ciphercommon.c@ 104285

最後變更在這個檔案從104285是 104078,由 vboxsync 提交於 11 月前
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
檔案大小: 22.3 KB

行
1	/*
2	* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	/*
11	* Generic dispatch table functions for ciphers.
12	*/
13
14	/* For SSL3_VERSION */
15	#include <openssl/prov_ssl.h>
16	#include <openssl/proverr.h>
17	#include "ciphercommon_local.h"
18	#include "prov/provider_ctx.h"
19	#include "prov/providercommon.h"
20
21	/*-
22	* Generic cipher functions for OSSL_PARAM gettables and settables
23	*/
24	static const OSSL_PARAM cipher_known_gettable_params[] = {
25	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL),
26	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
27	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
28	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL),
29	OSSL_PARAM_int(OSSL_CIPHER_PARAM_AEAD, NULL),
30	OSSL_PARAM_int(OSSL_CIPHER_PARAM_CUSTOM_IV, NULL),
31	OSSL_PARAM_int(OSSL_CIPHER_PARAM_CTS, NULL),
32	OSSL_PARAM_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK, NULL),
33	OSSL_PARAM_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY, NULL),
34	OSSL_PARAM_END
35	};
36	const OSSL_PARAM ossl_cipher_generic_gettable_params(ossl_unused void provctx)
37	{
38	return cipher_known_gettable_params;
39	}
40
41	int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md,
42	uint64_t flags,
43	size_t kbits, size_t blkbits, size_t ivbits)
44	{
45	OSSL_PARAM *p;
46
47	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE);
48	if (p != NULL && !OSSL_PARAM_set_uint(p, md)) {
49	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
50	return 0;
51	}
52	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD);
53	if (p != NULL
54	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_AEAD) != 0)) {
55	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
56	return 0;
57	}
58	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CUSTOM_IV);
59	if (p != NULL
60	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CUSTOM_IV) != 0)) {
61	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
62	return 0;
63	}
64	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CTS);
65	if (p != NULL
66	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CTS) != 0)) {
67	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
68	return 0;
69	}
70	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK);
71	if (p != NULL
72	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_TLS1_MULTIBLOCK) != 0)) {
73	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
74	return 0;
75	}
76	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_HAS_RAND_KEY);
77	if (p != NULL
78	&& !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_RAND_KEY) != 0)) {
79	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
80	return 0;
81	}
82	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
83	if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) {
84	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
85	return 0;
86	}
87	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE);
88	if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) {
89	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
90	return 0;
91	}
92	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
93	if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) {
94	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
95	return 0;
96	}
97	return 1;
98	}
99
100	CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic)
101	{ OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED },
102	CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic)
103
104	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic)
105	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL),
106	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL),
107	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL),
108	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic)
109
110	/*
111	* Variable key length cipher functions for OSSL_PARAM settables
112	*/
113	int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[])
114	{
115	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
116	const OSSL_PARAM *p;
117
118	if (params == NULL)
119	return 1;
120
121	if (!ossl_cipher_generic_set_ctx_params(vctx, params))
122	return 0;
123	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
124	if (p != NULL) {
125	size_t keylen;
126
127	if (!OSSL_PARAM_get_size_t(p, &keylen)) {
128	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
129	return 0;
130	}
131	if (ctx->keylen != keylen) {
132	ctx->keylen = keylen;
133	ctx->key_set = 0;
134	}
135	}
136	return 1;
137	}
138
139	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen)
140	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
141	CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen)
142
143	/*-
144	* AEAD cipher functions for OSSL_PARAM gettables and settables
145	*/
146	static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = {
147	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
148	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
149	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL),
150	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
151	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0),
152	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
153	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
