1/* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10/* 11 * EVP _meth_ APIs are deprecated for public use, but still ok for 12 * internal use. 13 */ 14#include "internal/deprecated.h" 15 16#include <stdio.h> 17#include <string.h> 18#include "internal/cryptlib.h" 19#include <openssl/evp.h> 20#include <openssl/objects.h> 21#include <openssl/params.h> 22#include <openssl/core_names.h> 23#include <openssl/rsa.h> 24#include <openssl/dh.h> 25#include <openssl/ec.h> 26#include "crypto/evp.h" 27#include "crypto/cryptlib.h" 28#include "internal/provider.h" 29#include "evp_local.h" 30 31#if !defined(FIPS_MODULE) 32# include "crypto/asn1.h" 33 34int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 35{ 36 return evp_cipher_param_to_asn1_ex(c, type, NULL); 37} 38 39int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 40{ 41 return evp_cipher_asn1_to_param_ex(c, type, NULL); 42} 43 44int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type) 45{ 46 int i = 0; 47 unsigned int l; 48 49 if (type != NULL) { 50 unsigned char iv[EVP_MAX_IV_LENGTH]; 51 52 l = EVP_CIPHER_CTX_get_iv_length(ctx); 53 if (!ossl_assert(l <= sizeof(iv))) 54 return -1; 55 i = ASN1_TYPE_get_octetstring(type, iv, l); 56 if (i != (int)l) 57 return -1; 58 59 if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1)) 60 return -1; 61 } 62 return i; 63} 64 65int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 66{ 67 int i = 0; 68 unsigned int j; 69 unsigned char *oiv = NULL; 70 71 if (type != NULL) { 72 oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c); 73 j = EVP_CIPHER_CTX_get_iv_length(c); 74 OPENSSL_assert(j <= sizeof(c->iv)); 75 i = ASN1_TYPE_set_octetstring(type, oiv, j); 76 } 77 return i; 78} 79 80int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type, 81 evp_cipher_aead_asn1_params *asn1_params) 82{ 83 int ret = -1; /* Assume the worst */ 84 const EVP_CIPHER *cipher = c->cipher; 85 86 /* 87 * For legacy implementations, we detect custom AlgorithmIdentifier 88 * parameter handling by checking if the function pointer 89 * cipher->set_asn1_parameters is set. We know that this pointer 90 * is NULL for provided implementations. 91 * 92 * Otherwise, for any implementation, we check the flag 93 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply 94 * default AI parameter extraction. 95 * 96 * Otherwise, for provided implementations, we convert |type| to 97 * a DER encoded blob and pass to the implementation in OSSL_PARAM 98 * form. 99 * 100 * If none of the above applies, this operation is unsupported. 101 */ 102 if (cipher->set_asn1_parameters != NULL) { 103 ret = cipher->set_asn1_parameters(c, type); 104 } else if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) { 105 switch (EVP_CIPHER_get_mode(cipher)) { 106 case EVP_CIPH_WRAP_MODE: 107 if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap)) 108 ASN1_TYPE_set(type, V_ASN1_NULL, NULL); 109 ret = 1; 110 break; 111 112 case EVP_CIPH_GCM_MODE: 113 ret = evp_cipher_set_asn1_aead_params(c, type, asn1_params); 114 break; 115 116 case EVP_CIPH_CCM_MODE: 117 case EVP_CIPH_XTS_MODE: 118 case EVP_CIPH_OCB_MODE: 119 ret = -2; 120 break; 121 122 default: 123 ret = EVP_CIPHER_set_asn1_iv(c, type); 124 } 125 } else if (cipher->prov != NULL) { 126 OSSL_PARAM params[3], *p = params; 127 unsigned char *der = NULL, *derp; 128 129 /* 130 * We make two passes, the first to get the appropriate buffer size, 131 * and the second to get the actual value. 