Coverage Report

Created: 2024-11-21 07:03

/src/openssl/crypto/evp/evp_lib.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
/*
11
 * EVP _meth_ APIs are deprecated for public use, but still ok for
12
 * internal use.
13
 */
14
#include "internal/deprecated.h"
15
16
#include <stdio.h>
17
#include <string.h>
18
#include "internal/cryptlib.h"
19
#include <openssl/evp.h>
20
#include <openssl/x509.h>
21
#include <openssl/objects.h>
22
#include <openssl/params.h>
23
#include <openssl/core_names.h>
24
#include <openssl/rsa.h>
25
#include <openssl/dh.h>
26
#include <openssl/ec.h>
27
#include "crypto/evp.h"
28
#include "crypto/cryptlib.h"
29
#include "internal/provider.h"
30
#include "evp_local.h"
31
32
#if !defined(FIPS_MODULE)
33
# include "crypto/asn1.h"
34
35
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
36
0
{
37
0
    return evp_cipher_param_to_asn1_ex(c, type, NULL);
38
0
}
39
40
int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
41
0
{
42
0
    return evp_cipher_asn1_to_param_ex(c, type, NULL);
43
0
}
44
45
int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *ctx, ASN1_TYPE *type)
46
0
{
47
0
    int i = 0;
48
0
    unsigned int l;
49
50
0
    if (type != NULL) {
51
0
        unsigned char iv[EVP_MAX_IV_LENGTH];
52
53
0
        l = EVP_CIPHER_CTX_get_iv_length(ctx);
54
0
        if (!ossl_assert(l <= sizeof(iv)))
55
0
            return -1;
56
0
        i = ASN1_TYPE_get_octetstring(type, iv, l);
57
0
        if (i != (int)l)
58
0
            return -1;
59
60
0
        if (!EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1))
61
0
            return -1;
62
0
    }
63
0
    return i;
64
0
}
65
66
int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
67
0
{
68
0
    int i = 0;
69
0
    unsigned int j;
70
0
    unsigned char *oiv = NULL;
71
72
0
    if (type != NULL) {
73
0
        oiv = (unsigned char *)EVP_CIPHER_CTX_original_iv(c);
74
0
        j = EVP_CIPHER_CTX_get_iv_length(c);
75
0
        OPENSSL_assert(j <= sizeof(c->iv));
76
0
        i = ASN1_TYPE_set_octetstring(type, oiv, j);
77
0
    }
78
0
    return i;
79
0
}
80
81
int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
82
                                evp_cipher_aead_asn1_params *asn1_params)
83
0
{
84
0
    int ret = -1;                /* Assume the worst */
85
0
    const EVP_CIPHER *cipher;
86
87
0
    if (c == NULL || c->cipher == NULL)
88
0
        goto err;
89
90
0
    cipher = c->cipher;
91
    /*
92
     * For legacy implementations, we detect custom AlgorithmIdentifier
93
     * parameter handling by checking if the function pointer
94
     * cipher->set_asn1_parameters is set.  We know that this pointer
95
     * is NULL for provided implementations.
96
     *
97
     * Otherwise, for any implementation, we check the flag
98
     * EVP_CIPH_FLAG_CUSTOM_ASN1.  If it isn't set, we apply
99
     * default AI parameter extraction.
100
     *
101
     * Otherwise, for provided implementations, we convert |type| to
102
     * a DER encoded blob and pass to the implementation in OSSL_PARAM
103
     * form.
104
     *
105
     * If none of the above applies, this operation is unsupported.
106
     */
107
0
    if (cipher->set_asn1_parameters != NULL) {
108
0
        ret = cipher->set_asn1_parameters(c, type);
109
0
    } else if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
110
0
        switch (EVP_CIPHER_get_mode(cipher)) {
111
0
        case EVP_CIPH_WRAP_MODE:
112
0
            if (EVP_CIPHER_is_a(cipher, SN_id_smime_alg_CMS3DESwrap))
113
0
                ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
114
0
            ret = 1;
115
0
            break;
116
117
0
        case EVP_CIPH_GCM_MODE:
118
0
            ret = evp_cipher_set_asn1_aead_params(c, type, asn1_params);
119
0
            break;
120
121
0
        case EVP_CIPH_CCM_MODE:
122
0
        case EVP_CIPH_XTS_MODE:
123
0
        case EVP_CIPH_OCB_MODE:
124
0
            ret = -2;
125
0
            break;
126
127
0
        default:
128
0
            ret = EVP_CIPHER_set_asn1_iv(c, type);
129
0
        }
130
0
    } else if (cipher->prov != NULL) {
131
        /* We cheat, there's no need for an object ID for this use */
132
0
        X509_ALGOR alg;
133
134
0
        alg.algorithm = NULL;
135
0
        alg.parameter = type;
136
137
0
        ret = EVP_CIPHER_CTX_get_algor_params(c, &alg);
138
0
    } else {
139
0
        ret = -2;
140
0
    }
141
142
0
 err:
143
0
    if (ret == -2)
144
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER);
145
0
    else if (ret <= 0)
146
0
        ERR_raise(ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR);
147
0
    if (ret < -1)
148
0
        ret = -1;
149
0
    return ret;
150
0
}
151
152
int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
153
                                evp_cipher_aead_asn1_params *asn1_params)
154
0
{
155
0
    int ret = -1;                /* Assume the worst */
156
0
    const EVP_CIPHER *cipher;
157
158
0
    if (c == NULL || c->cipher == NULL)
159
0
        goto err;
160
161
0
    cipher = c->cipher;
162
    /*
163
     * For legacy implementations, we detect custom AlgorithmIdentifier
164
     * parameter handling by checking if there the function pointer
165
     * cipher->get_asn1_parameters is set.  We know that this pointer
166
     * is NULL for provided implementations.
167
     *
168
     * Otherwise, for any implementation, we check the flag
169
     * EVP_CIPH_FLAG_CUSTOM_ASN1.  If it isn't set, we apply
170
     * default AI parameter creation.
171
     *
172
     * Otherwise, for provided implementations, we get the AI parameter
173
     * in DER encoded form from the implementation by requesting the
174
     * appropriate OSSL_PARAM and converting the result to a ASN1_TYPE.
175
     *
176
     * If none of the above applies, this operation is unsupported.
