laantungir/nostr_core_lib
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adding in curl and openssl repos

Browse Source
This commit is contained in:
Laan Tungir
2025-08-14 12:09:30 -04:00
parent af2117b574
commit 0ace93e303
21174 changed files with 3607720 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

254
openssl-3.4.2/providers/implementations/macs/blake2_mac_impl.c Normal file
View File

@@ -0,0 +1,254 @@
/*
* Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/proverr.h>
#include "prov/blake2.h"
#include "internal/cryptlib.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn blake2_mac_new;
static OSSL_FUNC_mac_dupctx_fn blake2_mac_dup;
static OSSL_FUNC_mac_freectx_fn blake2_mac_free;
static OSSL_FUNC_mac_gettable_ctx_params_fn blake2_gettable_ctx_params;
static OSSL_FUNC_mac_get_ctx_params_fn blake2_get_ctx_params;
static OSSL_FUNC_mac_settable_ctx_params_fn blake2_mac_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn blake2_mac_set_ctx_params;
static OSSL_FUNC_mac_init_fn blake2_mac_init;
static OSSL_FUNC_mac_update_fn blake2_mac_update;
static OSSL_FUNC_mac_final_fn blake2_mac_final;
struct blake2_mac_data_st {
BLAKE2_CTX ctx;
BLAKE2_PARAM params;
unsigned char key[BLAKE2_KEYBYTES];
};
static void *blake2_mac_new(void *unused_provctx)
{
struct blake2_mac_data_st *macctx;
if (!ossl_prov_is_running())
return NULL;
macctx = OPENSSL_zalloc(sizeof(*macctx));
if (macctx != NULL) {
BLAKE2_PARAM_INIT(&macctx->params);
/* ctx initialization is deferred to BLAKE2b_Init() */
}
return macctx;
}
static void *blake2_mac_dup(void *vsrc)
{
struct blake2_mac_data_st *dst;
struct blake2_mac_data_st *src = vsrc;
if (!ossl_prov_is_running())
return NULL;
dst = OPENSSL_zalloc(sizeof(*dst));
if (dst == NULL)
return NULL;
*dst = *src;
return dst;
}
static void blake2_mac_free(void *vmacctx)
{
struct blake2_mac_data_st *macctx = vmacctx;
if (macctx != NULL) {
OPENSSL_cleanse(macctx->key, sizeof(macctx->key));
OPENSSL_free(macctx);
}
}
static size_t blake2_mac_size(void *vmacctx)
{
struct blake2_mac_data_st *macctx = vmacctx;
return macctx->params.digest_length;
}
static int blake2_setkey(struct blake2_mac_data_st *macctx,
const unsigned char *key, size_t keylen)
{
if (keylen > BLAKE2_KEYBYTES || keylen == 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
memcpy(macctx->key, key, keylen);
/* Pad with zeroes at the end if required */
if (keylen < BLAKE2_KEYBYTES)
memset(macctx->key + keylen, 0, BLAKE2_KEYBYTES - keylen);
BLAKE2_PARAM_SET_KEY_LENGTH(&macctx->params, (uint8_t)keylen);
return 1;
}
static int blake2_mac_init(void *vmacctx, const unsigned char *key,
size_t keylen, const OSSL_PARAM params[])
{
struct blake2_mac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running() || !blake2_mac_set_ctx_params(macctx, params))
return 0;
if (key != NULL) {
if (!blake2_setkey(macctx, key, keylen))
return 0;
} else if (macctx->params.key_length == 0) {
/* Check key has been set */
ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
return 0;
}
return BLAKE2_INIT_KEY(&macctx->ctx, &macctx->params, macctx->key);
}
static int blake2_mac_update(void *vmacctx,
const unsigned char *data, size_t datalen)
{
struct blake2_mac_data_st *macctx = vmacctx;
if (datalen == 0)
return 1;
return BLAKE2_UPDATE(&macctx->ctx, data, datalen);
}
static int blake2_mac_final(void *vmacctx,
unsigned char *out, size_t *outl,
size_t outsize)
{
struct blake2_mac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running())
return 0;
*outl = blake2_mac_size(macctx);
return BLAKE2_FINAL(out, &macctx->ctx);
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *blake2_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_gettable_ctx_params;
}
static int blake2_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, BLAKE2_BLOCKBYTES))
return 0;
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_SALT, NULL, 0),
OSSL_PARAM_END
};
static const OSSL_PARAM *blake2_mac_settable_ctx_params(
ossl_unused void *ctx, ossl_unused void *p_ctx)
{
return known_settable_ctx_params;
}
/*
* ALL parameters should be set before init().
*/
static int blake2_mac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
struct blake2_mac_data_st *macctx = vmacctx;
const OSSL_PARAM *p;
if (params == NULL)
return 1;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
size_t size;
if (!OSSL_PARAM_get_size_t(p, &size)
|| size < 1
|| size > BLAKE2_OUTBYTES) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_XOF_OR_INVALID_LENGTH);
return 0;
}
BLAKE2_PARAM_SET_DIGEST_LENGTH(&macctx->params, (uint8_t)size);
}
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL
&& !blake2_setkey(macctx, p->data, p->data_size))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM))
!= NULL) {
/*
* The OSSL_PARAM API doesn't provide direct pointer use, so we
* must handle the OSSL_PARAM structure ourselves here
*/
if (p->data_size > BLAKE2_PERSONALBYTES) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CUSTOM_LENGTH);
return 0;
}
BLAKE2_PARAM_SET_PERSONAL(&macctx->params, p->data, p->data_size);
}
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SALT)) != NULL) {
/*
* The OSSL_PARAM API doesn't provide direct pointer use, so we
* must handle the OSSL_PARAM structure ourselves here as well
*/
if (p->data_size > BLAKE2_SALTBYTES) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH);
return 0;
}
BLAKE2_PARAM_SET_SALT(&macctx->params, p->data, p->data_size);
}
return 1;
}
const OSSL_DISPATCH BLAKE2_FUNCTIONS[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))blake2_mac_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))blake2_mac_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))blake2_mac_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))blake2_mac_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))blake2_mac_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))blake2_mac_final },
{ OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS,
(void (*)(void))blake2_gettable_ctx_params },
{ OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))blake2_get_ctx_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))blake2_mac_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))blake2_mac_set_ctx_params },
OSSL_DISPATCH_END
};

33
openssl-3.4.2/providers/implementations/macs/blake2b_mac.c Normal file
View File

@@ -0,0 +1,33 @@
/*
* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Constants */
#define BLAKE2_CTX BLAKE2B_CTX
#define BLAKE2_PARAM BLAKE2B_PARAM
#define BLAKE2_KEYBYTES BLAKE2B_KEYBYTES
#define BLAKE2_OUTBYTES BLAKE2B_OUTBYTES
#define BLAKE2_PERSONALBYTES BLAKE2B_PERSONALBYTES
#define BLAKE2_SALTBYTES BLAKE2B_SALTBYTES
#define BLAKE2_BLOCKBYTES BLAKE2B_BLOCKBYTES
/* Function names */
#define BLAKE2_PARAM_INIT ossl_blake2b_param_init
#define BLAKE2_INIT_KEY ossl_blake2b_init_key
#define BLAKE2_UPDATE ossl_blake2b_update
#define BLAKE2_FINAL ossl_blake2b_final
#define BLAKE2_PARAM_SET_DIGEST_LENGTH ossl_blake2b_param_set_digest_length
#define BLAKE2_PARAM_SET_KEY_LENGTH ossl_blake2b_param_set_key_length
#define BLAKE2_PARAM_SET_PERSONAL ossl_blake2b_param_set_personal
#define BLAKE2_PARAM_SET_SALT ossl_blake2b_param_set_salt
/* OSSL_DISPATCH symbol */
#define BLAKE2_FUNCTIONS ossl_blake2bmac_functions
#include "blake2_mac_impl.c"

32
openssl-3.4.2/providers/implementations/macs/blake2s_mac.c Normal file
View File

@@ -0,0 +1,32 @@
/*
* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Constants */
#define BLAKE2_CTX BLAKE2S_CTX
#define BLAKE2_PARAM BLAKE2S_PARAM
#define BLAKE2_KEYBYTES BLAKE2S_KEYBYTES
#define BLAKE2_OUTBYTES BLAKE2S_OUTBYTES
#define BLAKE2_PERSONALBYTES BLAKE2S_PERSONALBYTES
#define BLAKE2_SALTBYTES BLAKE2S_SALTBYTES
#define BLAKE2_BLOCKBYTES BLAKE2S_BLOCKBYTES
/* Function names */
#define BLAKE2_PARAM_INIT ossl_blake2s_param_init
#define BLAKE2_INIT_KEY ossl_blake2s_init_key
#define BLAKE2_UPDATE ossl_blake2s_update
#define BLAKE2_FINAL ossl_blake2s_final
#define BLAKE2_PARAM_SET_DIGEST_LENGTH ossl_blake2s_param_set_digest_length
#define BLAKE2_PARAM_SET_KEY_LENGTH ossl_blake2s_param_set_key_length
#define BLAKE2_PARAM_SET_PERSONAL ossl_blake2s_param_set_personal
#define BLAKE2_PARAM_SET_SALT ossl_blake2s_param_set_salt
/* OSSL_DISPATCH symbol */
#define BLAKE2_FUNCTIONS ossl_blake2smac_functions
#include "blake2_mac_impl.c"

