1/* 2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10/* 11 * Generic dispatch table functions for ciphers. 12 */ 13 14/* For SSL3_VERSION */ 15#include <openssl/prov_ssl.h> 16#include <openssl/proverr.h> 17#include "ciphercommon_local.h" 18#include "prov/provider_ctx.h" 19#include "prov/providercommon.h" 20 21/*- 22 * Generic cipher functions for OSSL_PARAM gettables and settables 23 */ 24static const OSSL_PARAM cipher_known_gettable_params[] = { 25 OSSL_PARAM_uint(OSSL_CIPHER_PARAM_MODE, NULL), 26 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 27 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), 28 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_BLOCK_SIZE, NULL), 29 OSSL_PARAM_int(OSSL_CIPHER_PARAM_AEAD, NULL), 30 OSSL_PARAM_int(OSSL_CIPHER_PARAM_CUSTOM_IV, NULL), 31 OSSL_PARAM_int(OSSL_CIPHER_PARAM_CTS, NULL), 32 OSSL_PARAM_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK, NULL), 33 OSSL_PARAM_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY, NULL), 34 OSSL_PARAM_END 35}; 36const OSSL_PARAM *ossl_cipher_generic_gettable_params(ossl_unused void *provctx) 37{ 38 return cipher_known_gettable_params; 39} 40 41int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, 42 uint64_t flags, 43 size_t kbits, size_t blkbits, size_t ivbits) 44{ 45 OSSL_PARAM *p; 46 47 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); 48 if (p != NULL && !OSSL_PARAM_set_uint(p, md)) { 49 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 50 return 0; 51 } 52 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD); 53 if (p != NULL 54 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_AEAD) != 0)) { 55 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 56 return 0; 57 } 58 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CUSTOM_IV); 59 if (p != NULL 60 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CUSTOM_IV) != 0)) { 61 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 62 return 0; 63 } 64 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CTS); 65 if (p != NULL 66 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_CTS) != 0)) { 67 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 68 return 0; 69 } 70 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK); 71 if (p != NULL 72 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_TLS1_MULTIBLOCK) != 0)) { 73 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 74 return 0; 75 } 76 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_HAS_RAND_KEY); 77 if (p != NULL 78 && !OSSL_PARAM_set_int(p, (flags & PROV_CIPHER_FLAG_RAND_KEY) != 0)) { 79 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 80 return 0; 81 } 82 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); 83 if (p != NULL && !OSSL_PARAM_set_size_t(p, kbits / 8)) { 84 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 85 return 0; 86 } 87 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); 88 if (p != NULL && !OSSL_PARAM_set_size_t(p, blkbits / 8)) { 89 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 90 return 0; 91 } 92 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); 93 if (p != NULL && !OSSL_PARAM_set_size_t(p, ivbits / 8)) { 94 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 95 return 0; 96 } 97 return 1; 98} 99 100CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic) 101{ OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED }, 102CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic) 103 104CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic) 105OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL), 106OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL), 107OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL), 108CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic) 109 110/* 111 * Variable key length cipher functions for OSSL_PARAM settables 112 */ 113int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 114{ 115 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 116 const OSSL_PARAM *p; 117 118 if (params == NULL) 119 return 1; 120 121 if (!ossl_cipher_generic_set_ctx_params(vctx, params)) 122 return 0; 123 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); 124 if (p != NULL) { 125 size_t keylen; 126 127 if (!OSSL_PARAM_get_size_t(p, &keylen)) { 128 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 129 return 0; 130 } 131 ctx->keylen = keylen; 132 } 133 return 1; 134} 135 136CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen) 137OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 138CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen) 139 140/*- 141 * AEAD cipher functions for OSSL_PARAM gettables and settables 142 */ 143static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = { 144 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 145 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), 146 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), 147 