177
     */
178
0
    if (cipher->get_asn1_parameters != NULL) {
179
0
        ret = cipher->get_asn1_parameters(c, type);
180
0
    } else if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CUSTOM_ASN1) == 0) {
181
0
        switch (EVP_CIPHER_get_mode(cipher)) {
182
0
        case EVP_CIPH_WRAP_MODE:
183
0
            ret = 1;
184
0
            break;
185
186
0
        case EVP_CIPH_GCM_MODE:
187
0
            ret = evp_cipher_get_asn1_aead_params(c, type, asn1_params);
188
0
            break;
189
190
0
        case EVP_CIPH_CCM_MODE:
191
0
        case EVP_CIPH_XTS_MODE:
192
0
        case EVP_CIPH_OCB_MODE:
193
0
            ret = -2;
194
0
            break;
195
196
0
        default:
197
0
            ret = EVP_CIPHER_get_asn1_iv(c, type) >= 0 ? 1 : -1;
198
0
        }
199
0
    } else if (cipher->prov != NULL) {
200
        /* We cheat, there's no need for an object ID for this use */
201
0
        X509_ALGOR alg;
202
203
0
        alg.algorithm = NULL;
204
0
        alg.parameter = type;
205
206
0
        ret = EVP_CIPHER_CTX_set_algor_params(c, &alg);
207
0
    } else {
208
0
        ret = -2;
209
0
    }
210
211
0
err:
212
0
    if (ret == -2)
213
0
        ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER);
214
0
    else if (ret <= 0)
215
0
        ERR_raise(ERR_LIB_EVP, EVP_R_CIPHER_PARAMETER_ERROR);
216
0
    if (ret < -1)
217
0
        ret = -1;
218
0
    return ret;
219
0
}
220
221
int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
222
                                    evp_cipher_aead_asn1_params *asn1_params)
223
0
{
224
0
    int i = 0;
225
0
    long tl;
226
0
    unsigned char iv[EVP_MAX_IV_LENGTH];
227
228
0
    if (type == NULL || asn1_params == NULL)
229
0
        return 0;
230
231
0
    i = ossl_asn1_type_get_octetstring_int(type, &tl, NULL, EVP_MAX_IV_LENGTH);
232
0
    if (i <= 0)
233
0
        return -1;
234
0
    ossl_asn1_type_get_octetstring_int(type, &tl, iv, i);
235
236
0
    memcpy(asn1_params->iv, iv, i);
237
0
    asn1_params->iv_len = i;
238
239
0
    return i;
240
0
}
241
242
int evp_cipher_set_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
243
                                    evp_cipher_aead_asn1_params *asn1_params)
244
0
{
245
0
    if (type == NULL || asn1_params == NULL)
246
0
        return 0;
247
248
0
    return ossl_asn1_type_set_octetstring_int(type, asn1_params->tag_len,
249
0
                                              asn1_params->iv,
250
0
                                              asn1_params->iv_len);
251
0
}
252
#endif /* !defined(FIPS_MODULE) */
253
254
/* Convert the various cipher NIDs and dummies to a proper OID NID */
255
int EVP_CIPHER_get_type(const EVP_CIPHER *cipher)
256
362
{
257
362
    int nid;
258
362
    nid = EVP_CIPHER_get_nid(cipher);
259
260
362
    switch (nid) {
261
262
6
    case NID_rc2_cbc:
263
10
    case NID_rc2_64_cbc:
264
14
    case NID_rc2_40_cbc:
265
266
14
        return NID_rc2_cbc;
267
268
2
    case NID_rc4:
269
4
    case NID_rc4_40:
270
271
4
        return NID_rc4;
272
273
2
    case NID_aes_128_cfb128:
274
4
    case NID_aes_128_cfb8:
275
6
    case NID_aes_128_cfb1:
276
277
6
        return NID_aes_128_cfb128;
278
279
2
    case NID_aes_192_cfb128:
280
4
    case NID_aes_192_cfb8:
281
6
    case NID_aes_192_cfb1:
282
283
6
        return NID_aes_192_cfb128;
284
285
2
    case NID_aes_256_cfb128:
286
4
    case NID_aes_256_cfb8:
287
6
    case NID_aes_256_cfb1:
288
289
6
        return NID_aes_256_cfb128;
290
291
2
    case NID_des_cfb64:
292
4
    case NID_des_cfb8:
293
6
    case NID_des_cfb1:
294
295
6
        return NID_des_cfb64;
296
297
2
    case NID_des_ede3_cfb64:
298
4
    case NID_des_ede3_cfb8:
299
6
    case NID_des_ede3_cfb1:
300
301
6
        return NID_des_cfb64;
302
303
314
    default:
304
#ifdef FIPS_MODULE
305
        return NID_undef;
306
#else
307
314
        {
308
            /* Check it has an OID and it is valid */
309
314
            ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
310
311
314
            if (OBJ_get0_data(otmp) == NULL)
312
92
                nid = NID_undef;
313
314
            ASN1_OBJECT_free(otmp);
314
314
            return nid;
315
4
        }
316
362
#endif
317
362
    }
318
362
}
319
320
int evp_cipher_cache_constants(EVP_CIPHER *cipher)
321
256
{
322
256
    int ok, aead = 0, custom_iv = 0, cts = 0, multiblock = 0, randkey = 0;
323
256
    size_t ivlen = 0;
324
256
    size_t blksz = 0;
325
256
    size_t keylen = 0;
326
256
    unsigned int mode = 0;
327
256
    OSSL_PARAM params[10];
328
329
256
    params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, &blksz);
330
256
    params[1] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &ivlen);
331
256
    params[2] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &keylen);
332
256
    params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
333
256
    params[4] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_AEAD, &aead);
334
256
    params[5] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CUSTOM_IV,
335
256
                                         &custom_iv);
336
256
    params[6] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CTS, &cts);
337
256
    params[7] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK,
338
256
                                         &multiblock);
339
256
    params[8] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY,
340
256
                                         &randkey);
341
256
    params[9] = OSSL_PARAM_construct_end();
342
256
    ok = evp_do_ciph_getparams(cipher, params) > 0;
343
256
    if (ok) {
344
256
        cipher->block_size = blksz;
345
256
        cipher->iv_len = ivlen;
346
256
        cipher->key_len = keylen;
347
256
        cipher->flags = mode;
348
256
        if (aead)
349
52
            cipher->flags |= EVP_CIPH_FLAG_AEAD_CIPHER;
350
256
        if (custom_iv)
351
82
            cipher->flags |= EVP_CIPH_CUSTOM_IV;
352
256
        if (cts)
353
12
            cipher->flags |= EVP_CIPH_FLAG_CTS;
354
256
        if (multiblock)
355
4
            cipher->flags |= EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK;
356
256
        if (cipher->ccipher != NULL)
357
232
            cipher->flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
358
256
        if (randkey)
359
22
            cipher->flags |= EVP_CIPH_RAND_KEY;
360
256
        if (OSSL_PARAM_locate_const(EVP_CIPHER_gettable_ctx_params(cipher),
361
256
                                    OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS))
362
0
            cipher->flags |= EVP_CIPH_FLAG_CUSTOM_ASN1;
363
256
    }
364
256
    return ok;
365
256
}
366
367
int EVP_CIPHER_get_block_size(const EVP_CIPHER *cipher)
368
173k
{
369
173k
    return (cipher == NULL) ? 0 : cipher->block_size;
370
173k
}
371
372
int EVP_CIPHER_CTX_get_block_size(const EVP_CIPHER_CTX *ctx)
373
165k
{
374
165k
    return EVP_CIPHER_get_block_size(ctx->cipher);
375
165k
}
376
377
int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
378
0
{
379
0
    return e->ctx_size;
380
0
}
381
382
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
383
               const unsigned char *in, unsigned int inl)
384
16.5k
{
385
16.5k
    if (ctx == NULL || ctx->cipher == NULL)
386
0
        return 0;
387
388
16.5k
    if (ctx->cipher->prov != NULL) {
389
        /*
390
         * If the provided implementation has a ccipher function, we use it,
391
         * and translate its return value like this: 0 => -1, 1 => outlen
392
         *
393
         * Otherwise, we call the cupdate function if in != NULL, or cfinal
394
         * if in == NULL.  Regardless of which, we return what we got.