30
openssl-3.4.2/providers/implementations/macs/build.info Normal file
View File

@@ -0,0 +1,30 @@
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
$GMAC_GOAL=../../libdefault.a ../../libfips.a
$HMAC_GOAL=../../libdefault.a ../../libfips.a
$KMAC_GOAL=../../libdefault.a ../../libfips.a
$CMAC_GOAL=../../libdefault.a ../../libfips.a
$BLAKE2_GOAL=../../libdefault.a
$SIPHASH_GOAL=../../libdefault.a
$POLY1305_GOAL=../../libdefault.a
SOURCE[$GMAC_GOAL]=gmac_prov.c
SOURCE[$HMAC_GOAL]=hmac_prov.c
SOURCE[$KMAC_GOAL]=kmac_prov.c
IF[{- !$disabled{cmac} -}]
SOURCE[$CMAC_GOAL]=cmac_prov.c
ENDIF
IF[{- !$disabled{blake2} -}]
SOURCE[$BLAKE2_GOAL]=blake2b_mac.c blake2s_mac.c
ENDIF
IF[{- !$disabled{siphash} -}]
SOURCE[$SIPHASH_GOAL]=siphash_prov.c
ENDIF
IF[{- !$disabled{poly1305} -}]
SOURCE[$POLY1305_GOAL]=poly1305_prov.c
ENDIF

307
openssl-3.4.2/providers/implementations/macs/cmac_prov.c Normal file
View File

@@ -0,0 +1,307 @@
/*
* Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* CMAC low level APIs are deprecated for public use, but still ok for internal
* use.
*/
#include "internal/deprecated.h"
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/cmac.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
#include "prov/securitycheck.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
#include "prov/providercommon.h"
#include "crypto/cmac.h"
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn cmac_new;
static OSSL_FUNC_mac_dupctx_fn cmac_dup;
static OSSL_FUNC_mac_freectx_fn cmac_free;
static OSSL_FUNC_mac_gettable_ctx_params_fn cmac_gettable_ctx_params;
static OSSL_FUNC_mac_get_ctx_params_fn cmac_get_ctx_params;
static OSSL_FUNC_mac_settable_ctx_params_fn cmac_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn cmac_set_ctx_params;
static OSSL_FUNC_mac_init_fn cmac_init;
static OSSL_FUNC_mac_update_fn cmac_update;
static OSSL_FUNC_mac_final_fn cmac_final;
/* local CMAC data */
struct cmac_data_st {
void *provctx;
CMAC_CTX *ctx;
PROV_CIPHER cipher;
OSSL_FIPS_IND_DECLARE
};
static void *cmac_new(void *provctx)
{
struct cmac_data_st *macctx;
if (!ossl_prov_is_running())
return NULL;
if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
|| (macctx->ctx = CMAC_CTX_new()) == NULL) {
OPENSSL_free(macctx);
macctx = NULL;
} else {
macctx->provctx = provctx;
OSSL_FIPS_IND_INIT(macctx)
}
return macctx;
}
static void cmac_free(void *vmacctx)
{
struct cmac_data_st *macctx = vmacctx;
if (macctx != NULL) {
CMAC_CTX_free(macctx->ctx);
ossl_prov_cipher_reset(&macctx->cipher);
OPENSSL_free(macctx);
}
}
static void *cmac_dup(void *vsrc)
{
struct cmac_data_st *src = vsrc;
struct cmac_data_st *dst;
if (!ossl_prov_is_running())
return NULL;
dst = cmac_new(src->provctx);
if (dst == NULL)
return NULL;
if (!CMAC_CTX_copy(dst->ctx, src->ctx)
|| !ossl_prov_cipher_copy(&dst->cipher, &src->cipher)) {
cmac_free(dst);
return NULL;
}
OSSL_FIPS_IND_COPY(dst, src)
return dst;
}
static size_t cmac_size(void *vmacctx)
{
struct cmac_data_st *macctx = vmacctx;
const EVP_CIPHER_CTX *cipherctx = CMAC_CTX_get0_cipher_ctx(macctx->ctx);
if (EVP_CIPHER_CTX_get0_cipher(cipherctx) == NULL)
return 0;
return EVP_CIPHER_CTX_get_block_size(cipherctx);
}
#ifdef FIPS_MODULE
/*
* TDES Encryption is not approved in FIPS 140-3.
*
* In strict approved mode we just fail here (by returning 0).
* If we are going to bypass it using a FIPS indicator then we need to pass that
* information down to the cipher also.
* This function returns the param to pass down in 'p'.
* state will return OSSL_FIPS_IND_STATE_UNKNOWN if the param has not been set.
*
* The name 'OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK' used below matches the
* key name used by the Triple-DES.
*/
static int tdes_check_param(struct cmac_data_st *macctx, OSSL_PARAM *p,
int *state)
{
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(macctx->provctx);
const EVP_CIPHER *cipher = ossl_prov_cipher_cipher(&macctx->cipher);
*state = OSSL_FIPS_IND_STATE_UNKNOWN;
if (EVP_CIPHER_is_a(cipher, "DES-EDE3-CBC")) {
if (!OSSL_FIPS_IND_ON_UNAPPROVED(macctx, OSSL_FIPS_IND_SETTABLE0,
libctx, "CMAC", "Triple-DES",
ossl_fips_config_tdes_encrypt_disallowed))
return 0;
OSSL_FIPS_IND_GET_PARAM(macctx, p, state, OSSL_FIPS_IND_SETTABLE0,
OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK)
}
return 1;
}
#endif
static int cmac_setkey(struct cmac_data_st *macctx,
const unsigned char *key, size_t keylen)
{
int rv;
OSSL_PARAM *p = NULL;
#ifdef FIPS_MODULE
int state = OSSL_FIPS_IND_STATE_UNKNOWN;
OSSL_PARAM prms[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
if (!tdes_check_param(macctx, &prms[0], &state))
return 0;
if (state != OSSL_FIPS_IND_STATE_UNKNOWN)
p = prms;
#endif
rv = ossl_cmac_init(macctx->ctx, key, keylen,
ossl_prov_cipher_cipher(&macctx->cipher),
ossl_prov_cipher_engine(&macctx->cipher), p);
ossl_prov_cipher_reset(&macctx->cipher);
return rv;
}
static int cmac_init(void *vmacctx, const unsigned char *key,
size_t keylen, const OSSL_PARAM params[])
{
struct cmac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running() || !cmac_set_ctx_params(macctx, params))
return 0;
if (key != NULL)
return cmac_setkey(macctx, key, keylen);
/* Reinitialize the CMAC context */
return CMAC_Init(macctx->ctx, NULL, 0, NULL, NULL);
}
static int cmac_update(void *vmacctx, const unsigned char *data,
size_t datalen)
{
struct cmac_data_st *macctx = vmacctx;
return CMAC_Update(macctx->ctx, data, datalen);
}
static int cmac_final(void *vmacctx, unsigned char *out, size_t *outl,
size_t outsize)
{
struct cmac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running())
return 0;
return CMAC_Final(macctx->ctx, out, outl);
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END
};
static const OSSL_PARAM *cmac_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_gettable_ctx_params;
}
static int cmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)))
return 0;
if (!OSSL_FIPS_IND_GET_CTX_PARAM((struct cmac_data_st *)vmacctx, params))
return 0;
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_CIPHER, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK)
OSSL_PARAM_END
};
static const OSSL_PARAM *cmac_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_settable_ctx_params;
}
/*
* ALL parameters should be set before init().
*/
static int cmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
struct cmac_data_st *macctx = vmacctx;
OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx);
const OSSL_PARAM *p;
if (params == NULL)
return 1;
if (!OSSL_FIPS_IND_SET_CTX_PARAM(macctx,
OSSL_FIPS_IND_SETTABLE0, params,
OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, ctx))
return 0;
if (EVP_CIPHER_get_mode(ossl_prov_cipher_cipher(&macctx->cipher))
!= EVP_CIPH_CBC_MODE) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
return 0;
}
#ifdef FIPS_MODULE
{
const EVP_CIPHER *cipher = ossl_prov_cipher_cipher(&macctx->cipher);
if (!EVP_CIPHER_is_a(cipher, "AES-256-CBC")
&& !EVP_CIPHER_is_a(cipher, "AES-192-CBC")
&& !EVP_CIPHER_is_a(cipher, "AES-128-CBC")
&& !EVP_CIPHER_is_a(cipher, "DES-EDE3-CBC")) {
ERR_raise(ERR_LIB_PROV, EVP_R_UNSUPPORTED_CIPHER);
return 0;
}
}
#endif
}
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
return cmac_setkey(macctx, p->data, p->data_size);
}
return 1;
}
const OSSL_DISPATCH ossl_cmac_functions[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))cmac_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))cmac_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))cmac_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))cmac_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))cmac_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))cmac_final },
{ OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS,
(void (*)(void))cmac_gettable_ctx_params },
{ OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))cmac_get_ctx_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))cmac_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))cmac_set_ctx_params },
OSSL_DISPATCH_END
};

259
openssl-3.4.2/providers/implementations/macs/gmac_prov.c Normal file
View File