132 */ 133 *p++ = OSSL_PARAM_construct_octet_string( 134 OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, 135 NULL, 0); 136 *p = OSSL_PARAM_construct_end(); 137 138 if (!EVP_CIPHER_CTX_get_params(c, params)) 139 goto err; 140 141 /* ... but, we should get a return size too! */ 142 if (OSSL_PARAM_modified(params) 143 && params[0].return_size != 0 144 && (der = OPENSSL_malloc(params[0].return_size)) != NULL) { 145 params[0].data = der; 146 params[0].data_size = params[0].return_size; 147 OSSL_PARAM_set_all_unmodified(params); 148 derp = der; 149 if (EVP_CIPHER_CTX_get_params(c, params) 150 && OSSL_PARAM_modified(params) 151 && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp, 152 params[0].return_size) != NULL) { 153 ret = 1; 154 } 155 OPENSSL_free(der); 156 } 157 } else { 158 ret = -2; 159 } 160 161 err: 162 if (ret == -2) 163 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER); 164 else if (ret <= 0) 165 ERR_raise(ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR); 166 if (ret < -1) 167 ret = -1; 168 return ret; 169} 170 171int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type, 172 evp_cipher_aead_asn1_params *asn1_params) 173{ 174 int ret = -1; /* Assume the worst */ 175 const EVP_CIPHER *cipher = c->cipher; 176 177 /* 178 * For legacy implementations, we detect custom AlgorithmIdentifier 179 * parameter handling by checking if there the function pointer 180 * cipher->get_asn1_parameters is set. We know that this pointer 181 * is NULL for provided implementations. 182 * 183 * Otherwise, for any implementation, we check the flag 184 * EVP_CIPH_FLAG_CUSTOM_ASN1. If it isn't set, we apply 185 * default AI parameter creation. 186 * 187 * Otherwise, for provided implementations, we get the AI parameter 188 * in DER encoded form from the implementation by requesting the 189 * appropriate OSSL_PARAM and converting the result to a ASN1_TYPE. 190 * 191 * If none of the above applies, this operation is unsupported. 192 */ 193 if (cipher->get_asn1_parameters != NULL) { 194 ret = cipher->get_asn1_parameters(c, type); 195 } else if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) { 196 switch (EVP_CIPHER_get_mode(cipher)) { 197 case EVP_CIPH_WRAP_MODE: 198 ret = 1; 199 break; 200 201 case EVP_CIPH_GCM_MODE: 202 ret = evp_cipher_get_asn1_aead_params(c, type, asn1_params); 203 break; 204 205 case EVP_CIPH_CCM_MODE: 206 case EVP_CIPH_XTS_MODE: 207 case EVP_CIPH_OCB_MODE: 208 ret = -2; 209 break; 210 211 default: 212 ret = EVP_CIPHER_get_asn1_iv(c, type) >= 0 ? 1 : -1; 213 } 214 } else if (cipher->prov != NULL) { 215 OSSL_PARAM params[3], *p = params; 216 unsigned char *der = NULL; 217 int derl = -1; 218 219 if ((derl = i2d_ASN1_TYPE(type, &der)) >= 0) { 220 *p++ = 221 OSSL_PARAM_construct_octet_string( 222 OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, 223 der, (size_t)derl); 224 *p = OSSL_PARAM_construct_end(); 225 if (EVP_CIPHER_CTX_set_params(c, params)) 226 ret = 1; 227 OPENSSL_free(der); 228 } 229 } else { 230 ret = -2; 231 } 232 233 if (ret == -2) 234 ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER); 235 else if (ret <= 0) 236 ERR_raise(ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR); 237 if (ret < -1) 238 ret = -1; 239 return ret; 240} 241 242int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type, 243 evp_cipher_aead_asn1_params *asn1_params) 244{ 245 int i = 0; 246 long tl; 247 unsigned char iv[EVP_MAX_IV_LENGTH]; 248 249 if (type == NULL || asn1_params == NULL) 250 return 0; 251 252 i = ossl_asn1_type_get_octetstring_int(type, &tl, NULL, EVP_MAX_IV_LENGTH); 253 if (i <= 0) 254 return -1; 255 ossl_asn1_type_get_octetstring_int(type, &tl, iv, i); 256 257 memcpy(asn1_params->iv, iv, i); 258 asn1_params->iv_len = i; 259 260 return i; 261} 262 263int evp_cipher_set_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type, 264 evp_cipher_aead_asn1_params *asn1_params) 265{ 266 if (type == NULL || asn1_params == NULL) 267 return 0; 268 269 return ossl_asn1_type_set_octetstring_int(type, asn1_params->tag_len, 270 asn1_params->iv, 271 asn1_params->iv_len); 272} 273#endif /* !defined(FIPS_MODULE) */ 274 275/* Convert the various cipher NIDs and dummies to a proper OID NID */ 276int EVP_CIPHER_get_type(const EVP_CIPHER *cipher) 277{ 278 int nid; 279 nid = EVP_CIPHER_get_nid(cipher); 280 281 switch (nid) { 282 283 case NID_rc2_cbc: 284 case NID_rc2_64_cbc: 285 case NID_rc2_40_cbc: 286 287 return NID_rc2_cbc; 