395
         */
396
16.5k
        int ret = -1;
397
16.5k
        size_t outl = 0;
398
16.5k
        size_t blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
399
400
16.5k
        if (blocksize == 0)
401
0
            return 0;
402
403
16.5k
        if (ctx->cipher->ccipher != NULL)
404
16.5k
            ret =  ctx->cipher->ccipher(ctx->algctx, out, &outl,
405
16.5k
                                        inl + (blocksize == 1 ? 0 : blocksize),
406
16.5k
                                        in, (size_t)inl)
407
16.5k
                ? (int)outl : -1;
408
0
        else if (in != NULL)
409
0
            ret = ctx->cipher->cupdate(ctx->algctx, out, &outl,
410
0
                                       inl + (blocksize == 1 ? 0 : blocksize),
411
0
                                       in, (size_t)inl);
412
0
        else
413
0
            ret = ctx->cipher->cfinal(ctx->algctx, out, &outl,
414
0
                                      blocksize == 1 ? 0 : blocksize);
415
416
16.5k
        return ret;
417
16.5k
    }
418
419
0
    return ctx->cipher->do_cipher(ctx, out, in, inl);
420
16.5k
}
421
422
#ifndef OPENSSL_NO_DEPRECATED_3_0
423
const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
424
0
{
425
0
    if (ctx == NULL)
426
0
        return NULL;
427
0
    return ctx->cipher;
428
0
}
429
#endif
430
431
const EVP_CIPHER *EVP_CIPHER_CTX_get0_cipher(const EVP_CIPHER_CTX *ctx)
432
4.78k
{
433
4.78k
    if (ctx == NULL)
434
0
        return NULL;
435
4.78k
    return ctx->cipher;
436
4.78k
}
437
438
EVP_CIPHER *EVP_CIPHER_CTX_get1_cipher(EVP_CIPHER_CTX *ctx)
439
0
{
440
0
    EVP_CIPHER *cipher;
441
442
0
    if (ctx == NULL || ctx->cipher == NULL)
443
0
        return NULL;
444
0
    cipher = (EVP_CIPHER *)ctx->cipher;
445
0
    if (!EVP_CIPHER_up_ref(cipher))
446
0
        return NULL;
447
0
    return cipher;
448
0
}
449
450
int EVP_CIPHER_CTX_is_encrypting(const EVP_CIPHER_CTX *ctx)
451
0
{
452
0
    return ctx->encrypt;
453
0
}
454
455
unsigned long EVP_CIPHER_get_flags(const EVP_CIPHER *cipher)
456
1.01k
{
457
1.01k
    return cipher == NULL ? 0 : cipher->flags;
458
1.01k
}
459
460
void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
461
0
{
462
0
    return ctx->app_data;
463
0
}
464
465
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
466
0
{
467
0
    ctx->app_data = data;
468
0
}
469
470
void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx)
471
0
{
472
0
    return ctx->cipher_data;
473
0
}
474
475
void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data)
476
0
{
477
0
    void *old_cipher_data;
478
479
0
    old_cipher_data = ctx->cipher_data;
480
0
    ctx->cipher_data = cipher_data;
481
482
0
    return old_cipher_data;
483
0
}
484
485
int EVP_CIPHER_get_iv_length(const EVP_CIPHER *cipher)
486
4.41k
{
487
4.41k
    return (cipher == NULL) ? 0 : cipher->iv_len;
488
4.41k
}
489
490
int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
491
133k
{
492
133k
    if (ctx->cipher == NULL)
493
0
        return 0;
494
495
133k
    if (ctx->iv_len < 0) {
496
3.88k
        int rv, len = EVP_CIPHER_get_iv_length(ctx->cipher);
497
3.88k
        size_t v = len;
498
3.88k
        OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
499
500
3.88k
        if (ctx->cipher->get_ctx_params != NULL) {
501
3.88k
            params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN,
502
3.88k
                                                    &v);
503
3.88k
            rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
504
3.88k
            if (rv > 0) {
505
3.88k
                if (OSSL_PARAM_modified(params)
506
3.88k
                        && !OSSL_PARAM_get_int(params, &len))
507
0
                    return -1;
508
3.88k
            } else if (rv != EVP_CTRL_RET_UNSUPPORTED) {
509
0
                return -1;
510
0
            }
511
3.88k
        }
512
        /* Code below to be removed when legacy support is dropped. */
513
0
        else if ((EVP_CIPHER_get_flags(ctx->cipher)
514
0
                  & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
515
0
            rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
516
0
                                     0, &len);
517
0
            if (rv <= 0)
518
0
                return -1;
519
0
        }
520
        /*-
521
         * Casting away the const is annoying but required here.  We need to
522
         * cache the result for performance reasons.
