mac_lib.c 8.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300
  1. /*
  2. * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h>
  10. #include <stdarg.h>
  11. #include <openssl/evp.h>
  12. #include <openssl/err.h>
  13. #include <openssl/core.h>
  14. #include <openssl/core_names.h>
  15. #include <openssl/types.h>
  16. #include "internal/nelem.h"
  17. #include "crypto/evp.h"
  18. #include "internal/provider.h"
  19. #include "evp_local.h"
  20. EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac)
  21. {
  22. EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX));
  23. if (ctx != NULL) {
  24. ctx->meth = mac;
  25. if ((ctx->algctx = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL
  26. || !EVP_MAC_up_ref(mac)) {
  27. mac->freectx(ctx->algctx);
  28. ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
  29. OPENSSL_free(ctx);
  30. ctx = NULL;
  31. }
  32. }
  33. return ctx;
  34. }
  35. void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx)
  36. {
  37. if (ctx == NULL)
  38. return;
  39. ctx->meth->freectx(ctx->algctx);
  40. ctx->algctx = NULL;
  41. /* refcnt-- */
  42. EVP_MAC_free(ctx->meth);
  43. OPENSSL_free(ctx);
  44. }
  45. EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
  46. {
  47. EVP_MAC_CTX *dst;
  48. if (src->algctx == NULL)
  49. return NULL;
  50. dst = OPENSSL_malloc(sizeof(*dst));
  51. if (dst == NULL)
  52. return NULL;
  53. *dst = *src;
  54. if (!EVP_MAC_up_ref(dst->meth)) {
  55. ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
  56. OPENSSL_free(dst);
  57. return NULL;
  58. }
  59. dst->algctx = src->meth->dupctx(src->algctx);
  60. if (dst->algctx == NULL) {
  61. EVP_MAC_CTX_free(dst);
  62. return NULL;
  63. }
  64. return dst;
  65. }
  66. EVP_MAC *EVP_MAC_CTX_get0_mac(EVP_MAC_CTX *ctx)
  67. {
  68. return ctx->meth;
  69. }
  70. static size_t get_size_t_ctx_param(EVP_MAC_CTX *ctx, const char *name)
  71. {
  72. size_t sz = 0;
  73. if (ctx->algctx != NULL) {
  74. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  75. params[0] = OSSL_PARAM_construct_size_t(name, &sz);
  76. if (ctx->meth->get_ctx_params != NULL) {
  77. if (ctx->meth->get_ctx_params(ctx->algctx, params))
  78. return sz;
  79. } else if (ctx->meth->get_params != NULL) {
  80. if (ctx->meth->get_params(params))
  81. return sz;
  82. }
  83. }
  84. /*
  85. * If the MAC hasn't been initialized yet, or there is no size to get,
  86. * we return zero
  87. */
  88. return 0;
  89. }
  90. size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
  91. {
  92. return get_size_t_ctx_param(ctx, OSSL_MAC_PARAM_SIZE);
  93. }
  94. size_t EVP_MAC_CTX_get_block_size(EVP_MAC_CTX *ctx)
  95. {
  96. return get_size_t_ctx_param(ctx, OSSL_MAC_PARAM_BLOCK_SIZE);
  97. }
  98. int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
  99. const OSSL_PARAM params[])
  100. {
  101. return ctx->meth->init(ctx->algctx, key, keylen, params);
  102. }
  103. int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
  104. {
  105. return ctx->meth->update(ctx->algctx, data, datalen);
  106. }
  107. static int evp_mac_final(EVP_MAC_CTX *ctx, int xof,
  108. unsigned char *out, size_t *outl, size_t outsize)
  109. {
  110. size_t l;
  111. int res;
  112. OSSL_PARAM params[2];
  113. size_t macsize;
  114. if (ctx == NULL || ctx->meth == NULL) {
  115. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
  116. return 0;
  117. }
  118. if (ctx->meth->final == NULL) {
  119. ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
  120. return 0;
  121. }
  122. macsize = EVP_MAC_CTX_get_mac_size(ctx);
  123. if (out == NULL) {
  124. if (outl == NULL) {
  125. ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
  126. return 0;
  127. }
  128. *outl = macsize;
  129. return 1;
  130. }
  131. if (outsize < macsize) {
  132. ERR_raise(ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL);
  133. return 0;
  134. }
  135. if (xof) {
  136. params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_XOF, &xof);
  137. params[1] = OSSL_PARAM_construct_end();
  138. if (EVP_MAC_CTX_set_params(ctx, params) <= 0) {
  139. ERR_raise(ERR_LIB_EVP, EVP_R_SETTING_XOF_FAILED);
  140. return 0;
  141. }
  142. }
  143. res = ctx->meth->final(ctx->algctx, out, &l, outsize);
  144. if (outl != NULL)
  145. *outl = l;
  146. return res;
  147. }
  148. int EVP_MAC_final(EVP_MAC_CTX *ctx,
  149. unsigned char *out, size_t *outl, size_t outsize)
  150. {
  151. return evp_mac_final(ctx, 0, out, outl, outsize);
  152. }
  153. int EVP_MAC_finalXOF(EVP_MAC_CTX *ctx, unsigned char *out, size_t outsize)
  154. {
  155. return evp_mac_final(ctx, 1, out, NULL, outsize);
  156. }
  157. /*
  158. * The {get,set}_params functions return 1 if there is no corresponding
  159. * function in the implementation. This is the same as if there was one,
  160. * but it didn't recognise any of the given params, i.e. nothing in the
  161. * bag of parameters was useful.
  162. */
  163. int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[])
  164. {
  165. if (mac->get_params != NULL)
  166. return mac->get_params(params);
  167. return 1;
  168. }
  169. int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[])
  170. {
  171. if (ctx->meth->get_ctx_params != NULL)
  172. return ctx->meth->get_ctx_params(ctx->algctx, params);
  173. return 1;
  174. }
  175. int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[])
  176. {
  177. if (ctx->meth->set_ctx_params != NULL)
  178. return ctx->meth->set_ctx_params(ctx->algctx, params);
  179. return 1;
  180. }
  181. int evp_mac_get_number(const EVP_MAC *mac)
  182. {
  183. return mac->name_id;
  184. }
  185. const char *EVP_MAC_get0_name(const EVP_MAC *mac)
  186. {
  187. return mac->type_name;
  188. }
  189. const char *EVP_MAC_get0_description(const EVP_MAC *mac)
  190. {
  191. return mac->description;
  192. }
  193. int EVP_MAC_is_a(const EVP_MAC *mac, const char *name)
  194. {
  195. return mac != NULL && evp_is_a(mac->prov, mac->name_id, NULL, name);
  196. }
  197. int EVP_MAC_names_do_all(const EVP_MAC *mac,
  198. void (*fn)(const char *name, void *data),
  199. void *data)
  200. {
  201. if (mac->prov != NULL)
  202. return evp_names_do_all(mac->prov, mac->name_id, fn, data);
  203. return 1;
  204. }
  205. unsigned char *EVP_Q_mac(OSSL_LIB_CTX *libctx,
  206. const char *name, const char *propq,
  207. const char *subalg, const OSSL_PARAM *params,
  208. const void *key, size_t keylen,
  209. const unsigned char *data, size_t datalen,
  210. unsigned char *out, size_t outsize, size_t *outlen)
  211. {
  212. EVP_MAC *mac = EVP_MAC_fetch(libctx, name, propq);
  213. OSSL_PARAM subalg_param[] = { OSSL_PARAM_END, OSSL_PARAM_END };
  214. EVP_MAC_CTX *ctx = NULL;
  215. size_t len = 0;
  216. unsigned char *res = NULL;
  217. if (outlen != NULL)
  218. *outlen = 0;
  219. if (mac == NULL)
  220. return NULL;
  221. if (subalg != NULL) {
  222. const OSSL_PARAM *defined_params = EVP_MAC_settable_ctx_params(mac);
  223. const char *param_name = OSSL_MAC_PARAM_DIGEST;
  224. /*
  225. * The underlying algorithm may be a cipher or a digest.
  226. * We don't know which it is, but we can ask the MAC what it
  227. * should be and bet on that.
  228. */
  229. if (OSSL_PARAM_locate_const(defined_params, param_name) == NULL) {
  230. param_name = OSSL_MAC_PARAM_CIPHER;
  231. if (OSSL_PARAM_locate_const(defined_params, param_name) == NULL) {
  232. ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
  233. goto err;
  234. }
  235. }
  236. subalg_param[0] =
  237. OSSL_PARAM_construct_utf8_string(param_name, (char *)subalg, 0);
  238. }
  239. /* Single-shot - on NULL key input, set dummy key value for EVP_MAC_Init. */
  240. if (key == NULL && keylen == 0)
  241. key = data;
  242. if ((ctx = EVP_MAC_CTX_new(mac)) != NULL
  243. && EVP_MAC_CTX_set_params(ctx, subalg_param)
  244. && EVP_MAC_CTX_set_params(ctx, params)
  245. && EVP_MAC_init(ctx, key, keylen, params)
  246. && EVP_MAC_update(ctx, data, datalen)
  247. && EVP_MAC_final(ctx, out, &len, outsize)) {
  248. if (out == NULL) {
  249. out = OPENSSL_malloc(len);
  250. if (out != NULL && !EVP_MAC_final(ctx, out, NULL, len)) {
  251. OPENSSL_free(out);
  252. out = NULL;
  253. }
  254. }
  255. res = out;
  256. if (res != NULL && outlen != NULL)
  257. *outlen = len;
  258. }
  259. err:
  260. EVP_MAC_CTX_free(ctx);
  261. EVP_MAC_free(mac);
  262. return res;
  263. }