1 /* $OpenBSD: evp_locl.h,v 1.15 2018/11/24 11:16:44 tb Exp $ */ 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 2000. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 __BEGIN_HIDDEN_DECLS 60 61 /* Macros to code block cipher wrappers */ 62 63 /* Wrapper functions for each cipher mode */ 64 65 #define BLOCK_CIPHER_ecb_loop() \ 66 size_t i, bl; \ 67 bl = ctx->cipher->block_size;\ 68 if(inl < bl) return 1;\ 69 inl -= bl; \ 70 for(i=0; i <= inl; i+=bl) 71 72 #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ 73 static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ 74 {\ 75 BLOCK_CIPHER_ecb_loop() \ 76 cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\ 77 return 1;\ 78 } 79 80 #define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2)) 81 82 #define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ 83 static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ 84 {\ 85 while(inl>=EVP_MAXCHUNK)\ 86 {\ 87 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ 88 inl-=EVP_MAXCHUNK;\ 89 in +=EVP_MAXCHUNK;\ 90 out+=EVP_MAXCHUNK;\ 91 }\ 92 if (inl)\ 93 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\ 94 return 1;\ 95 } 96 97 #define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ 98 static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ 99 {\ 100 while(inl>=EVP_MAXCHUNK) \ 101 {\ 102 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ 103 inl-=EVP_MAXCHUNK;\ 104 in +=EVP_MAXCHUNK;\ 105 out+=EVP_MAXCHUNK;\ 106 }\ 107 if (inl)\ 108 cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\ 109 return 1;\ 110 } 111 112 #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ 113 static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ 114 {\ 115 size_t chunk=EVP_MAXCHUNK;\ 116 if (cbits==1) chunk>>=3;\ 117 if (inl<chunk) chunk=inl;\ 118 while(inl && inl>=chunk)\ 119 {\ 120 cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ 121 inl-=chunk;\ 122 in +=chunk;\ 123 out+=chunk;\ 124 if(inl<chunk) chunk=inl;\ 125 }\ 126 return 1;\ 127 } 128 129 #define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ 130 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ 131 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ 132 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ 133 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) 134 135 #define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \ 136 key_len, iv_len, flags, init_key, cleanup, \ 137 set_asn1, get_asn1, ctrl) \ 138 static const EVP_CIPHER cname##_##mode = { \ 139 nid##_##nmode, block_size, key_len, iv_len, \ 140 flags | EVP_CIPH_##MODE##_MODE, \ 141 init_key, \ 142 cname##_##mode##_cipher, \ 143 cleanup, \ 144 sizeof(kstruct), \ 145 set_asn1, get_asn1,\ 146 ctrl, \ 147 NULL \ 148 }; \ 149 const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; } 150 151 #define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \ 152 iv_len, flags, init_key, cleanup, set_asn1, \ 153 get_asn1, ctrl) \ 154 BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ 155 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) 156 157 #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ 158 iv_len, cbits, flags, init_key, cleanup, \ 159 set_asn1, get_asn1, ctrl) \ 160 BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ 161 key_len, iv_len, flags, init_key, cleanup, set_asn1, \ 162 get_asn1, ctrl) 163 164 #define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \ 165 iv_len, cbits, flags, init_key, cleanup, \ 166 set_asn1, get_asn1, ctrl) \ 167 BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \ 168 key_len, iv_len, flags, init_key, cleanup, set_asn1, \ 169 get_asn1, ctrl) 170 171 #define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \ 172 flags, init_key, cleanup, set_asn1, \ 173 get_asn1, ctrl) \ 174 BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \ 175 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) 176 177 #define BLOCK_CIPHER_defs(cname, kstruct, \ 178 nid, block_size, key_len, iv_len, cbits, flags, \ 179 init_key, cleanup, set_asn1, get_asn1, ctrl) \ 180 BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ 181 init_key, cleanup, set_asn1, get_asn1, ctrl) \ 182 BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \ 183 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ 184 BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \ 185 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ 186 BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \ 187 init_key, cleanup, set_asn1, get_asn1, ctrl) 188 189 190 /* 191 #define BLOCK_CIPHER_defs(cname, kstruct, \ 192 nid, block_size, key_len, iv_len, flags,\ 193 init_key, cleanup, set_asn1, get_asn1, ctrl)\ 194 static const EVP_CIPHER cname##_cbc = {\ 195 nid##_cbc, block_size, key_len, iv_len, \ 196 flags | EVP_CIPH_CBC_MODE,\ 197 init_key,\ 198 cname##_cbc_cipher,\ 199 cleanup,\ 200 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ 201 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ 202 set_asn1, get_asn1,\ 203 ctrl, \ 204 NULL \ 205 };\ 206 const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ 207 static const EVP_CIPHER cname##_cfb = {\ 208 nid##_cfb64, 1, key_len, iv_len, \ 209 flags | EVP_CIPH_CFB_MODE,\ 210 init_key,\ 211 cname##_cfb_cipher,\ 212 cleanup,\ 213 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ 214 