523
         */
524
3.88k
        ((EVP_CIPHER_CTX *)ctx)->iv_len = len;
525
3.88k
    }
526
133k
    return ctx->iv_len;
527
133k
}
528
529
int EVP_CIPHER_CTX_get_tag_length(const EVP_CIPHER_CTX *ctx)
530
0
{
531
0
    int ret;
532
0
    size_t v = 0;
533
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
534
535
0
    params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
536
0
    ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
537
0
    return ret == 1 ? (int)v : 0;
538
0
}
539
540
#ifndef OPENSSL_NO_DEPRECATED_3_0
541
const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
542
0
{
543
0
    int ok;
544
0
    const unsigned char *v = ctx->oiv;
545
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
546
547
0
    params[0] =
548
0
        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
549
0
                                       (void **)&v, sizeof(ctx->oiv));
550
0
    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
551
552
0
    return ok != 0 ? v : NULL;
553
0
}
554
555
/*
556
 * OSSL_PARAM_OCTET_PTR gets us the pointer to the running IV in the provider
557
 */
558
const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
559
0
{
560
0
    int ok;
561
0
    const unsigned char *v = ctx->iv;
562
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
563
564
0
    params[0] =
565
0
        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
566
0
                                       (void **)&v, sizeof(ctx->iv));
567
0
    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
568
569
0
    return ok != 0 ? v : NULL;
570
0
}
571
572
unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
573
0
{
574
0
    int ok;
575
0
    unsigned char *v = ctx->iv;
576
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
577
578
0
    params[0] =
579
0
        OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
580
0
                                       (void **)&v, sizeof(ctx->iv));
581
0
    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
582
583
0
    return ok != 0 ? v : NULL;
584
0
}
585
#endif /* OPENSSL_NO_DEPRECATED_3_0_0 */
586
587
int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
588
0
{
589
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
590
591
0
    params[0] =
592
0
        OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len);
593
0
    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0;
594
0
}
595
596
int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
597
0
{
598
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
599
600
0
    params[0] =
601
0
        OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
602
0
    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0;
603
0
}
604
605
unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
606
0
{
607
0
    return ctx->buf;
608
0
}
609
610
int EVP_CIPHER_CTX_get_num(const EVP_CIPHER_CTX *ctx)
611
0
{
612
0
    int ok;
613
0
    unsigned int v = (unsigned int)ctx->num;
614
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
615
616
0
    params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
617
0
    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
618
619
0
    return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
620
0
}
621
622
int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
623
0
{
624
0
    int ok;
625
0
    unsigned int n = (unsigned int)num;
626
0
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
627
628
0
    params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
629
0
    ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
630
631
0
    if (ok != 0)
632
0
        ctx->num = (int)n;
633
0
    return ok != 0;
634
0
}
635
636
int EVP_CIPHER_get_key_length(const EVP_CIPHER *cipher)
637
452
{
638
452
    return cipher->key_len;
639
452
}
640
641
int EVP_CIPHER_CTX_get_key_length(const EVP_CIPHER_CTX *ctx)
642
260k
{
643
260k
    if (ctx->cipher == NULL)
644
0
        return 0;
645
646
260k
    if (ctx->key_len <= 0 && ctx->cipher->prov != NULL) {
647
5.08k
        int ok;
648
5.08k
        OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
649
5.08k
        size_t len;
650
651
5.08k
        params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len);
652
5.08k
        ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
653
5.08k
        if (ok <= 0)
654
0
            return EVP_CTRL_RET_UNSUPPORTED;
655
656
        /*-
657
         * The if branch should never be taken since EVP_MAX_KEY_LENGTH is
658
         * less than INT_MAX but best to be safe.
659
         *
660
         * Casting away the const is annoying but required here.  We need to
661
         * cache the result for performance reasons.
662
         */
663
5.08k
        if (!OSSL_PARAM_get_int(params, &((EVP_CIPHER_CTX *)ctx)->key_len))
664
0
            return -1;
665
5.08k
        ((EVP_CIPHER_CTX *)ctx)->key_len = (int)len;
666
5.08k
    }
667
260k
    return ctx->key_len;
668
260k
}
669
670
int EVP_CIPHER_get_nid(const EVP_CIPHER *cipher)
671
626
{
672
626
    return (cipher == NULL) ? NID_undef : cipher->nid;
673
626
}
674
675
int EVP_CIPHER_CTX_get_nid(const EVP_CIPHER_CTX *ctx)
676
0
{
677
0
    return EVP_CIPHER_get_nid(ctx->cipher);
678
0
}
679
680
int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name)
681
0
{
682
0
    if (cipher == NULL)
683
0
        return 0;
684
0
    if (cipher->prov != NULL)
685
0
        return evp_is_a(cipher->prov, cipher->name_id, NULL, name);
686
0
    return evp_is_a(NULL, 0, EVP_CIPHER_get0_name(cipher), name);
687
0
}
688
689
int evp_cipher_get_number(const EVP_CIPHER *cipher)
690
0
{
691
0
    return cipher->name_id;
692
0
}
693
694
const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher)
695
0
{
696
0
    if (cipher->type_name != NULL)
697
0
        return cipher->type_name;
698
0
#ifndef FIPS_MODULE
699
0
    return OBJ_nid2sn(EVP_CIPHER_get_nid(cipher));
700
#else
701
    return NULL;
702
#endif
703
0
}
704
705
const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher)
706
0
{
707
0
    if (cipher->description != NULL)
708
0
        return cipher->description;
709
0
#ifndef FIPS_MODULE
710
0
    return OBJ_nid2ln(EVP_CIPHER_get_nid(cipher));
711
#else
712
    return NULL;
713
#endif
714
0
}
715
716
int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
717
                            void (*fn)(const char *name, void *data),
718
                            void *data)
719
0
{
720
0
    if (cipher->prov != NULL)
721
0
        return evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
722
723
0
    return 1;
724
0
}
725
726
const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher)
727
1.44k
{
728
1.44k
    return cipher->prov;
729
1.44k
}
730
731
int EVP_CIPHER_get_mode(const EVP_CIPHER *cipher)
732
0
{
733
0
    return EVP_CIPHER_get_flags(cipher) & EVP_CIPH_MODE;
734
0
}
735
736
int EVP_MD_is_a(const EVP_MD *md, const char *name)
737
0
{
738
0
    if (md == NULL)
739
0
        return 0;
740
0
    if (md->prov != NULL)
741
0
        return evp_is_a(md->prov, md->name_id, NULL, name);
742
0
    return evp_is_a(NULL, 0, EVP_MD_get0_name(md), name);
743
0
}
744
745
int evp_md_get_number(const EVP_MD *md)
746
0
{
747
0
    return md->name_id;
748
0
}
749
750
const char *EVP_MD_get0_description(const EVP_MD *md)
751
0
{
752
0
    if (md->description != NULL)
753
0
        return md->description;
754
0
#ifndef FIPS_MODULE
755
0
    return OBJ_nid2ln(EVP_MD_nid(md));
756
#else
757
    return NULL;
758
#endif
759
0
}
760
761
const char *EVP_MD_get0_name(const EVP_MD *md)
762
4.59k
{
763
4.59k
    if (md == NULL)
764
0
        return NULL;
765
4.59k
    if (md->type_name != NULL)
766
371
        return md->type_name;
767
4.22k
#ifndef FIPS_MODULE
768
4.22k
    return OBJ_nid2sn(EVP_MD_nid(md));
769
#else
770
    return NULL;
771
#endif