@@ -0,0 +1,259 @@
/*
* Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdlib.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn gmac_new;
static OSSL_FUNC_mac_dupctx_fn gmac_dup;
static OSSL_FUNC_mac_freectx_fn gmac_free;
static OSSL_FUNC_mac_gettable_params_fn gmac_gettable_params;
static OSSL_FUNC_mac_get_params_fn gmac_get_params;
static OSSL_FUNC_mac_settable_ctx_params_fn gmac_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn gmac_set_ctx_params;
static OSSL_FUNC_mac_init_fn gmac_init;
static OSSL_FUNC_mac_update_fn gmac_update;
static OSSL_FUNC_mac_final_fn gmac_final;
/* local GMAC pkey structure */
struct gmac_data_st {
void *provctx;
EVP_CIPHER_CTX *ctx; /* Cipher context */
PROV_CIPHER cipher;
};
static void gmac_free(void *vmacctx)
{
struct gmac_data_st *macctx = vmacctx;
if (macctx != NULL) {
EVP_CIPHER_CTX_free(macctx->ctx);
ossl_prov_cipher_reset(&macctx->cipher);
OPENSSL_free(macctx);
}
}
static void *gmac_new(void *provctx)
{
struct gmac_data_st *macctx;
if (!ossl_prov_is_running())
return NULL;
if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
|| (macctx->ctx = EVP_CIPHER_CTX_new()) == NULL) {
gmac_free(macctx);
return NULL;
}
macctx->provctx = provctx;
return macctx;
}
static void *gmac_dup(void *vsrc)
{
struct gmac_data_st *src = vsrc;
struct gmac_data_st *dst;
if (!ossl_prov_is_running())
return NULL;
dst = gmac_new(src->provctx);
if (dst == NULL)
return NULL;
if (!EVP_CIPHER_CTX_copy(dst->ctx, src->ctx)
|| !ossl_prov_cipher_copy(&dst->cipher, &src->cipher)) {
gmac_free(dst);
return NULL;
}
return dst;
}
static size_t gmac_size(void)
{
return EVP_GCM_TLS_TAG_LEN;
}
static int gmac_setkey(struct gmac_data_st *macctx,
const unsigned char *key, size_t keylen)
{
EVP_CIPHER_CTX *ctx = macctx->ctx;
if (keylen != (size_t)EVP_CIPHER_CTX_get_key_length(ctx)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL))
return 0;
return 1;
}
static int gmac_init(void *vmacctx, const unsigned char *key,
size_t keylen, const OSSL_PARAM params[])
{
struct gmac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running() || !gmac_set_ctx_params(macctx, params))
return 0;
if (key != NULL)
return gmac_setkey(macctx, key, keylen);
return EVP_EncryptInit_ex(macctx->ctx, NULL, NULL, NULL, NULL);
}
static int gmac_update(void *vmacctx, const unsigned char *data,
size_t datalen)
{
struct gmac_data_st *macctx = vmacctx;
EVP_CIPHER_CTX *ctx = macctx->ctx;
int outlen;
if (datalen == 0)
return 1;
while (datalen > INT_MAX) {
if (!EVP_EncryptUpdate(ctx, NULL, &outlen, data, INT_MAX))
return 0;
data += INT_MAX;
datalen -= INT_MAX;
}
return EVP_EncryptUpdate(ctx, NULL, &outlen, data, datalen);
}
static int gmac_final(void *vmacctx, unsigned char *out, size_t *outl,
size_t outsize)
{
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
struct gmac_data_st *macctx = vmacctx;
int hlen = 0;
if (!ossl_prov_is_running())
return 0;
if (!EVP_EncryptFinal_ex(macctx->ctx, out, &hlen))
return 0;
hlen = gmac_size();
params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG,
out, (size_t)hlen);
if (!EVP_CIPHER_CTX_get_params(macctx->ctx, params))
return 0;
*outl = hlen;
return 1;
}
static const OSSL_PARAM known_gettable_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *gmac_gettable_params(void *provctx)
{
return known_gettable_params;
}
static int gmac_get_params(OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, gmac_size());
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_CIPHER, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_IV, NULL, 0),
OSSL_PARAM_END
};
static const OSSL_PARAM *gmac_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_settable_ctx_params;
}
/*
* ALL parameters should be set before init().
*/
static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
struct gmac_data_st *macctx = vmacctx;
EVP_CIPHER_CTX *ctx = macctx->ctx;
OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(macctx->provctx);
const OSSL_PARAM *p;
if (params == NULL)
return 1;
if (ctx == NULL)
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, provctx))
return 0;
if (EVP_CIPHER_get_mode(ossl_prov_cipher_cipher(&macctx->cipher))
!= EVP_CIPH_GCM_MODE) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
return 0;
}
if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher),
ossl_prov_cipher_engine(&macctx->cipher), NULL,
NULL))
return 0;
}
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL)
if (p->data_type != OSSL_PARAM_OCTET_STRING
|| !gmac_setkey(macctx, p->data, p->data_size))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_IV)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
p->data_size, NULL) <= 0
|| !EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, p->data))
return 0;
}
return 1;
}
const OSSL_DISPATCH ossl_gmac_functions[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))gmac_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))gmac_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))gmac_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))gmac_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))gmac_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))gmac_final },
{ OSSL_FUNC_MAC_GETTABLE_PARAMS, (void (*)(void))gmac_gettable_params },
{ OSSL_FUNC_MAC_GET_PARAMS, (void (*)(void))gmac_get_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))gmac_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))gmac_set_ctx_params },
OSSL_DISPATCH_END
};

403
openssl-3.4.2/providers/implementations/macs/hmac_prov.c Normal file
View File

