/src/openssl/providers/implementations/macs/gmac_prov.c

Source
/*
 * Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdlib.h>
#include <string.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/proverr.h>

#include "internal/cryptlib.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
#include "prov/providercommon.h"
#include "providers/implementations/macs/gmac_prov.inc"

/*
 * Forward declaration of everything implemented here.  This is not strictly
 * necessary for the compiler, but provides an assurance that the signatures
 * of the functions in the dispatch table are correct.
 */
static OSSL_FUNC_mac_newctx_fn gmac_new;
static OSSL_FUNC_mac_dupctx_fn gmac_dup;
static OSSL_FUNC_mac_freectx_fn gmac_free;
static OSSL_FUNC_mac_gettable_params_fn gmac_gettable_params;
static OSSL_FUNC_mac_get_params_fn gmac_get_params;
static OSSL_FUNC_mac_settable_ctx_params_fn gmac_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn gmac_set_ctx_params;
static OSSL_FUNC_mac_init_fn gmac_init;
static OSSL_FUNC_mac_update_fn gmac_update;
static OSSL_FUNC_mac_final_fn gmac_final;

/* local GMAC pkey structure */

struct gmac_data_st {
    void *provctx;
    EVP_CIPHER_CTX *ctx;         /* Cipher context */
    PROV_CIPHER cipher;
};

static void gmac_free(void *vmacctx)
{
    struct gmac_data_st *macctx = vmacctx;

    if (macctx != NULL) {
        EVP_CIPHER_CTX_free(macctx->ctx);
        ossl_prov_cipher_reset(&macctx->cipher);
        OPENSSL_free(macctx);
    }
}

static void *gmac_new(void *provctx)
{
    struct gmac_data_st *macctx;

    if (!ossl_prov_is_running())
        return NULL;

    if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
        || (macctx->ctx = EVP_CIPHER_CTX_new()) == NULL) {
        gmac_free(macctx);
        return NULL;
    }
    macctx->provctx = provctx;

    return macctx;
}

static void *gmac_dup(void *vsrc)
{
    struct gmac_data_st *src = vsrc;
    struct gmac_data_st *dst;

    if (!ossl_prov_is_running())
        return NULL;

    dst = gmac_new(src->provctx);
    if (dst == NULL)
        return NULL;

    if (!EVP_CIPHER_CTX_copy(dst->ctx, src->ctx)
        || !ossl_prov_cipher_copy(&dst->cipher, &src->cipher)) {
        gmac_free(dst);
        return NULL;
    }
    return dst;
}

static size_t gmac_size(void)
{
    return EVP_GCM_TLS_TAG_LEN;
}

static int gmac_setkey(struct gmac_data_st *macctx,
                       const unsigned char *key, size_t keylen)
{
    EVP_CIPHER_CTX *ctx = macctx->ctx;

    if (keylen != (size_t)EVP_CIPHER_CTX_get_key_length(ctx)) {
        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
        return 0;
    }
    if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL))
        return 0;
    return 1;
}

static int gmac_init(void *vmacctx, const unsigned char *key,
                     size_t keylen, const OSSL_PARAM params[])
{
    struct gmac_data_st *macctx = vmacctx;

    if (!ossl_prov_is_running() || !gmac_set_ctx_params(macctx, params))
        return 0;
    if (key != NULL)
        return gmac_setkey(macctx, key, keylen);
    return EVP_EncryptInit_ex(macctx->ctx, NULL, NULL, NULL, NULL);
}

static int gmac_update(void *vmacctx, const unsigned char *data,
                       size_t datalen)
{
    struct gmac_data_st *macctx = vmacctx;
    EVP_CIPHER_CTX *ctx = macctx->ctx;
    int outlen;

    if (datalen == 0)
        return 1;

    while (datalen > INT_MAX) {
        if (!EVP_EncryptUpdate(ctx, NULL, &outlen, data, INT_MAX))
            return 0;
        data += INT_MAX;
        datalen -= INT_MAX;
    }
    return EVP_EncryptUpdate(ctx, NULL, &outlen, data, (int)datalen);
}

static int gmac_final(void *vmacctx, unsigned char *out, size_t *outl,
                      size_t outsize)
{
    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
    struct gmac_data_st *macctx = vmacctx;
    int hlen = 0;

    if (!ossl_prov_is_running())
        return 0;

    if (!EVP_EncryptFinal_ex(macctx->ctx, out, &hlen))
        return 0;

    hlen = (int)gmac_size();
    params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
                                                  out, (size_t)hlen);
    if (!EVP_CIPHER_CTX_get_params(macctx->ctx, params))
        return 0;