772
4.59k
}
773
774
int EVP_MD_names_do_all(const EVP_MD *md,
775
                        void (*fn)(const char *name, void *data),
776
                        void *data)
777
0
{
778
0
    if (md->prov != NULL)
779
0
        return evp_names_do_all(md->prov, md->name_id, fn, data);
780
781
0
    return 1;
782
0
}
783
784
const OSSL_PROVIDER *EVP_MD_get0_provider(const EVP_MD *md)
785
8.97k
{
786
8.97k
    return md->prov;
787
8.97k
}
788
789
int EVP_MD_get_type(const EVP_MD *md)
790
4.39k
{
791
4.39k
    return md->type;
792
4.39k
}
793
794
int EVP_MD_get_pkey_type(const EVP_MD *md)
795
0
{
796
0
    return md->pkey_type;
797
0
}
798
799
int EVP_MD_get_block_size(const EVP_MD *md)
800
9.57k
{
801
9.57k
    if (md == NULL) {
802
0
        ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL);
803
0
        return -1;
804
0
    }
805
9.57k
    return md->block_size;
806
9.57k
}
807
808
int EVP_MD_get_size(const EVP_MD *md)
809
1.09M
{
810
1.09M
    if (md == NULL) {
811
1
        ERR_raise(ERR_LIB_EVP, EVP_R_MESSAGE_DIGEST_IS_NULL);
812
1
        return -1;
813
1
    }
814
1.09M
    return md->md_size;
815
1.09M
}
816
817
int EVP_MD_xof(const EVP_MD *md)
818
24.3k
{
819
24.3k
    return md != NULL && ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0);
820
24.3k
}
821
822
unsigned long EVP_MD_get_flags(const EVP_MD *md)
823
24.3k
{
824
24.3k
    return md->flags;
825
24.3k
}
826
827
EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type)
828
0
{
829
0
    EVP_MD *md = evp_md_new();
830
831
0
    if (md != NULL) {
832
0
        md->type = md_type;
833
0
        md->pkey_type = pkey_type;
834
0
        md->origin = EVP_ORIG_METH;
835
0
    }
836
0
    return md;
837
0
}
838
839
EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
840
0
{
841
0
    EVP_MD *to = NULL;
842
843
    /*
844
     * Non-legacy EVP_MDs can't be duplicated like this.
845
     * Use EVP_MD_up_ref() instead.
846
     */
847
0
    if (md->prov != NULL)
848
0
        return NULL;
849
850
0
    if ((to = EVP_MD_meth_new(md->type, md->pkey_type)) != NULL) {
851
0
        CRYPTO_REF_COUNT refcnt = to->refcnt;
852
853
0
        memcpy(to, md, sizeof(*to));
854
0
        to->refcnt = refcnt;
855
0
        to->origin = EVP_ORIG_METH;
856
0
    }
857
0
    return to;
858
0
}
859
860
void evp_md_free_int(EVP_MD *md)
861
54
{
862
54
    OPENSSL_free(md->type_name);
863
54
    ossl_provider_free(md->prov);
864
54
    CRYPTO_FREE_REF(&md->refcnt);
865
54
    OPENSSL_free(md);
866
54
}
867
868
void EVP_MD_meth_free(EVP_MD *md)
869
0
{
870
0
    if (md == NULL || md->origin != EVP_ORIG_METH)
871
0
       return;
872
873
0
    evp_md_free_int(md);
874
0
}
875
876
int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize)
877
0
{
878
0
    if (md->block_size != 0)
879
0
        return 0;
880
881
0
    md->block_size = blocksize;
882
0
    return 1;
883
0
}
884
int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize)
885
0
{
886
0
    if (md->md_size != 0)
887
0
        return 0;
888
889
0
    md->md_size = resultsize;
890
0
    return 1;
891
0
}
892
int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize)
893
0
{
894
0
    if (md->ctx_size != 0)
895
0
        return 0;
896
897
0
    md->ctx_size = datasize;
898
0
    return 1;
899
0
}
900
int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags)
901
0
{
902
0
    if (md->flags != 0)
903
0
        return 0;
904
905
0
    md->flags = flags;
906
0
    return 1;
907
0
}
908
int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
909
0
{
910
0
    if (md->init != NULL)
911
0
        return 0;
912
913
0
    md->init = init;
914
0
    return 1;
915
0
}
916
int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
917
                                                     const void *data,
918
                                                     size_t count))
919
0
{
920
0
    if (md->update != NULL)
921
0
        return 0;
922
923
0
    md->update = update;
924
0
    return 1;
925
0
}
926
int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
927
                                                   unsigned char *md))
928
0
{
929
0
    if (md->final != NULL)
930
0
        return 0;
931
932
0
    md->final = final;
933
0
    return 1;
934
0
}
935
int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
936
                                                 const EVP_MD_CTX *from))
937
0
{
938
0
    if (md->copy != NULL)
939
0
        return 0;
940
941
0
    md->copy = copy;
942
0
    return 1;
943
0
}
944
int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
945
0
{
946
0
    if (md->cleanup != NULL)
947
0
        return 0;
948
949
0
    md->cleanup = cleanup;
950
0
    return 1;
951
0
}
952
int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
953
                                                 int p1, void *p2))
954
0
{
955
0
    if (md->md_ctrl != NULL)
956
0
        return 0;
957
958
0
    md->md_ctrl = ctrl;
959
0
    return 1;
960
0
}
961
962
int EVP_MD_meth_get_input_blocksize(const EVP_MD *md)
963
0
{
964
0
    return md->block_size;
965
0
}
966
int EVP_MD_meth_get_result_size(const EVP_MD *md)
967
0
{
968
0
    return md->md_size;
969
0
}
970
int EVP_MD_meth_get_app_datasize(const EVP_MD *md)
971
0
{
972
0
    return md->ctx_size;
973
0
}
974
unsigned long EVP_MD_meth_get_flags(const EVP_MD *md)
975
0
{
976
0
    return md->flags;
977
0
}
978
int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
979
0
{
980
0
    return md->init;
981
0
}
982
int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
983
                                                const void *data,
984
                                                size_t count)
985
0
{
986
0
    return md->update;
987
0
}
988
int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
989
                                               unsigned char *md)
990
0
{
991
0
    return md->final;
992
0
}
993
int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
994
                                              const EVP_MD_CTX *from)
995
0
{
996
0
    return md->copy;
997
0
}
998
int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
999
0
{
1000
0
    return md->cleanup;
1001
0
}
1002
int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
1003
                                              int p1, void *p2)
1004
0
{
1005
0
    return md->md_ctrl;
1006
0
}
1007
1008
#ifndef OPENSSL_NO_DEPRECATED_3_0
1009
const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
1010
0
{
1011
0
    if (ctx == NULL)
1012
0
        return NULL;
1013
0
    return ctx->reqdigest;
1014
0
}
1015
#endif
1016
1017
const EVP_MD *EVP_MD_CTX_get0_md(const EVP_MD_CTX *ctx)
1018
1.08M
{
1019
1.08M
    if (ctx == NULL)
1020
0
        return NULL;
1021
1.08M
    return ctx->reqdigest;
1022
1.08M
}
1023
1024
EVP_MD *EVP_MD_CTX_get1_md(EVP_MD_CTX *ctx)
1025
0
{
1026
0
    EVP_MD *md;
1027
1028
0
    if (ctx == NULL)
1029
0
        return NULL;
1030
0
    md = (EVP_MD *)ctx->reqdigest;
1031
0
    if (md == NULL || !EVP_MD_up_ref(md))
1032
0
        return NULL;
1033
0
    return md;
1034
0
}
1035
1036
int EVP_MD_CTX_get_size_ex(const EVP_MD_CTX *ctx)
1037
1.08M
{
1038
1.08M
    EVP_MD_CTX *c = (EVP_MD_CTX *)ctx;
1039
1.08M
    const OSSL_PARAM *gettables;
1040
1041
1.08M
    gettables = EVP_MD_CTX_gettable_params(c);
1042
1.08M
    if (gettables != NULL
1043
1.08M
            && OSSL_PARAM_locate_const(gettables,
1044
8.97k
                                       OSSL_DIGEST_PARAM_SIZE) != NULL) {
1045
8.97k
        OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
1046
8.97k
        size_t sz = 0;
1047
1048
        /*
1049
         * For XOF's EVP_MD_get_size() returns 0
1050
         * So try to get the xoflen instead. This will return -1 if the
1051
         * xof length has not been set.