@@ -0,0 +1,403 @@
/*
* Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* HMAC low level APIs are deprecated for public use, but still ok for internal
* use.
*/
#include "internal/deprecated.h"
#include <string.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/proverr.h>
#include <openssl/err.h>
#include "internal/ssl3_cbc.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
#include "prov/providercommon.h"
#include "prov/securitycheck.h"
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn hmac_new;
static OSSL_FUNC_mac_dupctx_fn hmac_dup;
static OSSL_FUNC_mac_freectx_fn hmac_free;
static OSSL_FUNC_mac_gettable_ctx_params_fn hmac_gettable_ctx_params;
static OSSL_FUNC_mac_get_ctx_params_fn hmac_get_ctx_params;
static OSSL_FUNC_mac_settable_ctx_params_fn hmac_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn hmac_set_ctx_params;
static OSSL_FUNC_mac_init_fn hmac_init;
static OSSL_FUNC_mac_update_fn hmac_update;
static OSSL_FUNC_mac_final_fn hmac_final;
/* local HMAC context structure */
/* typedef EVP_MAC_IMPL */
struct hmac_data_st {
void *provctx;
HMAC_CTX *ctx; /* HMAC context */
PROV_DIGEST digest;
unsigned char *key;
size_t keylen;
/* Length of full TLS record including the MAC and any padding */
size_t tls_data_size;
unsigned char tls_header[13];
int tls_header_set;
unsigned char tls_mac_out[EVP_MAX_MD_SIZE];
size_t tls_mac_out_size;
#ifdef FIPS_MODULE
/*
* 'internal' is set to 1 if HMAC is used inside another algorithm such as a
* KDF. In this case it is the parent algorithm that is responsible for
* performing any conditional FIPS indicator related checks for the HMAC.
*/
int internal;
#endif
OSSL_FIPS_IND_DECLARE
};
static void *hmac_new(void *provctx)
{
struct hmac_data_st *macctx;
if (!ossl_prov_is_running())
return NULL;
if ((macctx = OPENSSL_zalloc(sizeof(*macctx))) == NULL
|| (macctx->ctx = HMAC_CTX_new()) == NULL) {
OPENSSL_free(macctx);
return NULL;
}
macctx->provctx = provctx;
OSSL_FIPS_IND_INIT(macctx)
return macctx;
}
static void hmac_free(void *vmacctx)
{
struct hmac_data_st *macctx = vmacctx;
if (macctx != NULL) {
HMAC_CTX_free(macctx->ctx);
ossl_prov_digest_reset(&macctx->digest);
OPENSSL_secure_clear_free(macctx->key, macctx->keylen);
OPENSSL_free(macctx);
}
}
static void *hmac_dup(void *vsrc)
{
struct hmac_data_st *src = vsrc;
struct hmac_data_st *dst;
HMAC_CTX *ctx;
if (!ossl_prov_is_running())
return NULL;
dst = hmac_new(src->provctx);
if (dst == NULL)
return NULL;
ctx = dst->ctx;
*dst = *src;
dst->ctx = ctx;
dst->key = NULL;
memset(&dst->digest, 0, sizeof(dst->digest));
if (!HMAC_CTX_copy(dst->ctx, src->ctx)
|| !ossl_prov_digest_copy(&dst->digest, &src->digest)) {
hmac_free(dst);
return NULL;
}
if (src->key != NULL) {
/* There is no "secure" OPENSSL_memdup */
dst->key = OPENSSL_secure_malloc(src->keylen > 0 ? src->keylen : 1);
if (dst->key == NULL) {
hmac_free(dst);
return 0;
}
memcpy(dst->key, src->key, src->keylen);
}
return dst;
}
static size_t hmac_size(struct hmac_data_st *macctx)
{
return HMAC_size(macctx->ctx);
}
static int hmac_block_size(struct hmac_data_st *macctx)
{
const EVP_MD *md = ossl_prov_digest_md(&macctx->digest);
if (md == NULL)
return 0;
return EVP_MD_block_size(md);
}
static int hmac_setkey(struct hmac_data_st *macctx,
const unsigned char *key, size_t keylen)
{
const EVP_MD *digest;
#ifdef FIPS_MODULE
/*
* KDF's pass a salt rather than a key,
* which is why it skips the key check unless "HMAC" is fetched directly.
*/
if (!macctx->internal) {
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(macctx->provctx);
int approved = ossl_mac_check_key_size(keylen);
if (!approved) {
if (!OSSL_FIPS_IND_ON_UNAPPROVED(macctx, OSSL_FIPS_IND_SETTABLE0,
libctx, "HMAC", "keysize",
ossl_fips_config_hmac_key_check)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
}
}
#endif
if (macctx->key != NULL)
OPENSSL_secure_clear_free(macctx->key, macctx->keylen);
/* Keep a copy of the key in case we need it for TLS HMAC */
macctx->key = OPENSSL_secure_malloc(keylen > 0 ? keylen : 1);
if (macctx->key == NULL)
return 0;
memcpy(macctx->key, key, keylen);
macctx->keylen = keylen;
digest = ossl_prov_digest_md(&macctx->digest);
/* HMAC_Init_ex doesn't tolerate all zero params, so we must be careful */
if (key != NULL || (macctx->tls_data_size == 0 && digest != NULL))
return HMAC_Init_ex(macctx->ctx, key, keylen, digest,
ossl_prov_digest_engine(&macctx->digest));
return 1;
}
static int hmac_init(void *vmacctx, const unsigned char *key,
size_t keylen, const OSSL_PARAM params[])
{
struct hmac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running() || !hmac_set_ctx_params(macctx, params))
return 0;
if (key != NULL)
return hmac_setkey(macctx, key, keylen);
/* Just reinit the HMAC context */
return HMAC_Init_ex(macctx->ctx, NULL, 0, NULL, NULL);
}
static int hmac_update(void *vmacctx, const unsigned char *data,
size_t datalen)
{
struct hmac_data_st *macctx = vmacctx;
if (macctx->tls_data_size > 0) {
/* We're doing a TLS HMAC */
if (!macctx->tls_header_set) {
/* We expect the first update call to contain the TLS header */
if (datalen != sizeof(macctx->tls_header))
return 0;
memcpy(macctx->tls_header, data, datalen);
macctx->tls_header_set = 1;
return 1;
}
/* macctx->tls_data_size is datalen plus the padding length */
if (macctx->tls_data_size < datalen)
return 0;
return ssl3_cbc_digest_record(ossl_prov_digest_md(&macctx->digest),
macctx->tls_mac_out,
&macctx->tls_mac_out_size,
macctx->tls_header,
data,
datalen,
macctx->tls_data_size,
macctx->key,
macctx->keylen,
0);
}
return HMAC_Update(macctx->ctx, data, datalen);
}
static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl,
size_t outsize)
{
unsigned int hlen;
struct hmac_data_st *macctx = vmacctx;
if (!ossl_prov_is_running())
return 0;
if (macctx->tls_data_size > 0) {
if (macctx->tls_mac_out_size == 0)
return 0;
if (outl != NULL)
*outl = macctx->tls_mac_out_size;
memcpy(out, macctx->tls_mac_out, macctx->tls_mac_out_size);
return 1;
}
if (!HMAC_Final(macctx->ctx, out, &hlen))
return 0;
*outl = hlen;
return 1;
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END
};
static const OSSL_PARAM *hmac_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_gettable_ctx_params;
}
static int hmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
struct hmac_data_st *macctx = vmacctx;
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, hmac_size(macctx)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
&& !OSSL_PARAM_set_int(p, hmac_block_size(macctx)))
return 0;
#ifdef FIPS_MODULE
p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_FIPS_APPROVED_INDICATOR);
if (p != NULL) {
int approved = 0;
if (!macctx->internal)
approved = OSSL_FIPS_IND_GET(macctx)->approved;
if (!OSSL_PARAM_set_int(p, approved))
return 0;
}
#endif
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_int(OSSL_MAC_PARAM_DIGEST_NOINIT, NULL),
OSSL_PARAM_int(OSSL_MAC_PARAM_DIGEST_ONESHOT, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_TLS_DATA_SIZE, NULL),
OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_MAC_PARAM_FIPS_KEY_CHECK)
OSSL_PARAM_END
};
static const OSSL_PARAM *hmac_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_settable_ctx_params;
}
/*
* ALL parameters should be set before init().
*/
static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
struct hmac_data_st *macctx = vmacctx;
OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx);
const OSSL_PARAM *p;
if (params == NULL)
return 1;
if (!OSSL_FIPS_IND_SET_CTX_PARAM(macctx, OSSL_FIPS_IND_SETTABLE0, params,
OSSL_MAC_PARAM_FIPS_KEY_CHECK))
return 0;
if (!ossl_prov_digest_load_from_params(&macctx->digest, params, ctx))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
if (!hmac_setkey(macctx, p->data, p->data_size))
return 0;
}
if ((p = OSSL_PARAM_locate_const(params,
OSSL_MAC_PARAM_TLS_DATA_SIZE)) != NULL) {
if (!OSSL_PARAM_get_size_t(p, &macctx->tls_data_size))
return 0;
}
return 1;
}
const OSSL_DISPATCH ossl_hmac_functions[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))hmac_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))hmac_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))hmac_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))hmac_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))hmac_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))hmac_final },
{ OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS,
(void (*)(void))hmac_gettable_ctx_params },
{ OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))hmac_get_ctx_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))hmac_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))hmac_set_ctx_params },
OSSL_DISPATCH_END
};
#ifdef FIPS_MODULE
static OSSL_FUNC_mac_newctx_fn hmac_internal_new;
static void *hmac_internal_new(void *provctx)
{
struct hmac_data_st *macctx = hmac_new(provctx);
if (macctx != NULL)
macctx->internal = 1;
return macctx;
}
const OSSL_DISPATCH ossl_hmac_internal_functions[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))hmac_internal_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))hmac_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))hmac_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))hmac_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))hmac_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))hmac_final },
{ OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS,
(void (*)(void))hmac_gettable_ctx_params },
{ OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))hmac_get_ctx_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))hmac_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))hmac_set_ctx_params },
OSSL_DISPATCH_END
};
#endif /* FIPS_MODULE */

697
openssl-3.4.2/providers/implementations/macs/kmac_prov.c Normal file
View File