    *outl = hlen;
    return 1;
}

static const OSSL_PARAM *gmac_gettable_params(void *provctx)
{
    return gmac_get_params_list;
}

static int gmac_get_params(OSSL_PARAM params[])
{
    struct gmac_get_params_st p;

    if (!gmac_get_params_decoder(params, &p))
        return 0;

    if (p.size != NULL && !OSSL_PARAM_set_size_t(p.size, gmac_size()))
        return 0;

    return 1;
}

static const OSSL_PARAM *gmac_settable_ctx_params(ossl_unused void *ctx,
                                                  ossl_unused void *provctx)
{
    return gmac_set_ctx_params_list;
}

/*
 * ALL parameters should be set before init().
 */
static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
    struct gmac_data_st *macctx = vmacctx;
    EVP_CIPHER_CTX *ctx;
    OSSL_LIB_CTX *provctx;
    struct gmac_set_ctx_params_st p;

    if (macctx == NULL || !gmac_set_ctx_params_decoder(params, &p))
        return 0;

    if ((ctx = macctx->ctx) == NULL)
        return 0;
    provctx = PROV_LIBCTX_OF(macctx->provctx);

    if (p.cipher != NULL) {
        if (!ossl_prov_cipher_load(&macctx->cipher, p.cipher, p.propq,
                                   p.engine, provctx))
            return 0;
        if (EVP_CIPHER_get_mode(ossl_prov_cipher_cipher(&macctx->cipher))
            != EVP_CIPH_GCM_MODE) {
            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
            return 0;
        }
        if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher),
                                ossl_prov_cipher_engine(&macctx->cipher), NULL,
                                NULL))
            return 0;
    }

    if (p.key != NULL)
        if (p.key->data_type != OSSL_PARAM_OCTET_STRING
                || !gmac_setkey(macctx, p.key->data, p.key->data_size))
            return 0;

    if (p.iv != NULL) {
        if (p.iv->data_type != OSSL_PARAM_OCTET_STRING)
            return 0;

        if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
                                 (int)p.iv->data_size, NULL) <= 0
            || !EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, p.iv->data))
            return 0;
    }
    return 1;
}

const OSSL_DISPATCH ossl_gmac_functions[] = {
    { OSSL_FUNC_MAC_NEWCTX, (void (*)(void))gmac_new },
    { OSSL_FUNC_MAC_DUPCTX, (void (*)(void))gmac_dup },
    { OSSL_FUNC_MAC_FREECTX, (void (*)(void))gmac_free },
    { OSSL_FUNC_MAC_INIT, (void (*)(void))gmac_init },
    { OSSL_FUNC_MAC_UPDATE, (void (*)(void))gmac_update },
    { OSSL_FUNC_MAC_FINAL, (void (*)(void))gmac_final },
    { OSSL_FUNC_MAC_GETTABLE_PARAMS, (void (*)(void))gmac_gettable_params },
    { OSSL_FUNC_MAC_GET_PARAMS, (void (*)(void))gmac_get_params },
    { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
      (void (*)(void))gmac_settable_ctx_params },
    { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))gmac_set_ctx_params },
    OSSL_DISPATCH_END
};