288 289 case NID_rc4: 290 case NID_rc4_40: 291 292 return NID_rc4; 293 294 case NID_aes_128_cfb128: 295 case NID_aes_128_cfb8: 296 case NID_aes_128_cfb1: 297 298 return NID_aes_128_cfb128; 299 300 case NID_aes_192_cfb128: 301 case NID_aes_192_cfb8: 302 case NID_aes_192_cfb1: 303 304 return NID_aes_192_cfb128; 305 306 case NID_aes_256_cfb128: 307 case NID_aes_256_cfb8: 308 case NID_aes_256_cfb1: 309 310 return NID_aes_256_cfb128; 311 312 case NID_des_cfb64: 313 case NID_des_cfb8: 314 case NID_des_cfb1: 315 316 return NID_des_cfb64; 317 318 case NID_des_ede3_cfb64: 319 case NID_des_ede3_cfb8: 320 case NID_des_ede3_cfb1: 321 322 return NID_des_cfb64; 323 324 default: 325#ifdef FIPS_MODULE 326 return NID_undef; 327#else 328 { 329 /* Check it has an OID and it is valid */ 330 ASN1_OBJECT *otmp = OBJ_nid2obj(nid); 331 332 if (OBJ_get0_data(otmp) == NULL) 333 nid = NID_undef; 334 ASN1_OBJECT_free(otmp); 335 return nid; 336 } 337#endif 338 } 339} 340 341int evp_cipher_cache_constants(EVP_CIPHER *cipher) 342{ 343 int ok, aead = 0, custom_iv = 0, cts = 0, multiblock = 0, randkey = 0; 344 size_t ivlen = 0; 345 size_t blksz = 0; 346 size_t keylen = 0; 347 unsigned int mode = 0; 348 OSSL_PARAM params[10]; 349 350 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz); 351 params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen); 352 params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen); 353 params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode); 354 params[4] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_AEAD, &aead); 355 params[5] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CUSTOM_IV, 356 &custom_iv); 357 params[6] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CTS, &cts); 358 params[7] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK, 359 &multiblock); 360 params[8] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY, 361 &randkey); 362 params[9] = OSSL_PARAM_construct_end(); 363 ok = evp_do_ciph_getparams(cipher, params) > 0; 364 if (ok) { 365 cipher->block_size = blksz; 366 cipher->iv_len = ivlen; 367 cipher->key_len = keylen; 368 cipher->flags = mode; 369 if (aead) 370 cipher->flags |= EVP_CIPH_FLAG_AEAD_CIPHER; 371 if (custom_iv) 372 cipher->flags |= EVP_CIPH_CUSTOM_IV; 373 if (cts) 374 cipher->flags |= EVP_CIPH_FLAG_CTS; 375 if (multiblock) 376 cipher->flags |= EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK; 377 if (cipher->ccipher != NULL) 378 cipher->flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER; 379 if (randkey) 380 cipher->flags |= EVP_CIPH_RAND_KEY; 381 if (OSSL_PARAM_locate_const(EVP_CIPHER_gettable_ctx_params(cipher), 382 OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS)) 383 cipher->flags |= EVP_CIPH_FLAG_CUSTOM_ASN1; 384 } 385 return ok; 386} 387 388int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher) 389{ 390 return cipher->block_size; 391} 392 393int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx) 394{ 395 return EVP_CIPHER_get_block_size(ctx->cipher); 396} 397 398int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e) 399{ 400 return e->ctx_size; 401} 402 403int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 404 const unsigned char *in, unsigned int inl) 405{ 406 if (ctx->cipher->prov != NULL) { 407 /* 408 * If the provided implementation has a ccipher function, we use it, 409 * and translate its return value like this: 0 => -1, 1 => outlen 410 * 411 * Otherwise, we call the cupdate function if in != NULL, or cfinal 412 * if in == NULL. Regardless of which, we return what we got. 413 */ 414 int ret = -1; 415 size_t outl = 0; 416 size_t blocksize = EVP_CIPHER_CTX_get_block_size(ctx); 417 418 if (ctx->cipher->ccipher != NULL) 419 ret = ctx->cipher->ccipher(ctx->algctx, out, &outl, 420 inl + (blocksize == 1 ? 0 : blocksize), 421 in, (size_t)inl) 422 ? (int)outl : -1; 423 else if (in != NULL) 424 ret = ctx->cipher->cupdate(ctx->algctx, out, &outl, 425 inl + (blocksize == 1 ? 