@@ -0,0 +1,697 @@
/*
* Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* See SP800-185 "Appendix A - KMAC, .... in Terms of Keccak[c]"
*
* Inputs are:
* K = Key (len(K) < 2^2040 bits)
* X = Input
* L = Output length (0 <= L < 2^2040 bits)
* S = Customization String Default="" (len(S) < 2^2040 bits)
*
* KMAC128(K, X, L, S)
* {
* newX = bytepad(encode_string(K), 168) || X || right_encode(L).
* T = bytepad(encode_string("KMAC") || encode_string(S), 168).
* return KECCAK[256](T || newX || 00, L).
* }
*
* KMAC256(K, X, L, S)
* {
* newX = bytepad(encode_string(K), 136) || X || right_encode(L).
* T = bytepad(encode_string("KMAC") || encode_string(S), 136).
* return KECCAK[512](T || newX || 00, L).
* }
*
* KMAC128XOF(K, X, L, S)
* {
* newX = bytepad(encode_string(K), 168) || X || right_encode(0).
* T = bytepad(encode_string("KMAC") || encode_string(S), 168).
* return KECCAK[256](T || newX || 00, L).
* }
*
* KMAC256XOF(K, X, L, S)
* {
* newX = bytepad(encode_string(K), 136) || X || right_encode(0).
* T = bytepad(encode_string("KMAC") || encode_string(S), 136).
* return KECCAK[512](T || newX || 00, L).
* }
*
*/
#include <stdlib.h>
#include <string.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
#include <openssl/fips_names.h>
#include "prov/securitycheck.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "prov/provider_util.h"
#include "prov/providercommon.h"
#include "internal/cryptlib.h" /* ossl_assert */
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn kmac128_new;
static OSSL_FUNC_mac_newctx_fn kmac256_new;
static OSSL_FUNC_mac_dupctx_fn kmac_dup;
static OSSL_FUNC_mac_freectx_fn kmac_free;
static OSSL_FUNC_mac_gettable_ctx_params_fn kmac_gettable_ctx_params;
static OSSL_FUNC_mac_get_ctx_params_fn kmac_get_ctx_params;
static OSSL_FUNC_mac_settable_ctx_params_fn kmac_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn kmac_set_ctx_params;
static OSSL_FUNC_mac_init_fn kmac_init;
static OSSL_FUNC_mac_update_fn kmac_update;
static OSSL_FUNC_mac_final_fn kmac_final;
#define KMAC_MAX_BLOCKSIZE ((1600 - 128 * 2) / 8) /* 168 */
/*
* Length encoding will be a 1 byte size + length in bits (3 bytes max)
* This gives a range of 0..0XFFFFFF bits = 2097151 bytes).
*/
#define KMAC_MAX_OUTPUT_LEN (0xFFFFFF / 8)
#define KMAC_MAX_ENCODED_HEADER_LEN (1 + 3)
/*
* Restrict the maximum length of the customisation string. This must not
* exceed 64 bits = 8k bytes.
*/
#define KMAC_MAX_CUSTOM 512
/* Maximum size of encoded custom string */
#define KMAC_MAX_CUSTOM_ENCODED (KMAC_MAX_CUSTOM + KMAC_MAX_ENCODED_HEADER_LEN)
/* Maximum key size in bytes = 512 (4096 bits) */
#define KMAC_MAX_KEY 512
#define KMAC_MIN_KEY 4
/*
* Maximum Encoded Key size will be padded to a multiple of the blocksize
* i.e KMAC_MAX_KEY + KMAC_MAX_ENCODED_HEADER_LEN = 512 + 4
* Padded to a multiple of KMAC_MAX_BLOCKSIZE
*/
#define KMAC_MAX_KEY_ENCODED (KMAC_MAX_BLOCKSIZE * 4)
/* Fixed value of encode_string("KMAC") */
static const unsigned char kmac_string[] = {
0x01, 0x20, 0x4B, 0x4D, 0x41, 0x43
};
#define KMAC_FLAG_XOF_MODE 1
struct kmac_data_st {
void *provctx;
EVP_MD_CTX *ctx;
PROV_DIGEST digest;
size_t out_len;
size_t key_len;
size_t custom_len;
/* If xof_mode = 1 then we use right_encode(0) */
int xof_mode;
/* key and custom are stored in encoded form */
unsigned char key[KMAC_MAX_KEY_ENCODED];
unsigned char custom[KMAC_MAX_CUSTOM_ENCODED];
#ifdef FIPS_MODULE
/*
* 'internal' is set to 1 if KMAC is used inside another algorithm such as a
* KDF. In this case it is the parent algorithm that is responsible for
* performing any conditional FIPS indicator related checks for KMAC.
*/
int internal;
#endif
OSSL_FIPS_IND_DECLARE
};
static int encode_string(unsigned char *out, size_t out_max_len, size_t *out_len,
const unsigned char *in, size_t in_len);
static int right_encode(unsigned char *out, size_t out_max_len, size_t *out_len,
size_t bits);
static int bytepad(unsigned char *out, size_t *out_len,
const unsigned char *in1, size_t in1_len,
const unsigned char *in2, size_t in2_len,
size_t w);
static int kmac_bytepad_encode_key(unsigned char *out, size_t out_max_len,
size_t *out_len,
const unsigned char *in, size_t in_len,
size_t w);
static void kmac_free(void *vmacctx)
{
struct kmac_data_st *kctx = vmacctx;
if (kctx != NULL) {
EVP_MD_CTX_free(kctx->ctx);
ossl_prov_digest_reset(&kctx->digest);
OPENSSL_cleanse(kctx->key, kctx->key_len);
OPENSSL_cleanse(kctx->custom, kctx->custom_len);
OPENSSL_free(kctx);
}
}
/*
* We have KMAC implemented as a hash, which we can use instead of
* reimplementing the EVP functionality with direct use of
* keccak_mac_init() and friends.
*/
static struct kmac_data_st *kmac_new(void *provctx)
{
struct kmac_data_st *kctx;
if (!ossl_prov_is_running())
return NULL;
if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL
|| (kctx->ctx = EVP_MD_CTX_new()) == NULL) {
kmac_free(kctx);
return NULL;
}
kctx->provctx = provctx;
OSSL_FIPS_IND_INIT(kctx)
return kctx;
}
static void *kmac_fetch_new(void *provctx, const OSSL_PARAM *params)
{
struct kmac_data_st *kctx = kmac_new(provctx);
int md_size;
if (kctx == NULL)
return 0;
if (!ossl_prov_digest_load_from_params(&kctx->digest, params,
PROV_LIBCTX_OF(provctx))) {
kmac_free(kctx);
return 0;
}
md_size = EVP_MD_get_size(ossl_prov_digest_md(&kctx->digest));
if (md_size <= 0) {
kmac_free(kctx);
return 0;
}
kctx->out_len = (size_t)md_size;
return kctx;
}
static void *kmac128_new(void *provctx)
{
static const OSSL_PARAM kmac128_params[] = {
OSSL_PARAM_utf8_string("digest", OSSL_DIGEST_NAME_KECCAK_KMAC128,
sizeof(OSSL_DIGEST_NAME_KECCAK_KMAC128)),
OSSL_PARAM_END
};
return kmac_fetch_new(provctx, kmac128_params);
}
static void *kmac256_new(void *provctx)
{
static const OSSL_PARAM kmac256_params[] = {
OSSL_PARAM_utf8_string("digest", OSSL_DIGEST_NAME_KECCAK_KMAC256,
sizeof(OSSL_DIGEST_NAME_KECCAK_KMAC256)),
OSSL_PARAM_END
};
return kmac_fetch_new(provctx, kmac256_params);
}
static void *kmac_dup(void *vsrc)
{
struct kmac_data_st *src = vsrc;
struct kmac_data_st *dst;
if (!ossl_prov_is_running())
return NULL;
dst = kmac_new(src->provctx);
if (dst == NULL)
return NULL;
if (!EVP_MD_CTX_copy(dst->ctx, src->ctx)
|| !ossl_prov_digest_copy(&dst->digest, &src->digest)) {
kmac_free(dst);
return NULL;
}
#ifdef FIPS_MODULE
dst->internal = src->internal;
#endif
dst->out_len = src->out_len;
dst->key_len = src->key_len;
dst->custom_len = src->custom_len;
dst->xof_mode = src->xof_mode;
memcpy(dst->key, src->key, src->key_len);
memcpy(dst->custom, src->custom, dst->custom_len);
OSSL_FIPS_IND_COPY(dst, src)
return dst;
}
static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key,
size_t keylen)
{
const EVP_MD *digest = ossl_prov_digest_md(&kctx->digest);
int w = EVP_MD_get_block_size(digest);
if (keylen < KMAC_MIN_KEY || keylen > KMAC_MAX_KEY) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
#ifdef FIPS_MODULE
/*
* Only do the key check if KMAC is fetched directly.
* Other algorithms that embed KMAC such as SSKDF will ignore this check.
*/
if (!kctx->internal) {
int approved = ossl_mac_check_key_size(keylen);
if (!approved) {
if (!OSSL_FIPS_IND_ON_UNAPPROVED(kctx, OSSL_FIPS_IND_SETTABLE1,
PROV_LIBCTX_OF(kctx->provctx),
"KMAC", "Key size",
ossl_fips_config_kmac_key_check)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
}
}
#endif
if (w <= 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH);
return 0;
}
if (!kmac_bytepad_encode_key(kctx->key, sizeof(kctx->key), &kctx->key_len,
key, keylen, (size_t)w))
return 0;
return 1;
}
/*
* The init() assumes that any ctrl methods are set beforehand for
* md, key and custom. Setting the fields afterwards will have no
* effect on the output mac.
*/
static int kmac_init(void *vmacctx, const unsigned char *key,
size_t keylen, const OSSL_PARAM params[])
{
struct kmac_data_st *kctx = vmacctx;
EVP_MD_CTX *ctx = kctx->ctx;
unsigned char *out;
size_t out_len, block_len;
int res, t;
if (!ossl_prov_is_running() || !kmac_set_ctx_params(kctx, params))
return 0;
if (key != NULL) {
if (!kmac_setkey(kctx, key, keylen))
return 0;
} else if (kctx->key_len == 0) {
/* Check key has been set */
ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
return 0;
}
if (!EVP_DigestInit_ex(kctx->ctx, ossl_prov_digest_md(&kctx->digest),
NULL))
return 0;
t = EVP_MD_get_block_size(ossl_prov_digest_md(&kctx->digest));
if (t <= 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH);
return 0;
}
block_len = t;
/* Set default custom string if it is not already set */
if (kctx->custom_len == 0) {
const OSSL_PARAM cparams[] = {
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, "", 0),
OSSL_PARAM_END
};
(void)kmac_set_ctx_params(kctx, cparams);
}
if (!bytepad(NULL, &out_len, kmac_string, sizeof(kmac_string),
kctx->custom, kctx->custom_len, block_len)) {
ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
return 0;
}
out = OPENSSL_malloc(out_len);
if (out == NULL)
return 0;
res = bytepad(out, NULL, kmac_string, sizeof(kmac_string),
kctx->custom, kctx->custom_len, block_len)
&& EVP_DigestUpdate(ctx, out, out_len)
&& EVP_DigestUpdate(ctx, kctx->key, kctx->key_len);
OPENSSL_free(out);
return res;
}
static int kmac_update(void *vmacctx, const unsigned char *data,
size_t datalen)
{
struct kmac_data_st *kctx = vmacctx;
return EVP_DigestUpdate(kctx->ctx, data, datalen);
}
static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl,
size_t outsize)
{
struct kmac_data_st *kctx = vmacctx;
EVP_MD_CTX *ctx = kctx->ctx;
size_t lbits, len;
unsigned char encoded_outlen[KMAC_MAX_ENCODED_HEADER_LEN];
int ok;
if (!ossl_prov_is_running())
return 0;
/* KMAC XOF mode sets the encoded length to 0 */
lbits = (kctx->xof_mode ? 0 : (kctx->out_len * 8));
ok = right_encode(encoded_outlen, sizeof(encoded_outlen), &len, lbits)
&& EVP_DigestUpdate(ctx, encoded_outlen, len)
&& EVP_DigestFinalXOF(ctx, out, kctx->out_len);
*outl = kctx->out_len;
return ok;
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END
};
static const OSSL_PARAM *kmac_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_gettable_ctx_params;
}
static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
struct kmac_data_st *kctx = vmacctx;
OSSL_PARAM *p;
int sz;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, kctx->out_len))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL) {
sz = EVP_MD_block_size(ossl_prov_digest_md(&kctx->digest));
if (!OSSL_PARAM_set_int(p, sz))
return 0;
}
if (!OSSL_FIPS_IND_GET_CTX_PARAM(kctx, params))
return 0;
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_int(OSSL_MAC_PARAM_XOF, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0),
OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC)
OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_MAC_PARAM_FIPS_KEY_CHECK)
OSSL_PARAM_END
};
static const OSSL_PARAM *kmac_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_settable_ctx_params;
}
/*
* The following params can be set any time before final():
* - "outlen" or "size": The requested output length.
* - "xof": If set, this indicates that right_encoded(0)
* is part of the digested data, otherwise it
* uses right_encoded(requested output length).
*
* All other params should be set before init().
*/
static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params)
{
struct kmac_data_st *kctx = vmacctx;
const OSSL_PARAM *p;
if (params == NULL)
return 1;
if (!OSSL_FIPS_IND_SET_CTX_PARAM(kctx, OSSL_FIPS_IND_SETTABLE0, params,
OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC))
return 0;
if (!OSSL_FIPS_IND_SET_CTX_PARAM(kctx, OSSL_FIPS_IND_SETTABLE1, params,
OSSL_MAC_PARAM_FIPS_KEY_CHECK))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_XOF)) != NULL
&& !OSSL_PARAM_get_int(p, &kctx->xof_mode))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
size_t sz = 0;
if (!OSSL_PARAM_get_size_t(p, &sz))
return 0;
if (sz > KMAC_MAX_OUTPUT_LEN) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
return 0;
}
#ifdef FIPS_MODULE
/* SP 800-185 8.4.2 mandates a minimum of 32 bits of output */
if (sz < 32 / 8) {
if (!OSSL_FIPS_IND_ON_UNAPPROVED(kctx, OSSL_FIPS_IND_SETTABLE0,
PROV_LIBCTX_OF(kctx->provctx),
"KMAC", "length",
ossl_fips_config_no_short_mac)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH);
return 0;
}
}
#endif
kctx->out_len = sz;
}
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL
&& !kmac_setkey(kctx, p->data, p->data_size))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM))
!= NULL) {
if (p->data_size > KMAC_MAX_CUSTOM) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CUSTOM_LENGTH);
return 0;
}
if (!encode_string(kctx->custom, sizeof(kctx->custom), &kctx->custom_len,
p->data, p->data_size))
return 0;
}
return 1;
}
/* Encoding/Padding Methods. */
/* Returns the number of bytes required to store 'bits' into a byte array */
static unsigned int get_encode_size(size_t bits)
{
unsigned int cnt = 0, sz = sizeof(size_t);
while (bits && (cnt < sz)) {
++cnt;
bits >>= 8;
}
/* If bits is zero 1 byte is required */
if (cnt == 0)
cnt = 1;
return cnt;
}
/*
* Convert an integer into bytes . The number of bytes is appended
* to the end of the buffer. Returns an array of bytes 'out' of size
* *out_len.
*
* e.g if bits = 32, out[2] = { 0x20, 0x01 }
*/
static int right_encode(unsigned char *out, size_t out_max_len, size_t *out_len,
size_t bits)
{
unsigned int len = get_encode_size(bits);
int i;
if (len >= out_max_len) {
ERR_raise(ERR_LIB_PROV, PROV_R_LENGTH_TOO_LARGE);
return 0;
}
/* MSB's are at the start of the bytes array */
for (i = len - 1; i >= 0; --i) {
out[i] = (unsigned char)(bits & 0xFF);
bits >>= 8;
}
/* Tack the length onto the end */
out[len] = (unsigned char)len;
/* The Returned length includes the tacked on byte */
*out_len = len + 1;
return 1;
}
/*
* Encodes a string with a left encoded length added. Note that the
* in_len is converted to bits (*8).
*
* e.g- in="KMAC" gives out[6] = { 0x01, 0x20, 0x4B, 0x4D, 0x41, 0x43 }
* len bits K M A C
*/
static int encode_string(unsigned char *out, size_t out_max_len, size_t *out_len,
const unsigned char *in, size_t in_len)
{
if (in == NULL) {
*out_len = 0;
} else {
size_t i, bits, len, sz;
bits = 8 * in_len;
len = get_encode_size(bits);
sz = 1 + len + in_len;
if (sz > out_max_len) {
ERR_raise(ERR_LIB_PROV, PROV_R_LENGTH_TOO_LARGE);
return 0;
}
out[0] = (unsigned char)len;
for (i = len; i > 0; --i) {
out[i] = (bits & 0xFF);
bits >>= 8;
}
memcpy(out + len + 1, in, in_len);
*out_len = sz;
}
return 1;
}
/*
* Returns a zero padded encoding of the inputs in1 and an optional
* in2 (can be NULL). The padded output must be a multiple of the blocksize 'w'.
* The value of w is in bytes (< 256).
*
* The returned output is:
* zero_padded(multiple of w, (left_encode(w) || in1 [|| in2])
*/
static int bytepad(unsigned char *out, size_t *out_len,
const unsigned char *in1, size_t in1_len,
const unsigned char *in2, size_t in2_len, size_t w)
{
int len;
unsigned char *p = out;
int sz = w;
if (out == NULL) {
if (out_len == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
sz = 2 + in1_len + (in2 != NULL ? in2_len : 0);
*out_len = (sz + w - 1) / w * w;
return 1;
}
if (!ossl_assert(w <= 255))
return 0;
/* Left encoded w */
*p++ = 1;
*p++ = (unsigned char)w;
/* || in1 */
memcpy(p, in1, in1_len);
p += in1_len;
/* [ || in2 ] */
if (in2 != NULL && in2_len > 0) {
memcpy(p, in2, in2_len);
p += in2_len;
}
/* Figure out the pad size (divisible by w) */
len = p - out;
sz = (len + w - 1) / w * w;
/* zero pad the end of the buffer */
if (sz != len)
memset(p, 0, sz - len);
if (out_len != NULL)
*out_len = sz;
return 1;
}
/* Returns out = bytepad(encode_string(in), w) */
static int kmac_bytepad_encode_key(unsigned char *out, size_t out_max_len,
size_t *out_len,
const unsigned char *in, size_t in_len,
size_t w)
{
unsigned char tmp[KMAC_MAX_KEY + KMAC_MAX_ENCODED_HEADER_LEN];
size_t tmp_len;
if (!encode_string(tmp, sizeof(tmp), &tmp_len, in, in_len))
return 0;
if (!bytepad(NULL, out_len, tmp, tmp_len, NULL, 0, w))
return 0;
if (!ossl_assert(*out_len <= out_max_len))
return 0;
return bytepad(out, NULL, tmp, tmp_len, NULL, 0, w);
}
#define IMPLEMENT_KMAC_TABLE(size, funcname, newname) \
const OSSL_DISPATCH ossl_kmac##size##_##funcname[] = \
{ \
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))kmac##size##_##newname }, \
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))kmac_dup }, \
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))kmac_free }, \
{ OSSL_FUNC_MAC_INIT, (void (*)(void))kmac_init }, \
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))kmac_update }, \
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))kmac_final }, \
{ OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, \
(void (*)(void))kmac_gettable_ctx_params }, \
{ OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))kmac_get_ctx_params }, \
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, \
(void (*)(void))kmac_settable_ctx_params }, \
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))kmac_set_ctx_params }, \
OSSL_DISPATCH_END \
}
#define KMAC_TABLE(size) IMPLEMENT_KMAC_TABLE(size, functions, new)
KMAC_TABLE(128);
KMAC_TABLE(256);
#ifdef FIPS_MODULE
# define KMAC_INTERNAL_TABLE(size) \
static OSSL_FUNC_mac_newctx_fn kmac##size##_internal_new; \
static void *kmac##size##_internal_new(void *provctx) \
{ \
struct kmac_data_st *macctx = kmac##size##_new(provctx); \
\
if (macctx != NULL) \
macctx->internal = 1; \
return macctx; \
} \
IMPLEMENT_KMAC_TABLE(size, internal_functions, internal_new)
KMAC_INTERNAL_TABLE(128);
KMAC_INTERNAL_TABLE(256);
#endif /* FIPS_MODULE */