1052
         */
1053
8.97k
        params[0] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_SIZE, &sz);
1054
8.97k
        if (EVP_MD_CTX_get_params(c, params) != 1
1055
8.97k
                || sz == SIZE_MAX
1056
8.97k
                || sz == 0)
1057
224
            return -1;
1058
8.74k
        return sz;
1059
8.97k
    }
1060
    /* Normal digests have a constant fixed size output */
1061
1.08M
    return EVP_MD_get_size(EVP_MD_CTX_get0_md(ctx));
1062
1.08M
}
1063
1064
EVP_PKEY_CTX *EVP_MD_CTX_get_pkey_ctx(const EVP_MD_CTX *ctx)
1065
0
{
1066
0
    return ctx->pctx;
1067
0
}
1068
1069
#if !defined(FIPS_MODULE)
1070
void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx)
1071
0
{
1072
    /*
1073
     * it's reasonable to set NULL pctx (a.k.a clear the ctx->pctx), so
1074
     * we have to deal with the cleanup job here.
1075
     */
1076
0
    if (!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX))
1077
0
        EVP_PKEY_CTX_free(ctx->pctx);
1078
1079
0
    ctx->pctx = pctx;
1080
1081
0
    if (pctx != NULL) {
1082
        /* make sure pctx is not freed when destroying EVP_MD_CTX */
1083
0
        EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
1084
0
    } else {
1085
0
        EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_KEEP_PKEY_CTX);
1086
0
    }
1087
0
}
1088
#endif /* !defined(FIPS_MODULE) */
1089
1090
void *EVP_MD_CTX_get0_md_data(const EVP_MD_CTX *ctx)
1091
0
{
1092
0
    return ctx->md_data;
1093
0
}
1094
1095
int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
1096
                                             const void *data, size_t count)
1097
0
{
1098
0
    return ctx->update;
1099
0
}
1100
1101
void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
1102
                              int (*update) (EVP_MD_CTX *ctx,
1103
                                             const void *data, size_t count))
1104
0
{
1105
0
    ctx->update = update;
1106
0
}
1107
1108
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
1109
2.36M
{
1110
2.36M
    ctx->flags |= flags;
1111
2.36M
}
1112
1113
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
1114
1.50M
{
1115
1.50M
    ctx->flags &= ~flags;
1116
1.50M
}
1117
1118
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
1119
2.26M
{
1120
2.26M
    return (ctx->flags & flags);
1121
2.26M
}
1122
1123
static int evp_cipher_ctx_enable_use_bits(EVP_CIPHER_CTX *ctx,
1124
                                          unsigned int enable)
1125
0
{
1126
0
    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1127
1128
0
    params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_USE_BITS, &enable);
1129
0
    return EVP_CIPHER_CTX_set_params(ctx, params);
1130
0
}
1131
1132
void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
1133
0
{
1134
0
    int oldflags = ctx->flags;
1135
1136
0
    ctx->flags |= flags;
1137
0
    if (((oldflags ^ ctx->flags) & EVP_CIPH_FLAG_LENGTH_BITS) != 0)
1138
0
        evp_cipher_ctx_enable_use_bits(ctx, 1);
1139
0
}
1140
1141
void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
1142
0
{
1143
0
    int oldflags = ctx->flags;
1144
1145
0
    ctx->flags &= ~flags;
1146
0
    if (((oldflags ^ ctx->flags) & EVP_CIPH_FLAG_LENGTH_BITS) != 0)
1147
0
        evp_cipher_ctx_enable_use_bits(ctx, 0);
1148
0
}
1149
1150
int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
1151
0
{
1152
0
    return (ctx->flags & flags);
1153
0
}
1154
1155
#if !defined(FIPS_MODULE)
1156
1157
int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name)
1158
0
{
1159
0
    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1160
1161
0
    if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
1162
0
        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1163
        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1164
0
        return -2;
1165
0
    }
1166
1167
0
    if (name == NULL)
1168
0
        return -1;
1169
1170
0
    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1171
0
                                                 (char *)name, 0);
1172
0
    return EVP_PKEY_CTX_set_params(ctx, params);
1173
0
}
1174
1175
int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
1176
0
{
1177
0
    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1178
0
    OSSL_PARAM *p = params;
1179
1180
0
    if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
1181
        /* There is no legacy support for this */
1182
0
        ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
1183
        /* Uses the same return values as EVP_PKEY_CTX_ctrl */
1184
0
        return -2;
1185
0
    }
1186
1187
0
    if (name == NULL)
1188
0
        return -1;
1189
1190
0
    *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1191
0
                                            name, namelen);
1192
0
    if (!EVP_PKEY_CTX_get_params(ctx, params))
1193
0
        return -1;
1194
0
    return 1;
1195
0
}
1196
1197
/*
1198
 * evp_pkey_keygen() abstracts from the explicit use of B<EVP_PKEY_CTX>
1199
 * while providing a generic way of generating a new asymmetric key pair
1200
 * of algorithm type I<name> (e.g., C<RSA> or C<EC>).
1201
 * The library context I<libctx> and property query I<propq>
1202
 * are used when fetching algorithms from providers.
1203
 * The I<params> specify algorithm-specific parameters
1204
 * such as the RSA modulus size or the name of an EC curve.