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), 148 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), 149 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), 150 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), 151 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0), 152 OSSL_PARAM_END 153}; 154const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params( 155 ossl_unused void *cctx, ossl_unused void *provctx 156 ) 157{ 158 return cipher_aead_known_gettable_ctx_params; 159} 160 161static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = { 162 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_IVLEN, NULL), 163 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), 164 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), 165 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED, NULL, 0), 166 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0), 167 OSSL_PARAM_END 168}; 169const OSSL_PARAM *ossl_cipher_aead_settable_ctx_params( 170 ossl_unused void *cctx, ossl_unused void *provctx 171 ) 172{ 173 return cipher_aead_known_settable_ctx_params; 174} 175 176void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) 177{ 178 if (ctx != NULL && ctx->alloced) { 179 OPENSSL_free(ctx->tlsmac); 180 ctx->alloced = 0; 181 ctx->tlsmac = NULL; 182 } 183} 184 185static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, 186 const unsigned char *key, size_t keylen, 187 const unsigned char *iv, size_t ivlen, 188 const OSSL_PARAM params[], int enc) 189{ 190 ctx->num = 0; 191 ctx->bufsz = 0; 192 ctx->updated = 0; 193 ctx->enc = enc ? 1 : 0; 194 195 if (!ossl_prov_is_running()) 196 return 0; 197 198 if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) { 199 if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) 200 return 0; 201 } 202 if (iv == NULL && ctx->iv_set 203 && (ctx->mode == EVP_CIPH_CBC_MODE 204 || ctx->mode == EVP_CIPH_CFB_MODE 205 || ctx->mode == EVP_CIPH_OFB_MODE)) 206 /* reset IV for these modes to keep compatibility with 1.1.1 */ 207 memcpy(ctx->iv, ctx->oiv, ctx->ivlen); 208 209 if (key != NULL) { 210 if (ctx->variable_keylength == 0) { 211 if (keylen != ctx->keylen) { 212 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); 213 return 0; 214 } 215 } else { 216 ctx->keylen = keylen; 217 } 218 if (!ctx->hw->init(ctx, key, ctx->keylen)) 219 return 0; 220 } 221 return ossl_cipher_generic_set_ctx_params(ctx, params); 222} 223 224int ossl_cipher_generic_einit(void *vctx, const unsigned char *key, 225 size_t keylen, const unsigned char *iv, 226 size_t ivlen, const OSSL_PARAM params[]) 227{ 228 return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, 229 iv, ivlen, params, 1); 230} 231 232int ossl_cipher_generic_dinit(void *vctx, const unsigned char *key, 233 size_t keylen, const unsigned char *iv, 234 size_t ivlen, const OSSL_PARAM params[]) 235{ 236 return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, 237 iv, ivlen, params, 0); 238} 239 240/* Max padding including padding length byte */ 241#define MAX_PADDING 256 242 243int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, 244 size_t *outl, size_t outsize, 245 const unsigned char *in, size_t inl) 246{ 247 size_t outlint = 0; 248 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 249 size_t blksz = ctx->blocksize; 250 size_t nextblocks; 251 252 if (ctx->tlsversion > 0) { 253 /* 254 * Each update call corresponds to a TLS record and is individually 255 * padded 256 */ 257 258 /* Sanity check inputs */ 259 if (in == NULL 260 || in != out 261 || outsize < inl 262 || !ctx->pad) { 263 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 264 return 0; 265 } 266 267 if (ctx->enc) { 268 unsigned char padval; 269 size_t padnum, loop; 270 271 /* Add padding */ 272 273 padnum = blksz - (inl % blksz); 274 275 if (outsize < inl + padnum) { 276 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 277 return 0; 278 } 279 280 if (padnum > MAX_PADDING) { 281 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 282 return 0; 283 } 284 padval = (unsigned char)(padnum - 1); 285 if (ctx->tlsversion == SSL3_VERSION) { 286 if (padnum > 1) 287 memset(out + inl, 0, padnum - 1); 288 *(out + inl + padnum - 1) = padval; 289 } else { 290 /* we need to add 'padnum' padding bytes of value padval */ 291 for (loop = inl; loop < inl + padnum; loop++) 292 out[loop] = padval; 293 } 294 inl += padnum; 295 } 296 297 if ((inl % blksz) != 0) { 298 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 299 return 0; 300 } 301 302 303 /* Shouldn't normally fail */ 304 if (!ctx->hw->cipher(ctx, out, in, inl)) { 305 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 306 return 0; 307 } 308 309 if (ctx->alloced) { 310 OPENSSL_free(ctx->tlsmac); 311 ctx->alloced = 0; 312 ctx->tlsmac = NULL; 313 } 314 315 /* This only fails if padding is publicly invalid */ 316 *outl = inl; 317 if (!ctx->enc 318 && !ossl_cipher_tlsunpadblock(ctx->libctx, ctx->tlsversion, 319 out, outl, 320 blksz, &ctx->tlsmac, &ctx->alloced, 321 ctx->tlsmacsize, 0)) { 322 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 323 return 0; 324 } 325 return 1; 326 } 327 328 if (ctx->bufsz != 0) 329 nextblocks = ossl_cipher_fillblock(ctx->buf, &ctx->bufsz, blksz, 330 &in, &inl); 331 else 332 nextblocks = inl & ~(blksz-1); 333 334 /* 335 * If we're decrypting and we end an update on a block boundary we hold 336 * the last block back in case this is the last update call and the last 337 * block is padded. 