Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 05e897481f69a8a26122c6f852ba305083a009de / . / ap / lib / libssl / openssl-1.1.1o / include / crypto / evp.h
blob: d86aed36f075a61df3ef45dabcd12a57a8ca68fc [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/evp.h>
11#include "internal/refcount.h"
12
13/*
14 * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
15 * values in evp.h
16 */
17#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
18
19struct evp_pkey_ctx_st {
20 /* Method associated with this operation */
21 const EVP_PKEY_METHOD *pmeth;
22 /* Engine that implements this method or NULL if builtin */
23 ENGINE *engine;
24 /* Key: may be NULL */
25 EVP_PKEY *pkey;
26 /* Peer key for key agreement, may be NULL */
27 EVP_PKEY *peerkey;
28 /* Actual operation */
29 int operation;
30 /* Algorithm specific data */
31 void *data;
32 /* Application specific data */
33 void *app_data;
34 /* Keygen callback */
35 EVP_PKEY_gen_cb *pkey_gencb;
36 /* implementation specific keygen data */
37 int *keygen_info;
38 int keygen_info_count;
39} /* EVP_PKEY_CTX */ ;
40
41#define EVP_PKEY_FLAG_DYNAMIC 1
42
43struct evp_pkey_method_st {
44 int pkey_id;
45 int flags;
46 int (*init) (EVP_PKEY_CTX *ctx);
47 int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
48 void (*cleanup) (EVP_PKEY_CTX *ctx);
49 int (*paramgen_init) (EVP_PKEY_CTX *ctx);
50 int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
51 int (*keygen_init) (EVP_PKEY_CTX *ctx);
52 int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
53 int (*sign_init) (EVP_PKEY_CTX *ctx);
54 int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
55 const unsigned char *tbs, size_t tbslen);
56 int (*verify_init) (EVP_PKEY_CTX *ctx);
57 int (*verify) (EVP_PKEY_CTX *ctx,
58 const unsigned char *sig, size_t siglen,
59 const unsigned char *tbs, size_t tbslen);
60 int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
61 int (*verify_recover) (EVP_PKEY_CTX *ctx,
62 unsigned char *rout, size_t *routlen,
63 const unsigned char *sig, size_t siglen);
64 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
65 int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
66 EVP_MD_CTX *mctx);
67 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
68 int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
69 EVP_MD_CTX *mctx);
70 int (*encrypt_init) (EVP_PKEY_CTX *ctx);
71 int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
72 const unsigned char *in, size_t inlen);
73 int (*decrypt_init) (EVP_PKEY_CTX *ctx);
74 int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
75 const unsigned char *in, size_t inlen);
76 int (*derive_init) (EVP_PKEY_CTX *ctx);
77 int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
78 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
79 int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
80 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
81 const unsigned char *tbs, size_t tbslen);
82 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
83 size_t siglen, const unsigned char *tbs,
84 size_t tbslen);
85 int (*check) (EVP_PKEY *pkey);
86 int (*public_check) (EVP_PKEY *pkey);
87 int (*param_check) (EVP_PKEY *pkey);
88
89 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
90} /* EVP_PKEY_METHOD */ ;
91
92DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
93
94void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
95
96extern const EVP_PKEY_METHOD cmac_pkey_meth;
97extern const EVP_PKEY_METHOD dh_pkey_meth;
98extern const EVP_PKEY_METHOD dhx_pkey_meth;
99extern const EVP_PKEY_METHOD dsa_pkey_meth;
100extern const EVP_PKEY_METHOD ec_pkey_meth;
101extern const EVP_PKEY_METHOD sm2_pkey_meth;
102extern const EVP_PKEY_METHOD ecx25519_pkey_meth;
103extern const EVP_PKEY_METHOD ecx448_pkey_meth;
104extern const EVP_PKEY_METHOD ed25519_pkey_meth;
105extern const EVP_PKEY_METHOD ed448_pkey_meth;
106extern const EVP_PKEY_METHOD hmac_pkey_meth;
107extern const EVP_PKEY_METHOD rsa_pkey_meth;
108extern const EVP_PKEY_METHOD rsa_pss_pkey_meth;
109extern const EVP_PKEY_METHOD scrypt_pkey_meth;
110extern const EVP_PKEY_METHOD tls1_prf_pkey_meth;
111extern const EVP_PKEY_METHOD hkdf_pkey_meth;
112extern const EVP_PKEY_METHOD poly1305_pkey_meth;
113extern const EVP_PKEY_METHOD siphash_pkey_meth;
114
115struct evp_md_st {
116 int type;
117 int pkey_type;
118 int md_size;
119 unsigned long flags;
120 int (*init) (EVP_MD_CTX *ctx);
121 int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
122 int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
123 int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
124 int (*cleanup) (EVP_MD_CTX *ctx);
125 int block_size;
126 int ctx_size; /* how big does the ctx->md_data need to be */
127 /* control function */
128 int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
129} /* EVP_MD */ ;
130
131struct evp_cipher_st {
132 int nid;
133 int block_size;
134 /* Default value for variable length ciphers */
135 int key_len;
136 int iv_len;
137 /* Various flags */
138 unsigned long flags;
139 /* init key */
140 int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
141 const unsigned char *iv, int enc);
142 /* encrypt/decrypt data */
143 int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
144 const unsigned char *in, size_t inl);
145 /* cleanup ctx */
146 int (*cleanup) (EVP_CIPHER_CTX *);
147 /* how big ctx->cipher_data needs to be */
148 int ctx_size;
149 /* Populate a ASN1_TYPE with parameters */
150 int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
151 /* Get parameters from a ASN1_TYPE */
152 int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
153 /* Miscellaneous operations */
154 int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
155 /* Application data */
156 void *app_data;
157} /* EVP_CIPHER */ ;
158
159/* Macros to code block cipher wrappers */
160
161/* Wrapper functions for each cipher mode */
162
163#define EVP_C_DATA(kstruct, ctx) \
164 ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
165
166#define BLOCK_CIPHER_ecb_loop() \
167 size_t i, bl; \
168 bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
169 if (inl < bl) return 1;\
170 inl -= bl; \