26
openssl-3.4.2/providers/implementations/macs/libdefault-lib-blake2b_mac.d Normal file
View File

@@ -0,0 +1,26 @@
providers/implementations/macs/libdefault-lib-blake2b_mac.o: \
providers/implementations/macs/blake2b_mac.c \
providers/implementations/macs/blake2_mac_impl.c \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/configuration.h \
include/openssl/opensslv.h include/openssl/safestack.h \
include/openssl/stack.h include/openssl/indicator.h \
include/openssl/params.h include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/proverr.h \
providers/implementations/include/prov/blake2.h include/crypto/evp.h \
include/openssl/evp.h include/openssl/bio.h include/openssl/bioerr.h \
include/openssl/evperr.h include/openssl/objects.h \
include/openssl/obj_mac.h include/openssl/asn1.h \
include/openssl/asn1err.h include/openssl/objectserr.h \
include/internal/refcount.h include/openssl/trace.h \
include/openssl/err.h include/openssl/lhash.h include/crypto/ecx.h \
include/crypto/types.h include/internal/cryptlib.h \
include/internal/common.h include/internal/e_os.h \
include/internal/numbers.h include/internal/nelem.h \
include/openssl/buffer.h include/openssl/buffererr.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/providercommon.h \
include/openssl/provider.h