154	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0),
155	OSSL_PARAM_END
156	};
157	const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params(
158	ossl_unused void cctx, ossl_unused void provctx
159	)
160	{
161	return cipher_aead_known_gettable_ctx_params;
162	}
163
164	static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = {
165	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL),
166	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
167	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
168	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0),
169	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0),
170	OSSL_PARAM_END
171	};
172	const OSSL_PARAM *ossl_cipher_aead_settable_ctx_params(
173	ossl_unused void cctx, ossl_unused void provctx
174	)
175	{
176	return cipher_aead_known_settable_ctx_params;
177	}
178
179	void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx)
180	{
181	if (ctx != NULL && ctx->alloced) {
182	OPENSSL_free(ctx->tlsmac);
183	ctx->alloced = 0;
184	ctx->tlsmac = NULL;
185	}
186	}
187
188	static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx,
189	const unsigned char *key, size_t keylen,
190	const unsigned char *iv, size_t ivlen,
191	const OSSL_PARAM params[], int enc)
192	{
193	ctx->num = 0;
194	ctx->bufsz = 0;
195	ctx->updated = 0;
196	ctx->enc = enc ? 1 : 0;
197
198	if (!ossl_prov_is_running())
199	return 0;
200
201	if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) {
202	if (!ossl_cipher_generic_initiv(ctx, iv, ivlen))
203	return 0;
204	}
205	if (iv == NULL && ctx->iv_set
206	&& (ctx->mode == EVP_CIPH_CBC_MODE
207	\|\| ctx->mode == EVP_CIPH_CFB_MODE
208	\|\| ctx->mode == EVP_CIPH_OFB_MODE))
209	/* reset IV for these modes to keep compatibility with 1.1.1 */
210	memcpy(ctx->iv, ctx->oiv, ctx->ivlen);
211
212	if (key != NULL) {
213	if (ctx->variable_keylength == 0) {
214	if (keylen != ctx->keylen) {
215	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
216	return 0;
217	}
218	} else {
219	ctx->keylen = keylen;
220	}
221	if (!ctx->hw->init(ctx, key, ctx->keylen))
222	return 0;
223	ctx->key_set = 1;
224	}
225	return ossl_cipher_generic_set_ctx_params(ctx, params);
226	}
227
228	int ossl_cipher_generic_einit(void vctx, const unsigned char key,
229	size_t keylen, const unsigned char *iv,
230	size_t ivlen, const OSSL_PARAM params[])
231	{
232	return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen,
233	iv, ivlen, params, 1);
234	}
235
236	int ossl_cipher_generic_dinit(void vctx, const unsigned char key,
237	size_t keylen, const unsigned char *iv,
238	size_t ivlen, const OSSL_PARAM params[])
239	{
240	return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen,
241	iv, ivlen, params, 0);
242	}
243
244	/* Max padding including padding length byte */
245	#define MAX_PADDING 256
246
247	int ossl_cipher_generic_block_update(void vctx, unsigned char out,
248	size_t *outl, size_t outsize,
249	const unsigned char *in, size_t inl)
250	{
251	size_t outlint = 0;
252	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
253	size_t blksz = ctx->blocksize;
254	size_t nextblocks;
255
256	if (!ctx->key_set) {
257	ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
258	return 0;
259	}
260
261	if (ctx->tlsversion > 0) {
262	/*
263	* Each update call corresponds to a TLS record and is individually
264	* padded
265	*/
266
267	/* Sanity check inputs */
268	if (in == NULL
269	\|\| in != out
270	\|\| outsize < inl
271	\|\| !ctx->pad) {
272	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
273	return 0;
274	}
275
276	if (ctx->enc) {
277	unsigned char padval;
278	size_t padnum, loop;
279
280	/* Add padding */
281
282	padnum = blksz - (inl % blksz);
283
284	if (outsize < inl + padnum) {
285	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
286	return 0;
287	}
288
289	if (padnum > MAX_PADDING) {
290	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
291	return 0;
292	}
293	padval = (unsigned char)(padnum - 1);
294	if (ctx->tlsversion == SSL3_VERSION) {
295	if (padnum > 1)
296	memset(out + inl, 0, padnum - 1);
297	*(out + inl + padnum - 1) = padval;
298	} else {
299	/* we need to add 'padnum' padding bytes of value padval */
300	for (loop = inl; loop < inl + padnum; loop++)
301	out[loop] = padval;
302	}
303	inl += padnum;
304	}
305
306	if ((inl % blksz) != 0) {
307	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
308	return 0;
309	}
310
311
312	/* Shouldn't normally fail */
313	if (!ctx->hw->cipher(ctx, out, in, inl)) {
314	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
315	return 0;
316	}
317
318	if (ctx->alloced) {
319	OPENSSL_free(ctx->tlsmac);
320	ctx->alloced = 0;
321	ctx->tlsmac = NULL;
322	}
323
324	/* This only fails if padding is publicly invalid */
325	*outl = inl;
326	if (!ctx->enc
327	&& !ossl_cipher_tlsunpadblock(ctx->libctx, ctx->tlsversion,
328	out, outl,
329	blksz, &ctx->tlsmac, &ctx->alloced,
330	ctx->tlsmacsize, 0)) {
331	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
332	return 0;
333	}
334	return 1;
335	}
336
337	if (ctx->bufsz != 0)
338	nextblocks = ossl_cipher_fillblock(ctx->buf, &ctx->bufsz, blksz,
339	&in, &inl);
340	else
341	nextblocks = inl & ~(blksz-1);
342
343	/*
344	* If we're decrypting and we end an update on a block boundary we hold
345	* the last block back in case this is the last update call and the last
346	* block is padded.