Coverage Report

Created: 2025-10-28 06:56

Line	Count	Source
1		/*
2		* Copyright 2018-2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdlib.h>
11		#include <string.h>
12		#include <openssl/core_dispatch.h>
13		#include <openssl/core_names.h>
14		#include <openssl/params.h>
15		#include <openssl/evp.h>
16		#include <openssl/err.h>
17		#include <openssl/proverr.h>
18
19		#include "internal/cryptlib.h"
20		#include "prov/implementations.h"
21		#include "prov/provider_ctx.h"
22		#include "prov/provider_util.h"
23		#include "prov/providercommon.h"
24		#include "providers/implementations/macs/gmac_prov.inc"
25
26		/*
27		* Forward declaration of everything implemented here. This is not strictly
28		* necessary for the compiler, but provides an assurance that the signatures
29		* of the functions in the dispatch table are correct.
30		*/
31		static OSSL_FUNC_mac_newctx_fn gmac_new;
32		static OSSL_FUNC_mac_dupctx_fn gmac_dup;
33		static OSSL_FUNC_mac_freectx_fn gmac_free;
34		static OSSL_FUNC_mac_gettable_params_fn gmac_gettable_params;
35		static OSSL_FUNC_mac_get_params_fn gmac_get_params;
36		static OSSL_FUNC_mac_settable_ctx_params_fn gmac_settable_ctx_params;
37		static OSSL_FUNC_mac_set_ctx_params_fn gmac_set_ctx_params;
38		static OSSL_FUNC_mac_init_fn gmac_init;
39		static OSSL_FUNC_mac_update_fn gmac_update;
40		static OSSL_FUNC_mac_final_fn gmac_final;
41
42		/* local GMAC pkey structure */
43
44		struct gmac_data_st {
45		void *provctx;
46		EVP_CIPHER_CTX ctx; / Cipher context */
47		PROV_CIPHER cipher;
48		};
49
50		static void gmac_free(void *vmacctx)
51	0	{
52	0	struct gmac_data_st *macctx = vmacctx;
53
54	0	if (macctx != NULL) {
55	0	EVP_CIPHER_CTX_free(macctx->ctx);
56	0	ossl_prov_cipher_reset(&macctx->cipher);
57	0	OPENSSL_free(macctx);
58	0	}
59	0	}
60
61		static void gmac_new(void provctx)
62	0	{
63	0	struct gmac_data_st *macctx;
64
65	0	if (!ossl_prov_is_running())
66	0	return NULL;
67
68	0	if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
69	0	\|\| (macctx->ctx = EVP_CIPHER_CTX_new()) == NULL) {
70	0	gmac_free(macctx);
71	0	return NULL;
72	0	}
73	0	macctx->provctx = provctx;
74
75	0	return macctx;
76	0	}
77
78		static void gmac_dup(void vsrc)
79	0	{
80	0	struct gmac_data_st *src = vsrc;
81	0	struct gmac_data_st *dst;
82
83	0	if (!ossl_prov_is_running())
84	0	return NULL;
85
86	0	dst = gmac_new(src->provctx);
87	0	if (dst == NULL)
88	0	return NULL;
89
90	0	if (!EVP_CIPHER_CTX_copy(dst->ctx, src->ctx)
91	0	\|\| !ossl_prov_cipher_copy(&dst->cipher, &src->cipher)) {
92	0	gmac_free(dst);
93	0	return NULL;
94	0	}
95	0	return dst;
96	0	}
97
98		static size_t gmac_size(void)
99	0	{
100	0	return EVP_GCM_TLS_TAG_LEN;
101	0	}
102
103		static int gmac_setkey(struct gmac_data_st *macctx,
104		const unsigned char *key, size_t keylen)
105	0	{
106	0	EVP_CIPHER_CTX *ctx = macctx->ctx;
107
108	0	if (keylen != (size_t)EVP_CIPHER_CTX_get_key_length(ctx)) {
109	0	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
110	0	return 0;
111	0	}
112	0	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL))
113	0	return 0;
114	0	return 1;
115	0	}
116
117		static int gmac_init(void vmacctx, const unsigned char key,
118		size_t keylen, const OSSL_PARAM params[])
119	0	{
120	0	struct gmac_data_st *macctx = vmacctx;
121
122	0	if (!ossl_prov_is_running() \|\| !gmac_set_ctx_params(macctx, params))
123	0	return 0;
124	0	if (key != NULL)
125	0	return gmac_setkey(macctx, key, keylen);
126	0	return EVP_EncryptInit_ex(macctx->ctx, NULL, NULL, NULL, NULL);
127	0	}
128
129		static int gmac_update(void vmacctx, const unsigned char data,
130		size_t datalen)
131	0	{
132	0	struct gmac_data_st *macctx = vmacctx;
133	0	EVP_CIPHER_CTX *ctx = macctx->ctx;
134	0	int outlen;
135
136	0	if (datalen == 0)