26
openssl-3.4.2/providers/implementations/macs/libdefault-lib-blake2s_mac.d Normal file
View File

@@ -0,0 +1,26 @@
providers/implementations/macs/libdefault-lib-blake2s_mac.o: \
providers/implementations/macs/blake2s_mac.c \
providers/implementations/macs/blake2_mac_impl.c \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/configuration.h \
include/openssl/opensslv.h include/openssl/safestack.h \
include/openssl/stack.h include/openssl/indicator.h \
include/openssl/params.h include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/proverr.h \
providers/implementations/include/prov/blake2.h include/crypto/evp.h \
include/openssl/evp.h include/openssl/bio.h include/openssl/bioerr.h \
include/openssl/evperr.h include/openssl/objects.h \
include/openssl/obj_mac.h include/openssl/asn1.h \
include/openssl/asn1err.h include/openssl/objectserr.h \
include/internal/refcount.h include/openssl/trace.h \
include/openssl/err.h include/openssl/lhash.h include/crypto/ecx.h \
include/crypto/types.h include/internal/cryptlib.h \
include/internal/common.h include/internal/e_os.h \
include/internal/numbers.h include/internal/nelem.h \
include/openssl/buffer.h include/openssl/buffererr.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/providercommon.h \
include/openssl/provider.h

24
openssl-3.4.2/providers/implementations/macs/libdefault-lib-cmac_prov.d Normal file
View File

@@ -0,0 +1,24 @@
providers/implementations/macs/libdefault-lib-cmac_prov.o: \
providers/implementations/macs/cmac_prov.c include/internal/deprecated.h \
include/openssl/configuration.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/opensslv.h \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h \
include/openssl/safestack.h include/openssl/stack.h \
include/openssl/indicator.h include/openssl/params.h \
include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/evp.h include/openssl/bio.h \
include/openssl/bioerr.h include/openssl/evperr.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/asn1.h include/openssl/asn1err.h \
include/openssl/objectserr.h include/openssl/cmac.h \
include/openssl/err.h include/openssl/lhash.h include/openssl/proverr.h \
providers/common/include/prov/securitycheck.h include/crypto/types.h \
include/openssl/ec.h include/openssl/ecerr.h \
providers/fips/include/fips/fipsindicator.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/provider_ctx.h \
providers/common/include/prov/provider_util.h include/openssl/provider.h \
providers/common/include/prov/providercommon.h include/crypto/cmac.h

20
openssl-3.4.2/providers/implementations/macs/libdefault-lib-gmac_prov.d Normal file
View File

@@ -0,0 +1,20 @@
providers/implementations/macs/libdefault-lib-gmac_prov.o: \
providers/implementations/macs/gmac_prov.c \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/configuration.h \
include/openssl/opensslv.h include/openssl/safestack.h \
include/openssl/stack.h include/openssl/indicator.h \
include/openssl/params.h include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/evp.h include/openssl/bio.h \
include/openssl/bioerr.h include/openssl/evperr.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/asn1.h include/openssl/asn1err.h \
include/openssl/objectserr.h include/openssl/err.h \
include/openssl/lhash.h include/openssl/proverr.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/provider_ctx.h \
providers/common/include/prov/provider_util.h include/openssl/provider.h \
providers/common/include/prov/providercommon.h

25
openssl-3.4.2/providers/implementations/macs/libdefault-lib-hmac_prov.d Normal file
View File

@@ -0,0 +1,25 @@
providers/implementations/macs/libdefault-lib-hmac_prov.o: \
providers/implementations/macs/hmac_prov.c include/internal/deprecated.h \
include/openssl/configuration.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/opensslv.h \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h \
include/openssl/safestack.h include/openssl/stack.h \
include/openssl/indicator.h include/openssl/params.h \
include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/evp.h include/openssl/bio.h \
include/openssl/bioerr.h include/openssl/evperr.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/asn1.h include/openssl/asn1err.h \
include/openssl/objectserr.h include/openssl/hmac.h \
include/openssl/proverr.h include/openssl/err.h include/openssl/lhash.h \
include/internal/ssl3_cbc.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/provider_ctx.h \
providers/common/include/prov/provider_util.h include/openssl/provider.h \
providers/common/include/prov/providercommon.h \
providers/common/include/prov/securitycheck.h include/crypto/types.h \
include/openssl/ec.h include/openssl/ecerr.h \
providers/fips/include/fips/fipsindicator.h

28
openssl-3.4.2/providers/implementations/macs/libdefault-lib-kmac_prov.d Normal file
View File

@@ -0,0 +1,28 @@
providers/implementations/macs/libdefault-lib-kmac_prov.o: \
providers/implementations/macs/kmac_prov.c \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/configuration.h \
include/openssl/opensslv.h include/openssl/safestack.h \
include/openssl/stack.h include/openssl/indicator.h \
include/openssl/params.h include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/evp.h include/openssl/bio.h \
include/openssl/bioerr.h include/openssl/evperr.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/asn1.h include/openssl/asn1err.h \
include/openssl/objectserr.h include/openssl/err.h \
include/openssl/lhash.h include/openssl/proverr.h \
include/openssl/fips_names.h \
providers/common/include/prov/securitycheck.h include/crypto/types.h \
include/openssl/ec.h include/openssl/ecerr.h \
providers/fips/include/fips/fipsindicator.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/provider_ctx.h \
providers/common/include/prov/provider_util.h include/openssl/provider.h \
providers/common/include/prov/providercommon.h \
include/internal/cryptlib.h include/internal/common.h \
include/internal/e_os.h include/internal/numbers.h \
include/internal/nelem.h include/openssl/buffer.h \
include/openssl/buffererr.h

20
openssl-3.4.2/providers/implementations/macs/libdefault-lib-poly1305_prov.d Normal file
View File

@@ -0,0 +1,20 @@
providers/implementations/macs/libdefault-lib-poly1305_prov.o: \
providers/implementations/macs/poly1305_prov.c \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/configuration.h \
include/openssl/opensslv.h include/openssl/safestack.h \
include/openssl/stack.h include/openssl/indicator.h \
include/openssl/params.h include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/evp.h include/openssl/bio.h \
include/openssl/bioerr.h include/openssl/evperr.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/asn1.h include/openssl/asn1err.h \
include/openssl/objectserr.h include/openssl/err.h \
include/openssl/lhash.h include/openssl/proverr.h \
include/crypto/poly1305.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/providercommon.h \
include/openssl/provider.h

20
openssl-3.4.2/providers/implementations/macs/libdefault-lib-siphash_prov.d Normal file
View File

@@ -0,0 +1,20 @@
providers/implementations/macs/libdefault-lib-siphash_prov.o: \
providers/implementations/macs/siphash_prov.c \
include/openssl/core_dispatch.h include/openssl/core.h \
include/openssl/types.h include/openssl/e_os2.h include/openssl/macros.h \
include/openssl/opensslconf.h include/openssl/configuration.h \
include/openssl/opensslv.h include/openssl/safestack.h \
include/openssl/stack.h include/openssl/indicator.h \
include/openssl/params.h include/openssl/bn.h include/openssl/crypto.h \
include/openssl/cryptoerr.h include/openssl/symhacks.h \
include/openssl/cryptoerr_legacy.h include/openssl/bnerr.h \
include/openssl/core_names.h include/openssl/evp.h include/openssl/bio.h \
include/openssl/bioerr.h include/openssl/evperr.h \
include/openssl/objects.h include/openssl/obj_mac.h \
include/openssl/asn1.h include/openssl/asn1err.h \
include/openssl/objectserr.h include/openssl/err.h \
include/openssl/lhash.h include/openssl/proverr.h \
include/crypto/siphash.h \
providers/implementations/include/prov/implementations.h \
providers/common/include/prov/providercommon.h \
include/openssl/provider.h

187
openssl-3.4.2/providers/implementations/macs/poly1305_prov.c Normal file
View File