1205
 */
1206
static EVP_PKEY *evp_pkey_keygen(OSSL_LIB_CTX *libctx, const char *name,
1207
                                 const char *propq, const OSSL_PARAM *params)
1208
0
{
1209
0
    EVP_PKEY *pkey = NULL;
1210
0
    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(libctx, name, propq);
1211
1212
0
    if (ctx != NULL
1213
0
            && EVP_PKEY_keygen_init(ctx) > 0
1214
0
            && EVP_PKEY_CTX_set_params(ctx, params))
1215
0
        (void)EVP_PKEY_generate(ctx, &pkey);
1216
1217
0
    EVP_PKEY_CTX_free(ctx);
1218
0
    return pkey;
1219
0
}
1220
1221
EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq,
1222
                            const char *type, ...)
1223
0
{
1224
0
    va_list args;
1225
0
    size_t bits;
1226
0
    char *name;
1227
0
    OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
1228
0
    EVP_PKEY *ret = NULL;
1229
1230
0
    va_start(args, type);
1231
1232
0
    if (OPENSSL_strcasecmp(type, "RSA") == 0) {
1233
0
        bits = va_arg(args, size_t);
1234
0
        params[0] = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_RSA_BITS, &bits);
1235
0
    } else if (OPENSSL_strcasecmp(type, "EC") == 0) {
1236
0
        name = va_arg(args, char *);
1237
0
        params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1238
0
                                                     name, 0);
1239
0
    }
1240
1241
0
    ret = evp_pkey_keygen(libctx, type, propq, params);
1242
1243
0
    va_end(args);
1244
0
    return ret;
1245
0
}
1246
1247
int EVP_CIPHER_CTX_set_algor_params(EVP_CIPHER_CTX *ctx, const X509_ALGOR *alg)
1248
0
{
1249
0
    int ret = -1;                /* Assume the worst */
1250
0
    unsigned char *der = NULL;
1251
0
    int derl = -1;
1252
1253
0
    if ((derl = i2d_ASN1_TYPE(alg->parameter, &der)) >= 0) {
1254
0
        const char *k_old = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD;
1255
0
        const char *k_new = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS;
1256
0
        OSSL_PARAM params[3];
1257
1258
        /*
1259
         * Passing the same data with both the old (deprecated) and the
1260
         * new AlgID parameters OSSL_PARAM key.
1261
         */
1262
0
        params[0] = OSSL_PARAM_construct_octet_string(k_old, der, (size_t)derl);
1263
0
        params[1] = OSSL_PARAM_construct_octet_string(k_new, der, (size_t)derl);
1264
0
        params[2] = OSSL_PARAM_construct_end();
1265
0
        ret = EVP_CIPHER_CTX_set_params(ctx, params);
1266
0
    }
1267
0
    OPENSSL_free(der);
1268
0
    return ret;
1269
0
}
1270
1271
int EVP_CIPHER_CTX_get_algor_params(EVP_CIPHER_CTX *ctx, X509_ALGOR *alg)
1272
0
{
1273
0
    int ret = -1;                /* Assume the worst */
1274
0
    unsigned char *der = NULL;
1275
0
    size_t derl;
1276
0
    ASN1_TYPE *type = NULL;
1277
0
    int i = -1;
1278
0
    const char *k_old = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD;
1279
0
    const char *k_new = OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS;
1280
0
    const char *derk;
1281
0
    OSSL_PARAM params[3];
1282
1283
    /*
1284
     * We make two passes, the first to get the appropriate buffer size,
1285
     * and the second to get the actual value.
1286
     * Also, using both the old (deprecated) and the new AlgID parameters
1287
     * OSSL_PARAM key, and using whichever the provider responds to.
1288
     * Should the provider respond on both, the new key takes priority.
1289
     */
1290
0
    params[0] = OSSL_PARAM_construct_octet_string(k_old, NULL, 0);
1291
0
    params[1] = OSSL_PARAM_construct_octet_string(k_new, NULL, 0);
1292
0
    params[2] = OSSL_PARAM_construct_end();
1293
1294
0
    if (!EVP_CIPHER_CTX_get_params(ctx, params))
1295
0
        goto err;
1296
1297
    /* ... but, we should get a return size too! */
1298
0
    if (OSSL_PARAM_modified(&params[0]) && params[0].return_size != 0)
1299
0
        i = 0;
1300
0
    if (OSSL_PARAM_modified(&params[1]) && params[1].return_size != 0)
1301
0
        i = 1;
1302
0
    if (i < 0)
1303
0
        goto err;
1304
1305
    /*
1306
     * If alg->parameter is non-NULL, it will be changed by d2i_ASN1_TYPE()
1307
     * below.  If it is NULL, the d2i_ASN1_TYPE() call will allocate new
1308
     * space for it.  Either way, alg->parameter can be safely assigned
1309
     * with type after the d2i_ASN1_TYPE() call, with the safety that it
1310
     * will be ok.
1311
     */
1312
0
    type = alg->parameter;
1313
1314
0
    derk = params[i].key;
1315
0
    derl = params[i].return_size;
1316
0
    if ((der = OPENSSL_malloc(derl)) != NULL) {
1317
0
        unsigned char *derp = der;
1318
1319
0
        params[i] = OSSL_PARAM_construct_octet_string(derk, der, derl);
1320
0
        if (EVP_CIPHER_CTX_get_params(ctx, params)
1321
0
            && OSSL_PARAM_modified(&params[i])
1322
0
            && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
1323
0
                             (int)derl) != NULL) {
1324
            /*
1325
             * Don't free alg->parameter, see comment further up.
1326
             * Worst case, alg->parameter gets assigned its own value.
