_dupctx(void *ctx)
 }
 
 /* bf_ecb_functions */
-IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ecb, ECB, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 0, block)
+IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ecb, ECB, BF_FLAGS, 128, 64, 0, block)
 /* bf_cbc_functions */
-IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 64, block)
+IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cbc, CBC, BF_FLAGS, 128, 64, 64, block)
 /* bf_ofb_functions */
-IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ofb64, OFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream)
+IMPLEMENT_generic_cipher(blowfish, BLOWFISH, ofb64, OFB, BF_FLAGS, 64, 8, 64, stream)
 /* bf_cfb_functions */
-IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cfb64,  CFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream)
+IMPLEMENT_generic_cipher(blowfish, BLOWFISH, cfb64,  CFB, BF_FLAGS, 64, 8, 64, stream)

diff --git a/providers/default/ciphers/cipher_cast5.c b/providers/default/ciphers/cipher_cast5.c
index 13d48ea09173410691c321ca9f842f8253c4ba44..eb79aad820661b113ea9ede15a67e108bf4df51b 100644 (file)
--- a/providers/default/ciphers/cipher_cast5.c
+++ b/providers/default/ciphers/cipher_cast5.c
@@ -12,6 +12,8 @@
 #include "cipher_cast.h"
 #include "internal/provider_algs.h"
 
+#define CAST5_FLAGS (EVP_CIPH_VARIABLE_LENGTH)
+
 static OSSL_OP_cipher_freectx_fn cast5_freectx;
 static OSSL_OP_cipher_dupctx_fn cast5_dupctx;
 
@@ -37,10 +39,10 @@ static void *cast5_dupctx(void *ctx)
 }
 
 /* cast5128ecb_functions */
-IMPLEMENT_generic_cipher(cast5, CAST, ecb, ECB, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 0, block)
+IMPLEMENT_generic_cipher(cast5, CAST, ecb, ECB, CAST5_FLAGS, 128, 64, 0, block)
 /* cast5128cbc_functions */
-IMPLEMENT_generic_cipher(cast5, CAST, cbc, CBC, EVP_CIPH_VARIABLE_LENGTH, 128, 64, 64, block)
+IMPLEMENT_generic_cipher(cast5, CAST, cbc, CBC, CAST5_FLAGS, 128, 64, 64, block)
 /* cast564ofb64_functions */
-IMPLEMENT_generic_cipher(cast5, CAST, ofb64, OFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream)
+IMPLEMENT_generic_cipher(cast5, CAST, ofb64, OFB, CAST5_FLAGS, 64, 8, 64, stream)
 /* cast564cfb64_functions */
-IMPLEMENT_generic_cipher(cast5, CAST, cfb64,  CFB, EVP_CIPH_VARIABLE_LENGTH, 64, 8, 64, stream)
+IMPLEMENT_generic_cipher(cast5, CAST, cfb64,  CFB, CAST5_FLAGS, 64, 8, 64, stream)

diff --git a/providers/default/ciphers/cipher_seed.c b/providers/default/ciphers/cipher_seed.c
index 5dfa648c963b409f383bd5b725d888775d0f421c..397671dd067cc62a06f35b3f8f40112c5f58538f 100644 (file)
--- a/providers/default/ciphers/cipher_seed.c
+++ b/providers/default/ciphers/cipher_seed.c
@@ -12,9 +12,6 @@
 #include "cipher_seed.h"
 #include "internal/provider_algs.h"
 
-/* TODO (3.0) Figure out what flags are required */
-#define SEED_FLAGS EVP_CIPH_FLAG_DEFAULT_ASN1
-
 static OSSL_OP_cipher_freectx_fn seed_freectx;
 static OSSL_OP_cipher_dupctx_fn seed_dupctx;
 
