1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
|
/*
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/core_dispatch.h>
#include <openssl/proverr.h>
#include "prov/implementations.h"
#include "prov/ciphercommon.h"
#include "prov/providercommon.h"
typedef struct prov_cipher_null_ctx_st {
int enc;
size_t tlsmacsize;
const unsigned char *tlsmac;
} PROV_CIPHER_NULL_CTX;
static OSSL_FUNC_cipher_newctx_fn null_newctx;
static void *null_newctx(void *provctx)
{
if (!ossl_prov_is_running())
return NULL;
return OPENSSL_zalloc(sizeof(PROV_CIPHER_NULL_CTX));
}
static OSSL_FUNC_cipher_freectx_fn null_freectx;
static void null_freectx(void *vctx)
{
OPENSSL_free(vctx);
}
static OSSL_FUNC_cipher_encrypt_init_fn null_einit;
static int null_einit(void *vctx, const unsigned char *key, size_t keylen,
const unsigned char *iv, size_t ivlen)
{
PROV_CIPHER_NULL_CTX *ctx = (PROV_CIPHER_NULL_CTX *)vctx;
if (!ossl_prov_is_running())
return 0;
ctx->enc = 1;
return 1;
}
static OSSL_FUNC_cipher_decrypt_init_fn null_dinit;
static int null_dinit(void *vctx, const unsigned char *key, size_t keylen,
const unsigned char *iv, size_t ivlen)
{
if (!ossl_prov_is_running())
return 0;
return 1;
}
static OSSL_FUNC_cipher_cipher_fn null_cipher;
static int null_cipher(void *vctx, unsigned char *out, size_t *outl,
size_t outsize, const unsigned char *in, size_t inl)
{
PROV_CIPHER_NULL_CTX *ctx = (PROV_CIPHER_NULL_CTX *)vctx;
if (!ossl_prov_is_running())
return 0;
if (!ctx->enc && ctx->tlsmacsize > 0) {
/*
* TLS NULL cipher as per:
* https://tools.ietf.org/html/rfc5246#section-6.2.3.1
*/
if (inl < ctx->tlsmacsize)
return 0;
ctx->tlsmac = in + inl - ctx->tlsmacsize;
inl -= ctx->tlsmacsize;
}
if (outsize < inl)
return 0;
if (in != out)
memcpy(out, in, inl);
*outl = inl;
return 1;
}
static OSSL_FUNC_cipher_final_fn null_final;
static int null_final(void *vctx, unsigned char *out, size_t *outl,
size_t outsize)
{
if (!ossl_prov_is_running())
return 0;
*outl = 0;
return 1;
}
static OSSL_FUNC_cipher_get_params_fn null_get_params;
static int null_get_params(OSSL_PARAM params[])
{
return ossl_cipher_generic_get_params(params, 0, 0, 0, 8, 0);
}
static const OSSL_PARAM null_known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
{ OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED },
OSSL_PARAM_END
};
static OSSL_FUNC_cipher_gettable_ctx_params_fn null_gettable_ctx_params;
static const OSSL_PARAM *null_gettable_ctx_params(ossl_unused void *provctx)
{
return null_known_gettable_ctx_params;
}
static OSSL_FUNC_cipher_get_ctx_params_fn null_get_ctx_params;
static int null_get_ctx_params(void *vctx, OSSL_PARAM params[])
{
PROV_CIPHER_NULL_CTX *ctx = (PROV_CIPHER_NULL_CTX *)vctx;
OSSL_PARAM *p;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
if (p != NULL && !OSSL_PARAM_set_size_t(p, 0)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
if (p != NULL && !OSSL_PARAM_set_size_t(p, 0)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS_MAC);
if (p != NULL
&& !OSSL_PARAM_set_octet_ptr(p, ctx->tlsmac, ctx->tlsmacsize)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0;
}
return 1;
}
static const OSSL_PARAM null_known_settable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL),
OSSL_PARAM_END
};
static OSSL_FUNC_cipher_settable_ctx_params_fn null_settable_ctx_params;
static const OSSL_PARAM *null_settable_ctx_params(ossl_unused void *provctx)
{
return null_known_settable_ctx_params;
}
static OSSL_FUNC_cipher_set_ctx_params_fn null_set_ctx_params;
static int null_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{
PROV_CIPHER_NULL_CTX *ctx = (PROV_CIPHER_NULL_CTX *)vctx;
const OSSL_PARAM *p;
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_MAC_SIZE);
if (p != NULL) {
if (!OSSL_PARAM_get_size_t(p, &ctx->tlsmacsize)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0;
}
}
return 1;
}
const OSSL_DISPATCH ossl_null_functions[] = {
{ OSSL_FUNC_CIPHER_NEWCTX,
(void (*)(void)) null_newctx },
{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) null_freectx },
{ OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) null_newctx },
{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))null_einit },
{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))null_dinit },
{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))null_cipher },
{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void))null_final },
{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))null_cipher },
{ OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void)) null_get_params },
{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS,
(void (*)(void))ossl_cipher_generic_gettable_params },
{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))null_get_ctx_params },
{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS,
(void (*)(void))null_gettable_ctx_params },
{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, (void (*)(void))null_set_ctx_params },
{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS,
(void (*)(void))null_settable_ctx_params },
{ 0, NULL }
};
|