1327
             */
1328
0
            alg->parameter = type;
1329
0
            ret = 1;
1330
0
        }
1331
0
    }
1332
0
 err:
1333
0
    OPENSSL_free(der);
1334
0
    return ret;
1335
0
}
1336
1337
int EVP_CIPHER_CTX_get_algor(EVP_CIPHER_CTX *ctx, X509_ALGOR **alg)
1338
0
{
1339
0
    int ret = -1;                /* Assume the worst */
1340
0
    OSSL_PARAM params[2];
1341
0
    size_t aid_len = 0;
1342
0
    const char *k_aid = OSSL_SIGNATURE_PARAM_ALGORITHM_ID;
1343
1344
0
    params[0] = OSSL_PARAM_construct_octet_string(k_aid, NULL, 0);
1345
0
    params[1] = OSSL_PARAM_construct_end();
1346
1347
0
    if (EVP_CIPHER_CTX_get_params(ctx, params) <= 0)
1348
0
        goto err;
1349
1350
0
    if (OSSL_PARAM_modified(&params[0]))
1351
0
        aid_len = params[0].return_size;
1352
0
    if (aid_len == 0) {
1353
0
        ERR_raise(ERR_LIB_EVP, EVP_R_GETTING_ALGORITHMIDENTIFIER_NOT_SUPPORTED);
1354
0
        ret = -2;
1355
0
        goto err;
1356
0
    }
1357
0
    if (alg != NULL) {
1358
0
        unsigned char *aid = NULL;
1359
0
        const unsigned char *pp = NULL;
1360
1361
0
        if ((aid = OPENSSL_malloc(aid_len)) != NULL) {
1362
0
            params[0] = OSSL_PARAM_construct_octet_string(k_aid, aid, aid_len);
1363
0
            pp = aid;
1364
0
            if (EVP_CIPHER_CTX_get_params(ctx, params)
1365
0
                && OSSL_PARAM_modified(&params[0])
1366
0
                && d2i_X509_ALGOR(alg, &pp, aid_len) != NULL)
1367
0
                ret = 1;
1368
0
        }
1369
0
        OPENSSL_free(aid);
1370
0
    }
1371
0
 err:
1372
0
    return ret;
1373
0
}
1374
1375
int EVP_PKEY_CTX_set_algor_params(EVP_PKEY_CTX *ctx, const X509_ALGOR *alg)
1376
0
{
1377
0
    int ret = -1;                /* Assume the worst */
1378
0
    unsigned char *der = NULL;
1379
0
    int derl = -1;
1380
1381
0
    if ((derl = i2d_ASN1_TYPE(alg->parameter, &der)) >= 0) {
1382
0
        const char *k = OSSL_PKEY_PARAM_ALGORITHM_ID_PARAMS;
1383
0
        OSSL_PARAM params[2];
1384
1385
        /*
1386
         * Passing the same data with both the old (deprecated) and the
1387
         * new AlgID parameters OSSL_PARAM key.
1388
         */
1389
0
        params[0] = OSSL_PARAM_construct_octet_string(k, der, (size_t)derl);
1390
0
        params[1] = OSSL_PARAM_construct_end();
1391
0
        ret = EVP_PKEY_CTX_set_params(ctx, params);
1392
0
    }
1393
0
    OPENSSL_free(der);
1394
0
    return ret;
1395
0
}
1396
1397
int EVP_PKEY_CTX_get_algor_params(EVP_PKEY_CTX *ctx, X509_ALGOR *alg)
1398
0
{
1399
0
    int ret = -1;                /* Assume the worst */
1400
0
    OSSL_PARAM params[2];
1401
0
    unsigned char *der = NULL;
1402
0
    size_t derl;
1403
0
    ASN1_TYPE *type = NULL;
1404
0
    const char *k = OSSL_PKEY_PARAM_ALGORITHM_ID_PARAMS;
1405
1406
    /*
1407
     * We make two passes, the first to get the appropriate buffer size,
1408
     * and the second to get the actual value.
1409
     * Also, using both the old (deprecated) and the new AlgID parameters
1410
     * OSSL_PARAM key, and using whichever the provider responds to.
1411
     * Should the provider respond on both, the new key takes priority.
1412
     */
1413
0
    params[0] = OSSL_PARAM_construct_octet_string(k, NULL, 0);
1414
0
    params[1] = OSSL_PARAM_construct_end();
1415
1416
0
    if (!EVP_PKEY_CTX_get_params(ctx, params))
1417
0
        goto err;
1418
1419
    /*
1420
     * If alg->parameter is non-NULL, it will be changed by d2i_ASN1_TYPE()
1421
     * below.  If it is NULL, the d2i_ASN1_TYPE() call will allocate new
1422
     * space for it.  Either way, alg->parameter can be safely assigned
1423
     * with type after the d2i_ASN1_TYPE() call, with the safety that it
1424
     * will be ok.
1425
     */
1426
0
    type = alg->parameter;
1427
1428
0
    derl = params[0].return_size;
1429
0
    if (OSSL_PARAM_modified(&params[0])
1430
        /* ... but, we should get a return size too! */
1431
0
        && derl != 0
1432
0
        && (der = OPENSSL_malloc(derl)) != NULL) {
1433
0
        unsigned char *derp = der;
1434
1435
0
        params[0] = OSSL_PARAM_construct_octet_string(k, der, derl);
1436
0
        if (EVP_PKEY_CTX_get_params(ctx, params)
1437
0
            && OSSL_PARAM_modified(&params[0])
1438
0
            && d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
1439
0
                             derl) != NULL) {
1440
            /*
1441
             * Don't free alg->parameter, see comment further up.
1442
             * Worst case, alg->parameter gets assigned its own value.
1443
             */
1444
0
            alg->parameter = type;
1445
0
            ret = 1;
1446
0
        }
1447
0
    }
1448
0
 err:
1449
0
    OPENSSL_free(der);
1450
0
    return ret;
1451
0
}
1452
1453
int EVP_PKEY_CTX_get_algor(EVP_PKEY_CTX *ctx, X509_ALGOR **alg)
1454
0
{
1455
0
    int ret = -1;                /* Assume the worst */
1456
0
    OSSL_PARAM params[2];
1457
0
    size_t aid_len = 0;
1458
0
    const char *k_aid = OSSL_SIGNATURE_PARAM_ALGORITHM_ID;
1459
1460
0
    params[0] = OSSL_PARAM_construct_octet_string(k_aid, NULL, 0);
1461
0
    params[1] = OSSL_PARAM_construct_end();
1462
1463
0
    if (EVP_PKEY_CTX_get_params(ctx, params) <= 0)
1464
0
        goto err;
1465
1466
0
    if (OSSL_PARAM_modified(&params[0]))
1467
0
        aid_len = params[0].return_size;
1468
0
    if (aid_len == 0) {
1469
0
        ERR_raise(ERR_LIB_EVP, EVP_R_GETTING_ALGORITHMIDENTIFIER_NOT_SUPPORTED);
1470
0
        ret = -2;
1471
0
        goto err;
1472
0
    }
1473
0
    if (alg != NULL) {
1474
0
        unsigned char *aid = NULL;
1475
0
        const unsigned char *pp = NULL;
1476
1477
0
        if ((aid = OPENSSL_malloc(aid_len)) != NULL) {
1478
0
            params[0] = OSSL_PARAM_construct_octet_string(k_aid, aid, aid_len);
1479
0
            pp = aid;
1480
0
            if (EVP_PKEY_CTX_get_params(ctx, params)
1481
0
                && OSSL_PARAM_modified(&params[0])
1482
0
                && d2i_X509_ALGOR(alg, &pp, aid_len) != NULL)
1483
0
                ret = 1;
1484
0
        }
1485
0
        OPENSSL_free(aid);
1486
0
    }
1487
0
 err:
1488
0
    return ret;
1489
0
}
1490
1491
#endif /* !defined(FIPS_MODULE) */