0 : blocksize), 426 in, (size_t)inl); 427 else 428 ret = ctx->cipher->cfinal(ctx->algctx, out, &outl, 429 blocksize == 1 ? 0 : blocksize); 430 431 return ret; 432 } 433 434 return ctx->cipher->do_cipher(ctx, out, in, inl); 435} 436 437#ifndef OPENSSL_NO_DEPRECATED_3_0 438const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) 439{ 440 if (ctx == NULL) 441 return NULL; 442 return ctx->cipher; 443} 444#endif 445 446const EVP_CIPHER *EVP_CIPHER_CTX_get0_cipher(const EVP_CIPHER_CTX *ctx) 447{ 448 if (ctx == NULL) 449 return NULL; 450 return ctx->cipher; 451} 452 453EVP_CIPHER *EVP_CIPHER_CTX_get1_cipher(EVP_CIPHER_CTX *ctx) 454{ 455 EVP_CIPHER *cipher; 456 457 if (ctx == NULL) 458 return NULL; 459 cipher = (EVP_CIPHER *)ctx->cipher; 460 if (!EVP_CIPHER_up_ref(cipher)) 461 return NULL; 462 return cipher; 463} 464 465int EVP_CIPHER_CTX_is_encrypting(const EVP_CIPHER_CTX *ctx) 466{ 467 return ctx->encrypt; 468} 469 470unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher) 471{ 472 return cipher->flags; 473} 474 475void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) 476{ 477 return ctx->app_data; 478} 479 480void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data) 481{ 482 ctx->app_data = data; 483} 484 485void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx) 486{ 487 return ctx->cipher_data; 488} 489 490void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data) 491{ 492 void *old_cipher_data; 493 494 old_cipher_data = ctx->cipher_data; 495 ctx->cipher_data = cipher_data; 496 497 return old_cipher_data; 498} 499 500int EVP_CIPHER_get_iv_length(const EVP_CIPHER *cipher) 501{ 502 return cipher->iv_len; 503} 504 505int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx) 506{ 507 if (ctx->iv_len < 0) { 508 int rv, len = EVP_CIPHER_get_iv_length(ctx->cipher); 509 size_t v = len; 510 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 511 512 if (ctx->cipher->get_ctx_params != NULL) { 513 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, 514 &v); 515 rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 516 if (rv > 0) { 517 if (OSSL_PARAM_modified(params) 518 && !OSSL_PARAM_get_int(params, &len)) 519 return -1; 520 } else if (rv != EVP_CTRL_RET_UNSUPPORTED) { 521 return -1; 522 } 523 } 524 /* Code below to be removed when legacy support is dropped. */ 525 else if ((EVP_CIPHER_get_flags(ctx->cipher) 526 & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) { 527 rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN, 528 0, &len); 529 if (rv <= 0) 530 return -1; 531 } 532 /*- 533 * Casting away the const is annoying but required here. We need to 534 * cache the result for performance reasons. 535 */ 536 ((EVP_CIPHER_CTX *)ctx)->iv_len = len; 537 } 538 return ctx->iv_len; 539} 540 541int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx) 542{ 543 int ret; 544 size_t v = 0; 545 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 546 547 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v); 548 ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 549 return ret == 1 ? (int)v : 0; 550} 551 552#ifndef OPENSSL_NO_DEPRECATED_3_0 553const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) 554{ 555 int ok; 556 const unsigned char *v = ctx->oiv; 557 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 558 559 params[0] = 560 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, 561 (void **)&v, sizeof(ctx->oiv)); 562 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 563 564 return ok != 0 ? v : NULL; 565} 566 567/* 568 * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider 569 */ 570const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx) 571{ 572 int ok; 573 const unsigned char *v = ctx->iv; 574 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 575 576 params[0] = 577 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV, 578 (void **)&v, sizeof(ctx->iv)); 579 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 