137	0	return 1;
138
139	0	while (datalen > INT_MAX) {
140	0	if (!EVP_EncryptUpdate(ctx, NULL, &outlen, data, INT_MAX))
141	0	return 0;
142	0	data += INT_MAX;
143	0	datalen -= INT_MAX;
144	0	}
145	0	return EVP_EncryptUpdate(ctx, NULL, &outlen, data, (int)datalen);
146	0	}
147
148		static int gmac_final(void vmacctx, unsigned char out, size_t *outl,
149		size_t outsize)
150	0	{
151	0	OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
152	0	struct gmac_data_st *macctx = vmacctx;
153	0	int hlen = 0;
154
155	0	if (!ossl_prov_is_running())
156	0	return 0;
157
158	0	if (!EVP_EncryptFinal_ex(macctx->ctx, out, &hlen))
159	0	return 0;
160
161	0	hlen = (int)gmac_size();
162	0	params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
163	0	out, (size_t)hlen);
164	0	if (!EVP_CIPHER_CTX_get_params(macctx->ctx, params))
165	0	return 0;
166
167	0	*outl = hlen;
168	0	return 1;
169	0	}
170
171		static const OSSL_PARAM gmac_gettable_params(void provctx)
172	0	{
173	0	return gmac_get_params_list;
174	0	}
175
176		static int gmac_get_params(OSSL_PARAM params[])
177	0	{
178	0	struct gmac_get_params_st p;
179
180	0	if (!gmac_get_params_decoder(params, &p))
181	0	return 0;
182
183	0	if (p.size != NULL && !OSSL_PARAM_set_size_t(p.size, gmac_size()))
184	0	return 0;
185
186	0	return 1;
187	0	}
188
189		static const OSSL_PARAM gmac_settable_ctx_params(ossl_unused void ctx,
190		ossl_unused void *provctx)
191	0	{
192	0	return gmac_set_ctx_params_list;
193	0	}
194
195		/*
196		* ALL parameters should be set before init().
197		*/
198		static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
199	0	{
200	0	struct gmac_data_st *macctx = vmacctx;
201	0	EVP_CIPHER_CTX *ctx;
202	0	OSSL_LIB_CTX *provctx;
203	0	struct gmac_set_ctx_params_st p;
204
205	0	if (macctx == NULL \|\| !gmac_set_ctx_params_decoder(params, &p))
206	0	return 0;
207
208	0	if ((ctx = macctx->ctx) == NULL)
209	0	return 0;
210	0	provctx = PROV_LIBCTX_OF(macctx->provctx);
211
212	0	if (p.cipher != NULL) {
213	0	if (!ossl_prov_cipher_load(&macctx->cipher, p.cipher, p.propq,
214	0	p.engine, provctx))
215	0	return 0;
216	0	if (EVP_CIPHER_get_mode(ossl_prov_cipher_cipher(&macctx->cipher))
217	0	!= EVP_CIPH_GCM_MODE) {
218	0	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
219	0	return 0;
220	0	}
221	0	if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher),
222	0	ossl_prov_cipher_engine(&macctx->cipher), NULL,
223	0	NULL))
224	0	return 0;
225	0	}
226
227	0	if (p.key != NULL)
228	0	if (p.key->data_type != OSSL_PARAM_OCTET_STRING
229	0	\|\| !gmac_setkey(macctx, p.key->data, p.key->data_size))
230	0	return 0;
231
232	0	if (p.iv != NULL) {
233	0	if (p.iv->data_type != OSSL_PARAM_OCTET_STRING)
234	0	return 0;
235
236	0	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
237	0	(int)p.iv->data_size, NULL) <= 0
238	0	\|\| !EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, p.iv->data))
239	0	return 0;
240	0	}
241	0	return 1;
242	0	}
243
244		const OSSL_DISPATCH ossl_gmac_functions[] = {
245		{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))gmac_new },
246		{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))gmac_dup },
247		{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))gmac_free },
248		{ OSSL_FUNC_MAC_INIT, (void (*)(void))gmac_init },
249		{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))gmac_update },
250		{ OSSL_FUNC_MAC_FINAL, (void (*)(void))gmac_final },
251		{ OSSL_FUNC_MAC_GETTABLE_PARAMS, (void (*)(void))gmac_gettable_params },
252		{ OSSL_FUNC_MAC_GET_PARAMS, (void (*)(void))gmac_get_params },
253		{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
254		(void (*)(void))gmac_settable_ctx_params },
255		{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))gmac_set_ctx_params },
256		OSSL_DISPATCH_END
257		};