@@ -40,10 +37,10 @@ static void *seed_dupctx(void *ctx)
 }
 
 /* seed128ecb_functions */
-IMPLEMENT_generic_cipher(seed, SEED, ecb, ECB, SEED_FLAGS, 128, 128, 0, block)
+IMPLEMENT_generic_cipher(seed, SEED, ecb, ECB, 0, 128, 128, 0, block)
 /* seed128cbc_functions */
-IMPLEMENT_generic_cipher(seed, SEED, cbc, CBC, SEED_FLAGS, 128, 128, 128, block)
+IMPLEMENT_generic_cipher(seed, SEED, cbc, CBC, 0, 128, 128, 128, block)
 /* seed128ofb128_functions */
-IMPLEMENT_generic_cipher(seed, SEED, ofb128, OFB, SEED_FLAGS, 128, 8, 128, stream)
+IMPLEMENT_generic_cipher(seed, SEED, ofb128, OFB, 0, 128, 8, 128, stream)
 /* seed128cfb128_functions */
-IMPLEMENT_generic_cipher(seed, SEED, cfb128,  CFB, SEED_FLAGS, 128, 8, 128, stream)
+IMPLEMENT_generic_cipher(seed, SEED, cfb128,  CFB, 0, 128, 8, 128, stream)

diff --git a/providers/default/ciphers/cipher_sm4.c b/providers/default/ciphers/cipher_sm4.c
index 8b7c3761cafb10d69b98b2e684ecaadc4960f443..2c1e5878636f3ae6fdae2c1bd811c7a29df10882 100644 (file)
--- a/providers/default/ciphers/cipher_sm4.c
+++ b/providers/default/ciphers/cipher_sm4.c
@@ -12,9 +12,6 @@
 #include "cipher_sm4.h"
 #include "internal/provider_algs.h"
 
-/* TODO (3.0) Figure out what flags to pass */
-#define SM4_FLAGS EVP_CIPH_FLAG_DEFAULT_ASN1
-
 static OSSL_OP_cipher_freectx_fn sm4_freectx;
 static OSSL_OP_cipher_dupctx_fn sm4_dupctx;
 
@@ -40,12 +37,12 @@ static void *sm4_dupctx(void *ctx)
 }
 
 /* sm4128ecb_functions */
-IMPLEMENT_generic_cipher(sm4, SM4, ecb, ECB, SM4_FLAGS, 128, 128, 0, block)
+IMPLEMENT_generic_cipher(sm4, SM4, ecb, ECB, 0, 128, 128, 0, block)
 /* sm4128cbc_functions */
-IMPLEMENT_generic_cipher(sm4, SM4, cbc, CBC, SM4_FLAGS, 128, 128, 128, block)
+IMPLEMENT_generic_cipher(sm4, SM4, cbc, CBC, 0, 128, 128, 128, block)
 /* sm4128ctr_functions */
-IMPLEMENT_generic_cipher(sm4, SM4, ctr, CTR, SM4_FLAGS, 128, 8, 128, stream)
+IMPLEMENT_generic_cipher(sm4, SM4, ctr, CTR, 0, 128, 8, 128, stream)
 /* sm4128ofb128_functions */
-IMPLEMENT_generic_cipher(sm4, SM4, ofb128, OFB, SM4_FLAGS, 128, 8, 128, stream)
+IMPLEMENT_generic_cipher(sm4, SM4, ofb128, OFB, 0, 128, 8, 128, stream)
 /* sm4128cfb128_functions */
-IMPLEMENT_generic_cipher(sm4, SM4, cfb128,  CFB, SM4_FLAGS, 128, 8, 128, stream)
+IMPLEMENT_generic_cipher(sm4, SM4, cfb128,  CFB, 0, 128, 8, 128, stream)

diff --git a/providers/default/ciphers/cipher_tdes_wrap.c b/providers/default/ciphers/cipher_tdes_wrap.c
index b48b3c973375d4950bd04e0b1401ae1ffed2a801..1ee0044489a78b80e889b102dd365f87fe90253e 100644 (file)
--- a/providers/default/ciphers/cipher_tdes_wrap.c
+++ b/providers/default/ciphers/cipher_tdes_wrap.c
@@ -15,9 +15,9 @@
 #include "internal/providercommonerr.h"
 
 /* TODO (3.0) Figure out what flags are requred */
-#define TDES_WRAP_FLAGS (EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV               \
-                        | EVP_CIPH_FLAG_CUSTOM_CIPHER                          \
-                        | EVP_CIPH_FLAG_DEFAULT_ASN1)
+#define TDES_WRAP_FLAGS (EVP_CIPH_WRAP_MODE             \
+                         | EVP_CIPH_CUSTOM_IV           \
+                         | EVP_CIPH_FLAG_CUSTOM_CIPHER)
 
 
 static OSSL_OP_cipher_update_fn tdes_wrap_update;