347	*/
348	if (ctx->bufsz == blksz && (ctx->enc \|\| inl > 0 \|\| !ctx->pad)) {
349	if (outsize < blksz) {
350	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
351	return 0;
352	}
353	if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
354	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
355	return 0;
356	}
357	ctx->bufsz = 0;
358	outlint = blksz;
359	out += blksz;
360	}
361	if (nextblocks > 0) {
362	if (!ctx->enc && ctx->pad && nextblocks == inl) {
363	if (!ossl_assert(inl >= blksz)) {
364	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
365	return 0;
366	}
367	nextblocks -= blksz;
368	}
369	outlint += nextblocks;
370	if (outsize < outlint) {
371	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
372	return 0;
373	}
374	}
375	if (nextblocks > 0) {
376	if (!ctx->hw->cipher(ctx, out, in, nextblocks)) {
377	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
378	return 0;
379	}
380	in += nextblocks;
381	inl -= nextblocks;
382	}
383	if (inl != 0
384	&& !ossl_cipher_trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) {
385	/* ERR_raise already called */
386	return 0;
387	}
388
389	*outl = outlint;
390	return inl == 0;
391	}
392
393	int ossl_cipher_generic_block_final(void vctx, unsigned char out,
394	size_t *outl, size_t outsize)
395	{
396	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
397	size_t blksz = ctx->blocksize;
398
399	if (!ossl_prov_is_running())
400	return 0;
401
402	if (!ctx->key_set) {
403	ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
404	return 0;
405	}
406
407	if (ctx->tlsversion > 0) {
408	/* We never finalize TLS, so this is an error */
409	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
410	return 0;
411	}
412
413	if (ctx->enc) {
414	if (ctx->pad) {
415	ossl_cipher_padblock(ctx->buf, &ctx->bufsz, blksz);
416	} else if (ctx->bufsz == 0) {
417	*outl = 0;
418	return 1;
419	} else if (ctx->bufsz != blksz) {
420	ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
421	return 0;
422	}
423
424	if (outsize < blksz) {
425	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
426	return 0;
427	}
428	if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) {
429	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
430	return 0;
431	}
432	ctx->bufsz = 0;
433	*outl = blksz;
434	return 1;
435	}
436
437	/* Decrypting */
438	if (ctx->bufsz != blksz) {
439	if (ctx->bufsz == 0 && !ctx->pad) {
440	*outl = 0;
441	return 1;
442	}
443	ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
444	return 0;
445	}
446
447	if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) {
448	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
449	return 0;
450	}
451
452	if (ctx->pad && !ossl_cipher_unpadblock(ctx->buf, &ctx->bufsz, blksz)) {
453	/* ERR_raise already called */
454	return 0;
455	}
456
457	if (outsize < ctx->bufsz) {
458	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
459	return 0;
460	}
461	memcpy(out, ctx->buf, ctx->bufsz);
462	*outl = ctx->bufsz;
463	ctx->bufsz = 0;
464	return 1;
465	}
466
467	int ossl_cipher_generic_stream_update(void vctx, unsigned char out,
468	size_t *outl, size_t outsize,
469	const unsigned char *in, size_t inl)
470	{
471	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
472
473	if (!ctx->key_set) {
474	ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
475	return 0;
476	}
477
478	if (inl == 0) {
479	*outl = 0;
480	return 1;
481	}
482
483	if (outsize < inl) {
484	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
485	return 0;
486	}
487
488	if (!ctx->hw->cipher(ctx, out, in, inl)) {
489	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
490	return 0;
491	}
492
493	*outl = inl;
494	if (!ctx->enc && ctx->tlsversion > 0) {
495	/*
496	* Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and
497	* cipher_aes_cbc_hmac_sha256_hw.c
498	*/
499	if (ctx->removetlspad) {
500	/*
501	* We should have already failed in the cipher() call above if this
502	* isn't true.
503	*/
504	if (!ossl_assert(*outl >= (size_t)(out[inl - 1] + 1)))
505	return 0;
506	/* The actual padding length */
507	*outl -= out[inl - 1] + 1;
508	}
509
510	/* TLS MAC and explicit IV if relevant. We should have already failed
511	* in the cipher() call above if *outl is too short.