580 581 return ok != 0 ? v : NULL; 582} 583 584unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx) 585{ 586 int ok; 587 unsigned char *v = ctx->iv; 588 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 589 590 params[0] = 591 OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV, 592 (void **)&v, sizeof(ctx->iv)); 593 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 594 595 return ok != 0 ? v : NULL; 596} 597#endif /* OPENSSL_NO_DEPRECATED_3_0_0 */ 598 599int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len) 600{ 601 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 602 603 params[0] = 604 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len); 605 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0; 606} 607 608int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len) 609{ 610 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 611 612 params[0] = 613 OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len); 614 return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0; 615} 616 617unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx) 618{ 619 return ctx->buf; 620} 621 622int EVP_CIPHER_CTX_get_num(const EVP_CIPHER_CTX *ctx) 623{ 624 int ok; 625 unsigned int v = (unsigned int)ctx->num; 626 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 627 628 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v); 629 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 630 631 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; 632} 633 634int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) 635{ 636 int ok; 637 unsigned int n = (unsigned int)num; 638 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 639 640 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n); 641 ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); 642 643 if (ok != 0) 644 ctx->num = (int)n; 645 return ok != 0; 646} 647 648int EVP_CIPHER_get_key_length(const EVP_CIPHER *cipher) 649{ 650 return cipher->key_len; 651} 652 653int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx) 654{ 655 int ok; 656 size_t v = ctx->key_len; 657 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 658 659 params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v); 660 ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); 661 662 return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; 663} 664 665int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher) 666{ 667 return cipher->nid; 668} 669 670int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx) 671{ 672 return ctx->cipher->nid; 673} 674 675int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name) 676{ 677 if (cipher == NULL) 678 return 0; 679 if (cipher->prov != NULL) 680 return evp_is_a(cipher->prov, cipher->name_id, NULL, name); 681 return evp_is_a(NULL, 0, EVP_CIPHER_get0_name(cipher), name); 682} 683 684int evp_cipher_get_number(const EVP_CIPHER *cipher) 685{ 686 return cipher->name_id; 687} 688 689const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher) 690{ 691 if (cipher->type_name != NULL) 692 return cipher->type_name; 693#ifndef FIPS_MODULE 694 return OBJ_nid2sn(EVP_CIPHER_get_nid(cipher)); 695#else 696 return NULL; 697#endif 698} 699 700const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher) 701{ 702 if (cipher->description != NULL) 703 return cipher->description; 704#ifndef FIPS_MODULE 705 return OBJ_nid2ln(EVP_CIPHER_get_nid(cipher)); 706#else 707 return NULL; 708#endif 709} 710 711int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, 712 void (*fn)(const char *name, void *data), 713 void *data) 714{ 715 if (cipher->prov != NULL) 716 return evp_names_do_all(cipher->prov, cipher->name_id, fn, data); 717 718 return 1; 719} 720 721const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher) 722{ 723 return cipher->prov; 724} 725 726int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher) 727{ 728 return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE; 