@@ -0,0 +1,187 @@
/*
* Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
#include "crypto/poly1305.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn poly1305_new;
static OSSL_FUNC_mac_dupctx_fn poly1305_dup;
static OSSL_FUNC_mac_freectx_fn poly1305_free;
static OSSL_FUNC_mac_gettable_params_fn poly1305_gettable_params;
static OSSL_FUNC_mac_get_params_fn poly1305_get_params;
static OSSL_FUNC_mac_settable_ctx_params_fn poly1305_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn poly1305_set_ctx_params;
static OSSL_FUNC_mac_init_fn poly1305_init;
static OSSL_FUNC_mac_update_fn poly1305_update;
static OSSL_FUNC_mac_final_fn poly1305_final;
struct poly1305_data_st {
void *provctx;
int updated;
POLY1305 poly1305; /* Poly1305 data */
};
static void *poly1305_new(void *provctx)
{
struct poly1305_data_st *ctx;
if (!ossl_prov_is_running())
return NULL;
ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx != NULL)
ctx->provctx = provctx;
return ctx;
}
static void poly1305_free(void *vmacctx)
{
OPENSSL_free(vmacctx);
}
static void *poly1305_dup(void *vsrc)
{
struct poly1305_data_st *src = vsrc;
struct poly1305_data_st *dst;
if (!ossl_prov_is_running())
return NULL;
dst = OPENSSL_malloc(sizeof(*dst));
if (dst == NULL)
return NULL;
*dst = *src;
return dst;
}
static size_t poly1305_size(void)
{
return POLY1305_DIGEST_SIZE;
}
static int poly1305_setkey(struct poly1305_data_st *ctx,
const unsigned char *key, size_t keylen)
{
if (keylen != POLY1305_KEY_SIZE) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
Poly1305_Init(&ctx->poly1305, key);
ctx->updated = 0;
return 1;
}
static int poly1305_init(void *vmacctx, const unsigned char *key,
size_t keylen, const OSSL_PARAM params[])
{
struct poly1305_data_st *ctx = vmacctx;
/* initialize the context in MAC_ctrl function */
if (!ossl_prov_is_running() || !poly1305_set_ctx_params(ctx, params))
return 0;
if (key != NULL)
return poly1305_setkey(ctx, key, keylen);
/* no reinitialization of context with the same key is allowed */
return ctx->updated == 0;
}
static int poly1305_update(void *vmacctx, const unsigned char *data,
size_t datalen)
{
struct poly1305_data_st *ctx = vmacctx;
ctx->updated = 1;
if (datalen == 0)
return 1;
/* poly1305 has nothing to return in its update function */
Poly1305_Update(&ctx->poly1305, data, datalen);
return 1;
}
static int poly1305_final(void *vmacctx, unsigned char *out, size_t *outl,
size_t outsize)
{
struct poly1305_data_st *ctx = vmacctx;
if (!ossl_prov_is_running())
return 0;
ctx->updated = 1;
Poly1305_Final(&ctx->poly1305, out);
*outl = poly1305_size();
return 1;
}
static const OSSL_PARAM known_gettable_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *poly1305_gettable_params(void *provctx)
{
return known_gettable_params;
}
static int poly1305_get_params(OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, poly1305_size());
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_END
};
static const OSSL_PARAM *poly1305_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
return known_settable_ctx_params;
}
static int poly1305_set_ctx_params(void *vmacctx, const OSSL_PARAM *params)
{
struct poly1305_data_st *ctx = vmacctx;
const OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL
&& !poly1305_setkey(ctx, p->data, p->data_size))
return 0;
return 1;
}
const OSSL_DISPATCH ossl_poly1305_functions[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))poly1305_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))poly1305_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))poly1305_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))poly1305_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))poly1305_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))poly1305_final },
{ OSSL_FUNC_MAC_GETTABLE_PARAMS, (void (*)(void))poly1305_gettable_params },
{ OSSL_FUNC_MAC_GET_PARAMS, (void (*)(void))poly1305_get_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))poly1305_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))poly1305_set_ctx_params },
OSSL_DISPATCH_END
};

237
openssl-3.4.2/providers/implementations/macs/siphash_prov.c Normal file
View File

@@ -0,0 +1,237 @@
/*
* Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/core_dispatch.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/proverr.h>
#include "crypto/siphash.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
/*
* Forward declaration of everything implemented here. This is not strictly
* necessary for the compiler, but provides an assurance that the signatures
* of the functions in the dispatch table are correct.
*/
static OSSL_FUNC_mac_newctx_fn siphash_new;
static OSSL_FUNC_mac_dupctx_fn siphash_dup;
static OSSL_FUNC_mac_freectx_fn siphash_free;
static OSSL_FUNC_mac_gettable_ctx_params_fn siphash_gettable_ctx_params;
static OSSL_FUNC_mac_get_ctx_params_fn siphash_get_ctx_params;
static OSSL_FUNC_mac_settable_ctx_params_fn siphash_settable_ctx_params;
static OSSL_FUNC_mac_set_ctx_params_fn siphash_set_params;
static OSSL_FUNC_mac_init_fn siphash_init;
static OSSL_FUNC_mac_update_fn siphash_update;
static OSSL_FUNC_mac_final_fn siphash_final;
struct siphash_data_st {
void *provctx;
SIPHASH siphash; /* Siphash data */
SIPHASH sipcopy; /* Siphash data copy for reinitialization */
unsigned int crounds, drounds;
};
static unsigned int crounds(struct siphash_data_st *ctx)
{
return ctx->crounds != 0 ? ctx->crounds : SIPHASH_C_ROUNDS;
}
static unsigned int drounds(struct siphash_data_st *ctx)
{
return ctx->drounds != 0 ? ctx->drounds : SIPHASH_D_ROUNDS;
}
static void *siphash_new(void *provctx)
{
struct siphash_data_st *ctx;
if (!ossl_prov_is_running())
return NULL;
ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx != NULL)
ctx->provctx = provctx;
return ctx;
}
static void siphash_free(void *vmacctx)
{
OPENSSL_free(vmacctx);
}
static void *siphash_dup(void *vsrc)
{
struct siphash_data_st *ssrc = vsrc;
struct siphash_data_st *sdst;
if (!ossl_prov_is_running())
return NULL;
sdst = OPENSSL_malloc(sizeof(*sdst));
if (sdst == NULL)
return NULL;
*sdst = *ssrc;
return sdst;
}
static size_t siphash_size(void *vmacctx)
{
struct siphash_data_st *ctx = vmacctx;
return SipHash_hash_size(&ctx->siphash);
}
static int siphash_setkey(struct siphash_data_st *ctx,
const unsigned char *key, size_t keylen)
{
int ret;
if (keylen != SIPHASH_KEY_SIZE)
return 0;
ret = SipHash_Init(&ctx->siphash, key, crounds(ctx), drounds(ctx));
if (ret)
ctx->sipcopy = ctx->siphash;
return ret;
}
static int siphash_init(void *vmacctx, const unsigned char *key, size_t keylen,
const OSSL_PARAM params[])
{
struct siphash_data_st *ctx = vmacctx;
if (!ossl_prov_is_running() || !siphash_set_params(ctx, params))
return 0;
/*
* Without a key, there is not much to do here,
* The actual initialization happens through controls.
*/
if (key == NULL) {
ctx->siphash = ctx->sipcopy;
return 1;
}
return siphash_setkey(ctx, key, keylen);
}
static int siphash_update(void *vmacctx, const unsigned char *data,
size_t datalen)
{
struct siphash_data_st *ctx = vmacctx;
if (datalen == 0)
return 1;
SipHash_Update(&ctx->siphash, data, datalen);
return 1;
}
static int siphash_final(void *vmacctx, unsigned char *out, size_t *outl,
size_t outsize)
{
struct siphash_data_st *ctx = vmacctx;
size_t hlen = siphash_size(ctx);
if (!ossl_prov_is_running() || outsize < hlen)
return 0;
*outl = hlen;
return SipHash_Final(&ctx->siphash, out, hlen);
}
static const OSSL_PARAM *siphash_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_uint(OSSL_MAC_PARAM_C_ROUNDS, NULL),
OSSL_PARAM_uint(OSSL_MAC_PARAM_D_ROUNDS, NULL),
OSSL_PARAM_END
};
return known_gettable_ctx_params;
}
static int siphash_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
struct siphash_data_st *ctx = vmacctx;
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
&& !OSSL_PARAM_set_size_t(p, siphash_size(vmacctx)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_C_ROUNDS)) != NULL
&& !OSSL_PARAM_set_uint(p, crounds(ctx)))
return 0;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_D_ROUNDS)) != NULL
&& !OSSL_PARAM_set_uint(p, drounds(ctx)))
return 0;
return 1;
}
static const OSSL_PARAM *siphash_settable_ctx_params(ossl_unused void *ctx,
void *provctx)
{
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_uint(OSSL_MAC_PARAM_C_ROUNDS, NULL),
OSSL_PARAM_uint(OSSL_MAC_PARAM_D_ROUNDS, NULL),
OSSL_PARAM_END
};
return known_settable_ctx_params;
}
static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params)
{
struct siphash_data_st *ctx = vmacctx;
const OSSL_PARAM *p = NULL;
size_t size;
if (params == NULL)
return 1;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
if (!OSSL_PARAM_get_size_t(p, &size)
|| !SipHash_set_hash_size(&ctx->siphash, size)
|| !SipHash_set_hash_size(&ctx->sipcopy, size))
return 0;
}
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_C_ROUNDS)) != NULL
&& !OSSL_PARAM_get_uint(p, &ctx->crounds))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_D_ROUNDS)) != NULL
&& !OSSL_PARAM_get_uint(p, &ctx->drounds))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL)
if (p->data_type != OSSL_PARAM_OCTET_STRING
|| !siphash_setkey(ctx, p->data, p->data_size))
return 0;
return 1;
}
const OSSL_DISPATCH ossl_siphash_functions[] = {
{ OSSL_FUNC_MAC_NEWCTX, (void (*)(void))siphash_new },
{ OSSL_FUNC_MAC_DUPCTX, (void (*)(void))siphash_dup },
{ OSSL_FUNC_MAC_FREECTX, (void (*)(void))siphash_free },
{ OSSL_FUNC_MAC_INIT, (void (*)(void))siphash_init },
{ OSSL_FUNC_MAC_UPDATE, (void (*)(void))siphash_update },
{ OSSL_FUNC_MAC_FINAL, (void (*)(void))siphash_final },
{ OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS,
(void (*)(void))siphash_gettable_ctx_params },
{ OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))siphash_get_ctx_params },
{ OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS,
(void (*)(void))siphash_settable_ctx_params },
{ OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))siphash_set_params },
OSSL_DISPATCH_END
};