512	*/
513	if (!ossl_assert(*outl >= ctx->removetlsfixed))
514	return 0;
515	*outl -= ctx->removetlsfixed;
516
517	/* Extract the MAC if there is one */
518	if (ctx->tlsmacsize > 0) {
519	if (*outl < ctx->tlsmacsize)
520	return 0;
521
522	ctx->tlsmac = out + *outl - ctx->tlsmacsize;
523	*outl -= ctx->tlsmacsize;
524	}
525	}
526
527	return 1;
528	}
529	int ossl_cipher_generic_stream_final(void vctx, unsigned char out,
530	size_t *outl, size_t outsize)
531	{
532	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
533
534	if (!ossl_prov_is_running())
535	return 0;
536
537	if (!ctx->key_set) {
538	ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
539	return 0;
540	}
541
542	*outl = 0;
543	return 1;
544	}
545
546	int ossl_cipher_generic_cipher(void vctx, unsigned char out, size_t *outl,
547	size_t outsize, const unsigned char *in,
548	size_t inl)
549	{
550	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
551
552	if (!ossl_prov_is_running())
553	return 0;
554
555	if (!ctx->key_set) {
556	ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
557	return 0;
558	}
559
560	if (outsize < inl) {
561	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
562	return 0;
563	}
564
565	if (!ctx->hw->cipher(ctx, out, in, inl)) {
566	ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED);
567	return 0;
568	}
569
570	*outl = inl;
571	return 1;
572	}
573
574	int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[])
575	{
576	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
577	OSSL_PARAM *p;
578
579	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
580	if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) {
581	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
582	return 0;
583	}
584	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
585	if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) {
586	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
587	return 0;
588	}
589	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
590	if (p != NULL
591	&& !OSSL_PARAM_set_octet_ptr(p, &ctx->oiv, ctx->ivlen)
592	&& !OSSL_PARAM_set_octet_string(p, &ctx->oiv, ctx->ivlen)) {
593	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
594	return 0;
595	}
596	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV);
597	if (p != NULL
598	&& !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen)
599	&& !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) {
600	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
601	return 0;
602	}
603	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM);
604	if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) {
605	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
606	return 0;
607	}
608	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
609	if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
610	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
611	return 0;
612	}
613	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS_MAC);
614	if (p != NULL
615	&& !OSSL_PARAM_set_octet_ptr(p, ctx->tlsmac, ctx->tlsmacsize)) {
616	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
617	return 0;
618	}
619	return 1;
620	}
621
622	int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[])
623	{
624	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
625	const OSSL_PARAM *p;
626
627	if (params == NULL)
628	return 1;
629
630	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING);
631	if (p != NULL) {
632	unsigned int pad;
633
634	if (!OSSL_PARAM_get_uint(p, &pad)) {
635	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
636	return 0;
637	}
638	ctx->pad = pad ? 1 : 0;
639	}
640	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_USE_BITS);
641	if (p != NULL) {
642	unsigned int bits;
643
644	if (!OSSL_PARAM_get_uint(p, &bits)) {
645	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
646	return 0;
647	}
648	ctx->use_bits = bits ? 1 : 0;
649	}
650	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION);
651	if (p != NULL) {
652	if (!OSSL_PARAM_get_uint(p, &ctx->tlsversion)) {
653	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
654	return 0;
655	}
656	}
657	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_MAC_SIZE);
658	if (p != NULL) {
659	if (!OSSL_PARAM_get_size_t(p, &ctx->tlsmacsize)) {
660	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
661	return 0;
662	}
663	}
664	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM);
665	if (p != NULL) {
666	unsigned int num;
667
668	if (!OSSL_PARAM_get_uint(p, &num)) {
669	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
670	return 0;
671	}
672	ctx->num = num;
673	}
674	return 1;
675	}
676
677	int ossl_cipher_generic_initiv(PROV_CIPHER_CTX ctx, const unsigned char iv,
678	size_t ivlen)
679	{
680	if (ivlen != ctx->ivlen
681	\|\| ivlen > sizeof(ctx->iv)) {
682	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH);
683	return 0;
684	}
685	ctx->iv_set = 1;
686	memcpy(ctx->iv, iv, ivlen);
687	memcpy(ctx->oiv, iv, ivlen);
688	return 1;
689	}
690
691	void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
692	size_t ivbits, unsigned int mode,
693	uint64_t flags, const PROV_CIPHER_HW *hw,
694	void *provctx)
695	{
696	PROV_CIPHER_CTX ctx = (PROV_CIPHER_CTX )vctx;
697
698	if ((flags & PROV_CIPHER_FLAG_INVERSE_CIPHER) != 0)
699	ctx->inverse_cipher = 1;
700	if ((flags & PROV_CIPHER_FLAG_VARIABLE_LENGTH) != 0)
701	ctx->variable_keylength = 1;
702
703	ctx->pad = 1;
704	ctx->keylen = ((kbits) / 8);
705	ctx->ivlen = ((ivbits) / 8);
706	ctx->hw = hw;
707	ctx->mode = mode;
708	ctx->blocksize = blkbits / 8;
709	if (provctx != NULL)
710	ctx->libctx = PROV_LIBCTX_OF(provctx); /* used for rand */
711	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.1.5/providers/implementations/ciphers/ciphercommon.c@ 104285

以其他格式下載: