cipher_aes_cbc_hmac_sha.c 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436
  1. /*
  2. * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * AES low level APIs are deprecated for public use, but still ok for internal
  11. * use where we're using them to implement the higher level EVP interface, as is
  12. * the case here.
  13. */
  14. #include "internal/deprecated.h"
  15. /* Dispatch functions for AES_CBC_HMAC_SHA ciphers */
  16. /* For SSL3_VERSION and TLS1_VERSION */
  17. #include <openssl/prov_ssl.h>
  18. #include <openssl/proverr.h>
  19. #include "cipher_aes_cbc_hmac_sha.h"
  20. #include "prov/implementations.h"
  21. #include "prov/providercommon.h"
  22. #ifndef AES_CBC_HMAC_SHA_CAPABLE
  23. # define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \
  24. const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \
  25. OSSL_DISPATCH_END \
  26. };
  27. #else
  28. # define AES_CBC_HMAC_SHA_FLAGS (PROV_CIPHER_FLAG_AEAD \
  29. | PROV_CIPHER_FLAG_TLS1_MULTIBLOCK)
  30. static OSSL_FUNC_cipher_encrypt_init_fn aes_einit;
  31. static OSSL_FUNC_cipher_decrypt_init_fn aes_dinit;
  32. static OSSL_FUNC_cipher_freectx_fn aes_cbc_hmac_sha1_freectx;
  33. static OSSL_FUNC_cipher_freectx_fn aes_cbc_hmac_sha256_freectx;
  34. static OSSL_FUNC_cipher_get_ctx_params_fn aes_get_ctx_params;
  35. static OSSL_FUNC_cipher_gettable_ctx_params_fn aes_gettable_ctx_params;
  36. static OSSL_FUNC_cipher_set_ctx_params_fn aes_set_ctx_params;
  37. static OSSL_FUNC_cipher_settable_ctx_params_fn aes_settable_ctx_params;
  38. # define aes_gettable_params ossl_cipher_generic_gettable_params
  39. # define aes_update ossl_cipher_generic_stream_update
  40. # define aes_final ossl_cipher_generic_stream_final
  41. # define aes_cipher ossl_cipher_generic_cipher
  42. static int aes_einit(void *ctx, const unsigned char *key, size_t keylen,
  43. const unsigned char *iv, size_t ivlen,
  44. const OSSL_PARAM params[])
  45. {
  46. if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL))
  47. return 0;
  48. return aes_set_ctx_params(ctx, params);
  49. }
  50. static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen,
  51. const unsigned char *iv, size_t ivlen,
  52. const OSSL_PARAM params[])
  53. {
  54. if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL))
  55. return 0;
  56. return aes_set_ctx_params(ctx, params);
  57. }
  58. static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = {
  59. OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0),
  60. OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
  61. # if !defined(OPENSSL_NO_MULTIBLOCK)
  62. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, NULL),
  63. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, NULL),
  64. OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL),
  65. OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, NULL, 0),
  66. OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, NULL, 0),
  67. # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
  68. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
  69. OSSL_PARAM_END
  70. };
  71. const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx,
  72. ossl_unused void *provctx)
  73. {
  74. return cipher_aes_known_settable_ctx_params;
  75. }
  76. static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
  77. {
  78. PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
  79. PROV_CIPHER_HW_AES_HMAC_SHA *hw =
  80. (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw;
  81. const OSSL_PARAM *p;
  82. int ret = 1;
  83. # if !defined(OPENSSL_NO_MULTIBLOCK)
  84. EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
  85. # endif
  86. if (params == NULL)
  87. return 1;
  88. p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY);
  89. if (p != NULL) {
  90. if (p->data_type != OSSL_PARAM_OCTET_STRING) {
  91. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  92. return 0;
  93. }
  94. hw->init_mac_key(ctx, p->data, p->data_size);
  95. }
  96. # if !defined(OPENSSL_NO_MULTIBLOCK)
  97. p = OSSL_PARAM_locate_const(params,
  98. OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT);
  99. if (p != NULL
  100. && !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) {
  101. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  102. return 0;
  103. }
  104. /*
  105. * The inputs to tls1_multiblock_aad are:
  106. * mb_param->inp
  107. * mb_param->len
  108. * mb_param->interleave
  109. * The outputs of tls1_multiblock_aad are written to:
  110. * ctx->multiblock_interleave
  111. * ctx->multiblock_aad_packlen
  112. */
  113. p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD);
  114. if (p != NULL) {
  115. const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params,
  116. OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE);
  117. if (p->data_type != OSSL_PARAM_OCTET_STRING
  118. || p1 == NULL
  119. || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) {
  120. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  121. return 0;
  122. }
  123. mb_param.inp = p->data;
  124. mb_param.len = p->data_size;
  125. if (hw->tls1_multiblock_aad(vctx, &mb_param) <= 0)
  126. return 0;
  127. }
  128. /*
  129. * The inputs to tls1_multiblock_encrypt are:
  130. * mb_param->inp
  131. * mb_param->len
  132. * mb_param->interleave
  133. * mb_param->out
  134. * The outputs of tls1_multiblock_encrypt are:
  135. * ctx->multiblock_encrypt_len
  136. */
  137. p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC);
  138. if (p != NULL) {
  139. const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params,
  140. OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE);
  141. const OSSL_PARAM *pin = OSSL_PARAM_locate_const(params,
  142. OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN);
  143. if (p->data_type != OSSL_PARAM_OCTET_STRING
  144. || pin == NULL
  145. || pin->data_type != OSSL_PARAM_OCTET_STRING
  146. || p1 == NULL
  147. || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) {
  148. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  149. return 0;
  150. }
  151. mb_param.out = p->data;
  152. mb_param.inp = pin->data;
  153. mb_param.len = pin->data_size;
  154. if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0)
  155. return 0;
  156. }
  157. # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
  158. p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD);
  159. if (p != NULL) {
  160. if (p->data_type != OSSL_PARAM_OCTET_STRING) {
  161. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  162. return 0;
  163. }
  164. if (hw->set_tls1_aad(ctx, p->data, p->data_size) <= 0)
  165. return 0;
  166. }
  167. p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
  168. if (p != NULL) {
  169. size_t keylen;
  170. if (!OSSL_PARAM_get_size_t(p, &keylen)) {
  171. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  172. return 0;
  173. }
  174. if (ctx->base.keylen != keylen) {
  175. ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
  176. return 0;
  177. }
  178. }
  179. p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION);
  180. if (p != NULL) {
  181. if (!OSSL_PARAM_get_uint(p, &ctx->base.tlsversion)) {
  182. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
  183. return 0;
  184. }
  185. if (ctx->base.tlsversion == SSL3_VERSION
  186. || ctx->base.tlsversion == TLS1_VERSION) {
  187. if (!ossl_assert(ctx->base.removetlsfixed >= AES_BLOCK_SIZE)) {
  188. ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
  189. return 0;
  190. }
  191. /*
  192. * There is no explicit IV with these TLS versions, so don't attempt
  193. * to remove it.
  194. */
  195. ctx->base.removetlsfixed -= AES_BLOCK_SIZE;
  196. }
  197. }
  198. return ret;
  199. }
  200. static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
  201. {
  202. PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
  203. OSSL_PARAM *p;
  204. # if !defined(OPENSSL_NO_MULTIBLOCK)
  205. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE);
  206. if (p != NULL) {
  207. PROV_CIPHER_HW_AES_HMAC_SHA *hw =
  208. (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw;
  209. size_t len = hw->tls1_multiblock_max_bufsize(ctx);
  210. if (!OSSL_PARAM_set_size_t(p, len)) {
  211. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  212. return 0;
  213. }
  214. }
  215. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE);
  216. if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_interleave)) {
  217. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  218. return 0;
  219. }
  220. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN);
  221. if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_aad_packlen)) {
  222. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  223. return 0;
  224. }
  225. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN);
  226. if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->multiblock_encrypt_len)) {
  227. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  228. return 0;
  229. }
  230. # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
  231. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD);
  232. if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tls_aad_pad)) {
  233. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  234. return 0;
  235. }
  236. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
  237. if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) {
  238. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  239. return 0;
  240. }
  241. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
  242. if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) {
  243. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  244. return 0;
  245. }
  246. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
  247. if (p != NULL
  248. && !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen)
  249. && !OSSL_PARAM_set_octet_ptr(p, &ctx->base.oiv, ctx->base.ivlen)) {
  250. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  251. return 0;
  252. }
  253. p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV);
  254. if (p != NULL
  255. && !OSSL_PARAM_set_octet_string(p, ctx->base.iv, ctx->base.ivlen)
  256. && !OSSL_PARAM_set_octet_ptr(p, &ctx->base.iv, ctx->base.ivlen)) {
  257. ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
  258. return 0;
  259. }
  260. return 1;
  261. }
  262. static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
  263. # if !defined(OPENSSL_NO_MULTIBLOCK)
  264. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, NULL),
  265. OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL),
  266. OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, NULL),
  267. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, NULL),
  268. # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
  269. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
  270. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
  271. OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
  272. OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
  273. OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0),
  274. OSSL_PARAM_END
  275. };
  276. const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx,
  277. ossl_unused void *provctx)
  278. {
  279. return cipher_aes_known_gettable_ctx_params;
  280. }
  281. static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx,
  282. const PROV_CIPHER_HW_AES_HMAC_SHA *meths,
  283. size_t kbits, size_t blkbits, size_t ivbits,
  284. uint64_t flags)
  285. {
  286. ossl_cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits,
  287. EVP_CIPH_CBC_MODE, flags,
  288. &meths->base, provctx);
  289. ctx->hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->base.hw;
  290. }
  291. static void *aes_cbc_hmac_sha1_newctx(void *provctx, size_t kbits,
  292. size_t blkbits, size_t ivbits,
  293. uint64_t flags)
  294. {
  295. PROV_AES_HMAC_SHA1_CTX *ctx;
  296. if (!ossl_prov_is_running())
  297. return NULL;
  298. ctx = OPENSSL_zalloc(sizeof(*ctx));
  299. if (ctx != NULL)
  300. base_init(provctx, &ctx->base_ctx,
  301. ossl_prov_cipher_hw_aes_cbc_hmac_sha1(), kbits, blkbits,
  302. ivbits, flags);
  303. return ctx;
  304. }
  305. static void *aes_cbc_hmac_sha1_dupctx(void *provctx)
  306. {
  307. PROV_AES_HMAC_SHA1_CTX *ctx = provctx;
  308. if (ctx == NULL)
  309. return NULL;
  310. return OPENSSL_memdup(ctx, sizeof(*ctx));
  311. }
  312. static void aes_cbc_hmac_sha1_freectx(void *vctx)
  313. {
  314. PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx;
  315. if (ctx != NULL) {
  316. ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
  317. OPENSSL_clear_free(ctx, sizeof(*ctx));
  318. }
  319. }
  320. static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits,
  321. size_t blkbits, size_t ivbits,
  322. uint64_t flags)
  323. {
  324. PROV_AES_HMAC_SHA256_CTX *ctx;
  325. if (!ossl_prov_is_running())
  326. return NULL;
  327. ctx = OPENSSL_zalloc(sizeof(*ctx));
  328. if (ctx != NULL)
  329. base_init(provctx, &ctx->base_ctx,
  330. ossl_prov_cipher_hw_aes_cbc_hmac_sha256(), kbits, blkbits,
  331. ivbits, flags);
  332. return ctx;
  333. }
  334. static void *aes_cbc_hmac_sha256_dupctx(void *provctx)
  335. {
  336. PROV_AES_HMAC_SHA256_CTX *ctx = provctx;
  337. return OPENSSL_memdup(ctx, sizeof(*ctx));
  338. }
  339. static void aes_cbc_hmac_sha256_freectx(void *vctx)
  340. {
  341. PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx;
  342. if (ctx != NULL) {
  343. ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
  344. OPENSSL_clear_free(ctx, sizeof(*ctx));
  345. }
  346. }
  347. # define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \
  348. static OSSL_FUNC_cipher_newctx_fn nm##_##kbits##_##sub##_newctx; \
  349. static void *nm##_##kbits##_##sub##_newctx(void *provctx) \
  350. { \
  351. return nm##_##sub##_newctx(provctx, kbits, blkbits, ivbits, flags); \
  352. } \
  353. static OSSL_FUNC_cipher_get_params_fn nm##_##kbits##_##sub##_get_params; \
  354. static int nm##_##kbits##_##sub##_get_params(OSSL_PARAM params[]) \
  355. { \
  356. return ossl_cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \
  357. flags, kbits, blkbits, ivbits); \
  358. } \
  359. const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \
  360. { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))nm##_##kbits##_##sub##_newctx },\
  361. { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))nm##_##sub##_freectx }, \
  362. { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))nm##_##sub##_dupctx}, \
  363. { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))nm##_einit }, \
  364. { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))nm##_dinit }, \
  365. { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))nm##_update }, \
  366. { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))nm##_final }, \
  367. { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))nm##_cipher }, \
  368. { OSSL_FUNC_CIPHER_GET_PARAMS, \
  369. (void (*)(void))nm##_##kbits##_##sub##_get_params }, \
  370. { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
  371. (void (*)(void))nm##_gettable_params }, \
  372. { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
  373. (void (*)(void))nm##_get_ctx_params }, \
  374. { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
  375. (void (*)(void))nm##_gettable_ctx_params }, \
  376. { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
  377. (void (*)(void))nm##_set_ctx_params }, \
  378. { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
  379. (void (*)(void))nm##_settable_ctx_params }, \
  380. OSSL_DISPATCH_END \
  381. };
  382. #endif /* AES_CBC_HMAC_SHA_CAPABLE */
  383. /* ossl_aes128cbc_hmac_sha1_functions */
  384. IMPLEMENT_CIPHER(aes, cbc_hmac_sha1, 128, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
  385. /* ossl_aes256cbc_hmac_sha1_functions */
  386. IMPLEMENT_CIPHER(aes, cbc_hmac_sha1, 256, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
  387. /* ossl_aes128cbc_hmac_sha256_functions */
  388. IMPLEMENT_CIPHER(aes, cbc_hmac_sha256, 128, 128, 128, AES_CBC_HMAC_SHA_FLAGS)
  389. /* ossl_aes256cbc_hmac_sha256_functions */
  390. IMPLEMENT_CIPHER(aes, cbc_hmac_sha256, 256, 128, 128, AES_CBC_HMAC_SHA_FLAGS)