338 */ 339 if (ctx->bufsz == blksz && (ctx->enc || inl > 0 || !ctx->pad)) { 340 if (outsize < blksz) { 341 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 342 return 0; 343 } 344 if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) { 345 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 346 return 0; 347 } 348 ctx->bufsz = 0; 349 outlint = blksz; 350 out += blksz; 351 } 352 if (nextblocks > 0) { 353 if (!ctx->enc && ctx->pad && nextblocks == inl) { 354 if (!ossl_assert(inl >= blksz)) { 355 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 356 return 0; 357 } 358 nextblocks -= blksz; 359 } 360 outlint += nextblocks; 361 if (outsize < outlint) { 362 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 363 return 0; 364 } 365 } 366 if (nextblocks > 0) { 367 if (!ctx->hw->cipher(ctx, out, in, nextblocks)) { 368 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 369 return 0; 370 } 371 in += nextblocks; 372 inl -= nextblocks; 373 } 374 if (inl != 0 375 && !ossl_cipher_trailingdata(ctx->buf, &ctx->bufsz, blksz, &in, &inl)) { 376 /* ERR_raise already called */ 377 return 0; 378 } 379 380 *outl = outlint; 381 return inl == 0; 382} 383 384int ossl_cipher_generic_block_final(void *vctx, unsigned char *out, 385 size_t *outl, size_t outsize) 386{ 387 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 388 size_t blksz = ctx->blocksize; 389 390 if (!ossl_prov_is_running()) 391 return 0; 392 393 if (ctx->tlsversion > 0) { 394 /* We never finalize TLS, so this is an error */ 395 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 396 return 0; 397 } 398 399 if (ctx->enc) { 400 if (ctx->pad) { 401 ossl_cipher_padblock(ctx->buf, &ctx->bufsz, blksz); 402 } else if (ctx->bufsz == 0) { 403 *outl = 0; 404 return 1; 405 } else if (ctx->bufsz != blksz) { 406 ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH); 407 return 0; 408 } 409 410 if (outsize < blksz) { 411 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 412 return 0; 413 } 414 if (!ctx->hw->cipher(ctx, out, ctx->buf, blksz)) { 415 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 416 return 0; 417 } 418 ctx->bufsz = 0; 419 *outl = blksz; 420 return 1; 421 } 422 423 /* Decrypting */ 424 if (ctx->bufsz != blksz) { 425 if (ctx->bufsz == 0 && !ctx->pad) { 426 *outl = 0; 427 return 1; 428 } 429 ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_FINAL_BLOCK_LENGTH); 430 return 0; 431 } 432 433 if (!ctx->hw->cipher(ctx, ctx->buf, ctx->buf, blksz)) { 434 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 435 return 0; 436 } 437 438 if (ctx->pad && !ossl_cipher_unpadblock(ctx->buf, &ctx->bufsz, blksz)) { 439 /* ERR_raise already called */ 440 return 0; 441 } 442 443 if (outsize < ctx->bufsz) { 444 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 445 return 0; 446 } 447 memcpy(out, ctx->buf, ctx->bufsz); 448 *outl = ctx->bufsz; 449 ctx->bufsz = 0; 450 return 1; 451} 452 453int ossl_cipher_generic_stream_update(void *vctx, unsigned char *out, 454 size_t *outl, size_t outsize, 455 const unsigned char *in, size_t inl) 456{ 457 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 458 459 if (inl == 0) { 460 *outl = 0; 461 return 1; 462 } 463 464 if (outsize < inl) { 465 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 466 return 0; 467 } 468 469 if (!ctx->hw->cipher(ctx, out, in, inl)) { 470 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 471 return 0; 472 } 473 474 *outl = inl; 475 if (!ctx->enc && ctx->tlsversion > 0) { 476 /* 477 * Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and 478 * cipher_aes_cbc_hmac_sha256_hw.c 479 */ 480 if (ctx->removetlspad) { 481 /* 482 * We should have already failed in the cipher() call above if this 483 * isn't true. 484 */ 485 if (!ossl_assert(*outl >= (size_t)(out[inl - 1] + 1))) 486 return 0; 487 /* The actual padding length */ 488 *outl -= out[inl - 1] + 1; 489 } 490 491 /* TLS MAC and explicit IV if relevant. We should have already failed 492 * in the cipher() call above if *outl is too short. 