729} 730 731int EVP_MD_is_a(const EVP_MD *md, const char *name) 732{ 733 if (md == NULL) 734 return 0; 735 if (md->prov != NULL) 736 return evp_is_a(md->prov, md->name_id, NULL, name); 737 return evp_is_a(NULL, 0, EVP_MD_get0_name(md), name); 738} 739 740int evp_md_get_number(const EVP_MD *md) 741{ 742 return md->name_id; 743} 744 745const char *EVP_MD_get0_description(const EVP_MD *md) 746{ 747 if (md->description != NULL) 748 return md->description; 749#ifndef FIPS_MODULE 750 return OBJ_nid2ln(EVP_MD_nid(md)); 751#else 752 return NULL; 753#endif 754} 755 756const char *EVP_MD_get0_name(const EVP_MD *md) 757{ 758 if (md == NULL) 759 return NULL; 760 if (md->type_name != NULL) 761 return md->type_name; 762#ifndef FIPS_MODULE 763 return OBJ_nid2sn(EVP_MD_nid(md)); 764#else 765 return NULL; 766#endif 767} 768 769int EVP_MD_names_do_all(const EVP_MD *md, 770 void (*fn)(const char *name, void *data), 771 void *data) 772{ 773 if (md->prov != NULL) 774 return evp_names_do_all(md->prov, md->name_id, fn, data); 775 776 return 1; 777} 778 779const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md) 780{ 781 return md->prov; 782} 783 784int EVP_MD_get_type(const EVP_MD *md) 785{ 786 return md->type; 787} 788 789int EVP_MD_get_pkey_type(const EVP_MD *md) 790{ 791 return md->pkey_type; 792} 793 794int EVP_MD_get_block_size(const EVP_MD *md) 795{ 796 if (md == NULL) { 797 ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL); 798 return -1; 799 } 800 return md->block_size; 801} 802 803int EVP_MD_get_size(const EVP_MD *md) 804{ 805 if (md == NULL) { 806 ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL); 807 return -1; 808 } 809 return md->md_size; 810} 811 812unsigned long EVP_MD_get_flags(const EVP_MD *md) 813{ 814 return md->flags; 815} 816 817EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type) 818{ 819 EVP_MD *md = evp_md_new(); 820 821 if (md != NULL) { 822 md->type = md_type; 823 md->pkey_type = pkey_type; 824 md->origin = EVP_ORIG_METH; 825 } 826 return md; 827} 828 829EVP_MD *EVP_MD_meth_dup(const EVP_MD *md) 830{ 831 EVP_MD *to = NULL; 832 833 /* 834 * Non-legacy EVP_MDs can't be duplicated like this. 835 * Use EVP_MD_up_ref() instead. 836 */ 837 if (md->prov != NULL) 838 return NULL; 839 840 if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) { 841 CRYPTO_RWLOCK *lock = to->lock; 842 843 memcpy(to, md, sizeof(*to)); 844 to->lock = lock; 845 to->origin = EVP_ORIG_METH; 846 } 847 return to; 848} 849 850void evp_md_free_int(EVP_MD *md) 851{ 852 OPENSSL_free(md->type_name); 853 ossl_provider_free(md->prov); 854 CRYPTO_THREAD_lock_free(md->lock); 855 OPENSSL_free(md); 856} 857 858void EVP_MD_meth_free(EVP_MD *md) 859{ 860 if (md == NULL || md->origin != EVP_ORIG_METH) 861 return; 862 863 evp_md_free_int(md); 864} 865 866int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize) 867{ 868 if (md->block_size != 0) 869 return 0; 870 871 md->block_size = blocksize; 872 return 1; 873} 874int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize) 875{ 876 if (md->md_size != 0) 877 return 0; 878 879 md->md_size = resultsize; 880 return 1; 881} 882int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize) 883{ 884 if (md->ctx_size != 0) 885 return 0; 886 887 md->ctx_size = datasize; 888 return 1; 889} 890int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags) 891{ 892 if (md->flags != 0) 893 return 0; 894 895 md->flags = flags; 896 return 1; 897} 898int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx)) 899{ 900 if (md->init != NULL) 901 return 0; 902 903 md->init = init; 904 return 1; 905} 906int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx, 907 const void *data, 908 size_t count)) 909{ 910 if (md->update != NULL) 911 return 0; 912 913 md->update = update; 914 return 1; 915} 916int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx, 917 unsigned char *md)) 918{ 919 if (md->final != NULL) 920 return 0; 921 922 md->final = final; 923 return 1; 924} 925int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to, 926 const EVP_MD_CTX *from)) 927{ 928 if (md->copy != NULL) 929 return 0; 930 931 md->copy = copy; 932 return 1; 933} 934int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx)) 935{ 936 if (md->cleanup != NULL) 937 return 0; 938 939 md->cleanup = cleanup; 940 return 1; 941} 942int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd, 943 int p1, void *p2)) 944{ 945 if (md->md_ctrl != NULL) 946 return 0; 947 948 md->md_ctrl = ctrl; 949 return 1; 950} 951 952int EVP_MD_meth_get_input_blocksize(const EVP_MD *md) 953{ 954 return md->block_size; 955} 956int EVP_MD_meth_get_result_size(const EVP_MD *md) 957{ 958 return md->md_size; 959} 960int EVP_MD_meth_get_app_datasize(const EVP_MD *md) 961{ 962 return md->ctx_size; 963} 964unsigned long EVP_MD_meth_get_flags(const EVP_MD *md) 965{ 966 return md->flags; 967} 968int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx) 969{ 970 return md->init; 971} 972int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx, 973 const void *data, 974 size_t count) 975{ 976 return md->update; 977} 978int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx, 979 unsigned char *md) 980{ 981 return md->final; 982} 983int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to, 984 const EVP_MD_CTX *from) 985{ 986 return md->copy; 987} 988int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx) 989{ 990 return md->cleanup; 991} 992int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, 993 int p1, void *p2) 994{ 995 return md->md_ctrl; 996} 997 998#ifndef OPENSSL_NO_DEPRECATED_3_0 999const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) 1000{ 1001 if (ctx == NULL) 1002 return NULL; 1003 return ctx->reqdigest; 1004} 1005#endif 1006 1007const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx) 1008{ 1009 if (ctx == NULL) 1010 return NULL; 1011 return ctx->reqdigest; 1012} 1013 1014EVP_MD *EVP_MD_CTX_get1_md(EVP_MD_CTX *ctx) 1015{ 1016 EVP_MD *md; 1017 1018 if (ctx == NULL) 1019 return NULL; 1020 md = (EVP_MD *)ctx->reqdigest; 1021 if (md == NULL || !EVP_MD_up_ref(md)) 1022 return NULL; 1023 return md; 1024} 1025 1026EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(const EVP_MD_CTX *ctx) 1027{ 1028 return ctx->pctx; 1029} 1030 1031#if !defined(FIPS_MODULE) 1032void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx) 1033{ 1034 /* 1035 * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so 1036 * we have to deal with the cleanup job here. 1037 */ 1038 if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX)) 1039 EVP_PKEY_CTX_free(ctx->pctx); 1040 1041 ctx->pctx = pctx; 1042 1043 if (pctx != NULL) { 1044 /* make sure pctx is not freed when destroying EVP_MD_CTX */ 1045 EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); 1046 } else { 1047 EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX); 1048 } 1049} 1050#endif /* !defined(FIPS_MODULE) */ 1051 1052void *EVP_MD_CTX_get0_md_data(const EVP_MD_CTX *ctx) 1053{ 1054 return ctx->md_data; 1055} 1056 1057int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, 1058 const void *data, size_t count) 1059{ 1060 return ctx->update; 1061} 1062 1063void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx, 1064 int (*update) (EVP_MD_CTX *ctx, 1065 const void *data, size_t count)) 1066{ 1067 ctx->update = update; 1068} 1069 1070void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags) 1071{ 1072 ctx->flags |= flags; 1073} 1074 1075void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags) 1076{ 1077 ctx->flags &= ~flags; 1078} 1079 1080int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) 1081{ 1082 return (ctx->flags & flags); 1083} 1084 1085static int evp_cipher_ctx_enable_use_bits(EVP_CIPHER_CTX *ctx, 1086 unsigned int enable) 1087{ 1088 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 1089 1090 params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_USE_BITS, &enable); 