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ 215 set_asn1, get_asn1,\ 216 ctrl,\ 217 NULL \ 218 };\ 219 const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ 220 static const EVP_CIPHER cname##_ofb = {\ 221 nid##_ofb64, 1, key_len, iv_len, \ 222 flags | EVP_CIPH_OFB_MODE,\ 223 init_key,\ 224 cname##_ofb_cipher,\ 225 cleanup,\ 226 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ 227 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ 228 set_asn1, get_asn1,\ 229 ctrl,\ 230 NULL \ 231 };\ 232 const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ 233 static const EVP_CIPHER cname##_ecb = {\ 234 nid##_ecb, block_size, key_len, iv_len, \ 235 flags | EVP_CIPH_ECB_MODE,\ 236 init_key,\ 237 cname##_ecb_cipher,\ 238 cleanup,\ 239 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ 240 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ 241 set_asn1, get_asn1,\ 242 ctrl,\ 243 NULL \ 244 };\ 245 const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } 246 */ 247 248 #define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ 249 block_size, key_len, iv_len, cbits, \ 250 flags, init_key, \ 251 cleanup, set_asn1, get_asn1, ctrl) \ 252 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ 253 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ 254 cbits, flags, init_key, cleanup, set_asn1, \ 255 get_asn1, ctrl) 256 257 #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) 258 259 #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ 260 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ 261 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ 262 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ 263 0, cipher##_init_key, NULL, \ 264 EVP_CIPHER_set_asn1_iv, \ 265 EVP_CIPHER_get_asn1_iv, \ 266 NULL) 267 268 struct evp_pkey_ctx_st { 269 /* Method associated with this operation */ 270 const EVP_PKEY_METHOD *pmeth; 271 /* Engine that implements this method or NULL if builtin */ 272 ENGINE *engine; 273 /* Key: may be NULL */ 274 EVP_PKEY *pkey; 275 /* Peer key for key agreement, may be NULL */ 276 EVP_PKEY *peerkey; 277 /* Actual operation */ 278 int operation; 279 /* Algorithm specific data */ 280 void *data; 281 /* Application specific data */ 282 void *app_data; 283 /* Keygen callback */ 284 EVP_PKEY_gen_cb *pkey_gencb; 285 /* implementation specific keygen data */ 286 int *keygen_info; 287 int keygen_info_count; 288 } /* EVP_PKEY_CTX */; 289 290 #define EVP_PKEY_FLAG_DYNAMIC 1 291 292 struct evp_pkey_method_st { 293 int pkey_id; 294 int flags; 295 296 int (*init)(EVP_PKEY_CTX *ctx); 297 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); 298 void (*cleanup)(EVP_PKEY_CTX *ctx); 299 300 int (*paramgen_init)(EVP_PKEY_CTX *ctx); 301 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); 302 303 int (*keygen_init)(EVP_PKEY_CTX *ctx); 304 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); 305 306 int (*sign_init)(EVP_PKEY_CTX *ctx); 307 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 308 const unsigned char *tbs, size_t tbslen); 309 310 int (*verify_init)(EVP_PKEY_CTX *ctx); 311 int (*verify)(EVP_PKEY_CTX *ctx, 312 const unsigned char *sig, size_t siglen, 313 const unsigned char *tbs, size_t tbslen); 314 315 int (*verify_recover_init)(EVP_PKEY_CTX *ctx); 316 int (*verify_recover)(EVP_PKEY_CTX *ctx, 317 unsigned char *rout, size_t *routlen, 318 const unsigned char *sig, size_t siglen); 319 320 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); 321 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 322 EVP_MD_CTX *mctx); 323 324 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); 325 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, 326 int siglen, EVP_MD_CTX *mctx); 327 328 int (*encrypt_init)(EVP_PKEY_CTX *ctx); 329 int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 330 const unsigned char *in, size_t inlen); 331 332 int (*decrypt_init)(EVP_PKEY_CTX *ctx); 333 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 334 const unsigned char *in, size_t inlen); 335 336 int (*derive_init)(EVP_PKEY_CTX *ctx); 337 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); 338 339 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); 340 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); 341 } /* EVP_PKEY_METHOD */; 342 343 void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); 344 345 int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, 346 ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de); 347 348 /* EVP_AEAD represents a specific AEAD algorithm. */ 349 struct evp_aead_st { 350 unsigned char key_len; 351 unsigned char nonce_len; 352 unsigned char overhead; 353 unsigned char max_tag_len; 354 355 int (*init)(struct evp_aead_ctx_st*, const unsigned char *key, 356 size_t key_len, size_t tag_len); 357 void (*cleanup)(struct evp_aead_ctx_st*); 358 359 int (*seal)(const struct evp_aead_ctx_st *ctx, unsigned char *out, 360 size_t *out_len, size_t max_out_len, const unsigned char *nonce, 361 size_t nonce_len, const unsigned char *in, size_t in_len, 362 const unsigned char *ad, size_t ad_len); 363 364 int (*open)(const struct evp_aead_ctx_st *ctx, unsigned char *out, 365 size_t *out_len, size_t max_out_len, const unsigned char *nonce, 366 size_t nonce_len, const unsigned char *in, size_t in_len, 367 const unsigned char *ad, size_t ad_len); 368 }; 369 370 __END_HIDDEN_DECLS 371