493 */ 494 if (!ossl_assert(*outl >= ctx->removetlsfixed)) 495 return 0; 496 *outl -= ctx->removetlsfixed; 497 498 /* Extract the MAC if there is one */ 499 if (ctx->tlsmacsize > 0) { 500 if (*outl < ctx->tlsmacsize) 501 return 0; 502 503 ctx->tlsmac = out + *outl - ctx->tlsmacsize; 504 *outl -= ctx->tlsmacsize; 505 } 506 } 507 508 return 1; 509} 510int ossl_cipher_generic_stream_final(void *vctx, unsigned char *out, 511 size_t *outl, size_t outsize) 512{ 513 if (!ossl_prov_is_running()) 514 return 0; 515 516 *outl = 0; 517 return 1; 518} 519 520int ossl_cipher_generic_cipher(void *vctx, unsigned char *out, size_t *outl, 521 size_t outsize, const unsigned char *in, 522 size_t inl) 523{ 524 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 525 526 if (!ossl_prov_is_running()) 527 return 0; 528 529 if (outsize < inl) { 530 ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); 531 return 0; 532 } 533 534 if (!ctx->hw->cipher(ctx, out, in, inl)) { 535 ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); 536 return 0; 537 } 538 539 *outl = inl; 540 return 1; 541} 542 543int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) 544{ 545 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 546 OSSL_PARAM *p; 547 548 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); 549 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->ivlen)) { 550 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 551 return 0; 552 } 553 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING); 554 if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad)) { 555 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 556 return 0; 557 } 558 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); 559 if (p != NULL 560 && !OSSL_PARAM_set_octet_ptr(p, &ctx->oiv, ctx->ivlen) 561 && !OSSL_PARAM_set_octet_string(p, &ctx->oiv, ctx->ivlen)) { 562 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 563 return 0; 564 } 565 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); 566 if (p != NULL 567 && !OSSL_PARAM_set_octet_ptr(p, &ctx->iv, ctx->ivlen) 568 && !OSSL_PARAM_set_octet_string(p, &ctx->iv, ctx->ivlen)) { 569 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 570 return 0; 571 } 572 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_NUM); 573 if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->num)) { 574 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 575 return 0; 576 } 577 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); 578 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { 579 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 580 return 0; 581 } 582 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS_MAC); 583 if (p != NULL 584 && !OSSL_PARAM_set_octet_ptr(p, ctx->tlsmac, ctx->tlsmacsize)) { 585 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); 586 return 0; 587 } 588 return 1; 589} 590 591int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 592{ 593 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 594 const OSSL_PARAM *p; 595 596 if (params == NULL) 597 return 1; 598 599 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_PADDING); 600 if (p != NULL) { 601 unsigned int pad; 602 603 if (!OSSL_PARAM_get_uint(p, &pad)) { 604 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 605 return 0; 606 } 607 ctx->pad = pad ? 1 : 0; 608 } 609 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_USE_BITS); 610 if (p != NULL) { 611 unsigned int bits; 612 613 if (!OSSL_PARAM_get_uint(p, &bits)) { 614 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 615 return 0; 616 } 617 ctx->use_bits = bits ? 1 : 0; 618 } 619 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION); 620 if (p != NULL) { 621 if (!OSSL_PARAM_get_uint(p, &ctx->tlsversion)) { 622 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 623 return 0; 624 } 625 } 626 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_MAC_SIZE); 627 if (p != NULL) { 628 if (!OSSL_PARAM_get_size_t(p, &ctx->tlsmacsize)) { 629 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 630 return 0; 631 } 632 } 633 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_NUM); 634 if (p != NULL) { 635 unsigned int num; 636 637 if (!OSSL_PARAM_get_uint(p, &num)) { 638 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); 639 return 0; 640 } 641 ctx->num = num; 642 } 643 return 1; 644} 645 646int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, 647 size_t ivlen) 648{ 649 if (ivlen != ctx->ivlen 650 || ivlen > sizeof(ctx->iv)) { 651 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); 652 return 0; 653 } 654 ctx->iv_set = 1; 655 memcpy(ctx->iv, iv, ivlen); 656 memcpy(ctx->oiv, iv, ivlen); 657 return 1; 658} 659 660void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, 661 size_t ivbits, unsigned int mode, 662 uint64_t flags, const PROV_CIPHER_HW *hw, 663 void *provctx) 664{ 665 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; 666 667 if ((flags & PROV_CIPHER_FLAG_INVERSE_CIPHER) != 0) 668 ctx->inverse_cipher = 1; 669 if ((flags & PROV_CIPHER_FLAG_VARIABLE_LENGTH) != 0) 670 ctx->variable_keylength = 1; 671 672 ctx->pad = 1; 673 ctx->keylen = ((kbits) / 8); 674 ctx->ivlen = ((ivbits) / 8); 675 ctx->hw = hw; 676 ctx->mode = mode; 677 ctx->blocksize = blkbits / 8; 678 if (provctx != NULL) 679 ctx->libctx = PROV_LIBCTX_OF(provctx); /* used for rand */ 680} 681