1091 return EVP_CIPHER_CTX_set_params(ctx, params); 1092} 1093 1094void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags) 1095{ 1096 int oldflags = ctx->flags; 1097 1098 ctx->flags |= flags; 1099 if (((oldflags ^ ctx->flags) & EVP_CIPH_FLAG_LENGTH_BITS) != 0) 1100 evp_cipher_ctx_enable_use_bits(ctx, 1); 1101} 1102 1103void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags) 1104{ 1105 int oldflags = ctx->flags; 1106 1107 ctx->flags &= ~flags; 1108 if (((oldflags ^ ctx->flags) & EVP_CIPH_FLAG_LENGTH_BITS) != 0) 1109 evp_cipher_ctx_enable_use_bits(ctx, 0); 1110} 1111 1112int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) 1113{ 1114 return (ctx->flags & flags); 1115} 1116 1117#if !defined(FIPS_MODULE) 1118 1119int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name) 1120{ 1121 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 1122 1123 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) { 1124 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 1125 /* Uses the same return values as EVP_PKEY_CTX_ctrl */ 1126 return -2; 1127 } 1128 1129 if (name == NULL) 1130 return -1; 1131 1132 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, 1133 (char *)name, 0); 1134 return EVP_PKEY_CTX_set_params(ctx, params); 1135} 1136 1137int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen) 1138{ 1139 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 1140 OSSL_PARAM *p = params; 1141 1142 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) { 1143 /* There is no legacy support for this */ 1144 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); 1145 /* Uses the same return values as EVP_PKEY_CTX_ctrl */ 1146 return -2; 1147 } 1148 1149 if (name == NULL) 1150 return -1; 1151 1152 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, 1153 name, namelen); 1154 if (!EVP_PKEY_CTX_get_params(ctx, params)) 1155 return -1; 1156 return 1; 1157} 1158 1159/* 1160 * evp_pkey_keygen() abstracts from the explicit use of B<EVP_PKEY_CTX> 1161 * while providing a generic way of generating a new asymmetric key pair 1162 * of algorithm type I<name> (e.g., C<RSA> or C<EC>). 1163 * The library context I<libctx> and property query I<propq> 1164 * are used when fetching algorithms from providers. 1165 * The I<params> specify algorithm-specific parameters 1166 * such as the RSA modulus size or the name of an EC curve. 1167 */ 1168static EVP_PKEY *evp_pkey_keygen(OSSL_LIB_CTX *libctx, const char *name, 1169 const char *propq, const OSSL_PARAM *params) 1170{ 1171 EVP_PKEY *pkey = NULL; 1172 EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(libctx, name, propq); 1173 1174 if (ctx != NULL 1175 && EVP_PKEY_keygen_init(ctx) > 0 1176 && EVP_PKEY_CTX_set_params(ctx, params)) 1177 (void)EVP_PKEY_generate(ctx, &pkey); 1178 1179 EVP_PKEY_CTX_free(ctx); 1180 return pkey; 1181} 1182 1183EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq, 1184 const char *type, ...) 1185{ 1186 va_list args; 1187 size_t bits; 1188 char *name; 1189 OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; 1190 EVP_PKEY *ret = NULL; 1191 1192 va_start(args, type); 1193 1194 if (OPENSSL_strcasecmp(type, "RSA") == 0) { 1195 bits = va_arg(args, size_t); 1196 params[0] = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_RSA_BITS, &bits); 1197 } else if (OPENSSL_strcasecmp(type, "EC") == 0) { 1198 name = va_arg(args, char *); 1199 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, 1200 name, 0); 1201 } else if (OPENSSL_strcasecmp(type, "ED25519") != 0 1202 && OPENSSL_strcasecmp(type, "X25519") != 0 1203 && OPENSSL_strcasecmp(type, "ED448") != 0 1204 && OPENSSL_strcasecmp(type, "X448") != 0 1205 && OPENSSL_strcasecmp(type, "SM2") != 0) { 1206 ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT); 1207 goto end; 1208 } 1209 ret = evp_pkey_keygen(libctx, type, propq, params); 1210 1211 end: 1212 va_end(args); 1213 return ret; 1214} 1215 1216#endif /* !defined(FIPS_MODULE) */ 1217