Add dupctx support to aead ciphers

Add dupctx method support to to ciphers implemented with IMPLEMENT_aead_cipher
This includes:
aes-<kbits>-gcm
aria-<kbits>-ccm
aria-<kbits>-gcm

Fixes #21887

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23102)

(cherry picked from commit 879a853a1dc968fb010e5bf17d2e8888acc70742)

diff --git a/providers/implementations/ciphers/cipher_aes_ccm.c b/providers/implementations/ciphers/cipher_aes_ccm.c
index bb4b1e1e64907a4fc204b6811bbd6cebc7a0f322..3930f52d60650e5ab4ab8adf0771c465f9094f48 100644 (file)
--- a/providers/implementations/ciphers/cipher_aes_ccm.c
+++ b/providers/implementations/ciphers/cipher_aes_ccm.c
@@ -33,6 +33,26 @@ static void *aes_ccm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aes_ccm_dupctx(void *provctx)
+{
+    PROV_AES_CCM_CTX *ctx = provctx;
+    PROV_AES_CCM_CTX *dupctx = NULL;
+
+    if (ctx == NULL)
+        return NULL;
+    dupctx = OPENSSL_memdup(provctx, sizeof(*ctx));
+    if (dupctx == NULL)
+        return NULL;
+    /*
+     * ossl_cm_initctx, via the ossl_prov_aes_hw_ccm functions assign a
+     * provctx->ccm.ks.ks to the ccm context key so we need to point it to
+     * the memduped copy
+     */
+    dupctx->base.ccm_ctx.key = &dupctx->ccm.ks.ks;
+
+    return dupctx;
+}
+
 static OSSL_FUNC_cipher_freectx_fn aes_ccm_freectx;
 static void aes_ccm_freectx(void *vctx)
 {

diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c
index 0081ca6cd776fc4f8f2a0718f8e1becc966150c9..0a15693cc1a4cf6b109868243d61f9f7f335ee98 100644 (file)
--- a/providers/implementations/ciphers/cipher_aes_gcm.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm.c
@@ -34,6 +34,15 @@ static void *aes_gcm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aes_gcm_dupctx(void *provctx)
+{
+    PROV_AES_GCM_CTX *ctx = provctx;
+
+    if (ctx == NULL)
+        return NULL;
+    return OPENSSL_memdup(ctx, sizeof(*ctx));
+}
+
 static OSSL_FUNC_cipher_freectx_fn aes_gcm_freectx;
 static void aes_gcm_freectx(void *vctx)
 {

diff --git a/providers/implementations/ciphers/cipher_aria_ccm.c b/providers/implementations/ciphers/cipher_aria_ccm.c
index d6b5517ee0965f62a7123c357a3e6342c4138374..39a96a6f1404d6b7281befb7e2d04e1b6e309f07 100644 (file)
--- a/providers/implementations/ciphers/cipher_aria_ccm.c
+++ b/providers/implementations/ciphers/cipher_aria_ccm.c
@@ -28,6 +28,15 @@ static void *aria_ccm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aria_ccm_dupctx(void *provctx)
+{
+    PROV_ARIA_CCM_CTX *ctx = provctx;
+
+    if (ctx == NULL)
+        return NULL;
+    return OPENSSL_memdup(ctx, sizeof(*ctx));
+}
+
 static void aria_ccm_freectx(void *vctx)
 {
     PROV_ARIA_CCM_CTX *ctx = (PROV_ARIA_CCM_CTX *)vctx;

diff --git a/providers/implementations/ciphers/cipher_aria_gcm.c b/providers/implementations/ciphers/cipher_aria_gcm.c
index b412bd3202f82e470372695c02ddc9775e993e37..6ffa0910fa21ddb799714ace09373af5db9dea45 100644 (file)
--- a/providers/implementations/ciphers/cipher_aria_gcm.c
+++ b/providers/implementations/ciphers/cipher_aria_gcm.c
@@ -27,6 +27,15 @@ static void *aria_gcm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aria_gcm_dupctx(void *provctx)
+{
+    PROV_ARIA_GCM_CTX *ctx = provctx;
+
+    if (ctx == NULL)
+        return NULL;
+    return OPENSSL_memdup(ctx, sizeof(*ctx));
+}
+
 static OSSL_FUNC_cipher_freectx_fn aria_gcm_freectx;
 static void aria_gcm_freectx(void *vctx)
 {

diff --git a/providers/implementations/include/prov/ciphercommon_aead.h b/providers/implementations/include/prov/ciphercommon_aead.h
index 1d017175d320160a9f4fffcbd122bb9ff29ca9a8..de3dd52ee7c451c74517e8b4cc6fe7e7cab2751a 100644 (file)
--- a/providers/implementations/include/prov/ciphercommon_aead.h
+++ b/providers/implementations/include/prov/ciphercommon_aead.h
@@ -23,9 +23,14 @@ static void * alg##kbits##lc##_newctx(void *provctx)                           \
 {                                                                              \
     return alg##_##lc##_newctx(provctx, kbits);                                \
 }                                                                              \
+static void * alg##kbits##lc##_dupctx(void *src)                               \
+{                                                                              \
+    return alg##_##lc##_dupctx(src);                                           \
+}                                                                              \
 const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = {                    \
     { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx },      \
     { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx },        \
+    { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##kbits##lc##_dupctx },      \
     { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_##lc##_einit },      \
     { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_##lc##_dinit },      \
     { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_##lc##_stream_update },    \