171 for (i=0; i <= inl; i+=bl)
172
173#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
174static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
175{\
176 BLOCK_CIPHER_ecb_loop() \
177 cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
178 return 1;\
179}
180
181#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
182
183#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
184 static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
185{\
186 while(inl>=EVP_MAXCHUNK) {\
187 int num = EVP_CIPHER_CTX_num(ctx);\
188 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
189 EVP_CIPHER_CTX_set_num(ctx, num);\
190 inl-=EVP_MAXCHUNK;\
191 in +=EVP_MAXCHUNK;\
192 out+=EVP_MAXCHUNK;\
193 }\
194 if (inl) {\
195 int num = EVP_CIPHER_CTX_num(ctx);\
196 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
197 EVP_CIPHER_CTX_set_num(ctx, num);\
198 }\
199 return 1;\
200}
201
202#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
203static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
204{\
205 while(inl>=EVP_MAXCHUNK) \
206 {\
207 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
208 inl-=EVP_MAXCHUNK;\
209 in +=EVP_MAXCHUNK;\
210 out+=EVP_MAXCHUNK;\
211 }\
212 if (inl)\
213 cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
214 return 1;\
215}
216
217#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
218static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
219{\
220 size_t chunk = EVP_MAXCHUNK;\
221 if (cbits == 1) chunk >>= 3;\
222 if (inl < chunk) chunk = inl;\
223 while (inl && inl >= chunk)\
224 {\
225 int num = EVP_CIPHER_CTX_num(ctx);\
226 cprefix##_cfb##cbits##_encrypt(in, out, (long) \
227 ((cbits == 1) \
228 && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
229 ? chunk*8 : chunk), \
230 &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
231 &num, EVP_CIPHER_CTX_encrypting(ctx));\
232 EVP_CIPHER_CTX_set_num(ctx, num);\
233 inl -= chunk;\
234 in += chunk;\
235 out += chunk;\
236 if (inl < chunk) chunk = inl;\
237 }\
238 return 1;\
239}
240
241#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
242 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
243 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
244 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
245 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
246
247#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
248 key_len, iv_len, flags, init_key, cleanup, \
249 set_asn1, get_asn1, ctrl) \
250static const EVP_CIPHER cname##_##mode = { \
251 nid##_##nmode, block_size, key_len, iv_len, \
252 flags | EVP_CIPH_##MODE##_MODE, \
253 init_key, \
254 cname##_##mode##_cipher, \
255 cleanup, \
256 sizeof(kstruct), \
257 set_asn1, get_asn1,\
258 ctrl, \
259 NULL \
260}; \
261const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
262
263#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
264 iv_len, flags, init_key, cleanup, set_asn1, \
265 get_asn1, ctrl) \
266BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
267 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
268
269#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
270 iv_len, cbits, flags, init_key, cleanup, \
271 set_asn1, get_asn1, ctrl) \
272BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
273 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
274 get_asn1, ctrl)
275
276#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
277 iv_len, cbits, flags, init_key, cleanup, \
278 set_asn1, get_asn1, ctrl) \
279BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
280 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
281 get_asn1, ctrl)
282
283#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
284 flags, init_key, cleanup, set_asn1, \
285 get_asn1, ctrl) \
286BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
287 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
288
289#define BLOCK_CIPHER_defs(cname, kstruct, \
290 nid, block_size, key_len, iv_len, cbits, flags, \
291 init_key, cleanup, set_asn1, get_asn1, ctrl) \
292BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
293 init_key, cleanup, set_asn1, get_asn1, ctrl) \
294BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
295 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
296BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
297 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
298BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
299 init_key, cleanup, set_asn1, get_asn1, ctrl)
300
301/*-
302#define BLOCK_CIPHER_defs(cname, kstruct, \
303 nid, block_size, key_len, iv_len, flags,\
304 init_key, cleanup, set_asn1, get_asn1, ctrl)\
305static const EVP_CIPHER cname##_cbc = {\
306 nid##_cbc, block_size, key_len, iv_len, \
307 flags | EVP_CIPH_CBC_MODE,\
308 init_key,\
309 cname##_cbc_cipher,\
310 cleanup,\
311 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
312 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
313 set_asn1, get_asn1,\
314 ctrl, \
315 NULL \
316};\
317const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
318static const EVP_CIPHER cname##_cfb = {\
319 nid##_cfb64, 1, key_len, iv_len, \
320 flags | EVP_CIPH_CFB_MODE,\
321 init_key,\
322 cname##_cfb_cipher,\
323 cleanup,\
324 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
325 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
326 set_asn1, get_asn1,\
327 ctrl,\
328 NULL \
329};\
330const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
331static const EVP_CIPHER cname##_ofb = {\
332 nid##_ofb64, 1, key_len, iv_len, \
333 flags | EVP_CIPH_OFB_MODE,\
334 init_key,\
335 cname##_ofb_cipher,\
336 cleanup,\
337 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
338 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
339 set_asn1, get_asn1,\
340 ctrl,\
341 NULL \
342};\
343const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
344static const EVP_CIPHER cname##_ecb = {\
345 nid##_ecb, block_size, key_len, iv_len, \
346 flags | EVP_CIPH_ECB_MODE,\
347 init_key,\
348 cname##_ecb_cipher,\
349 cleanup,\
350 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
351 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
352 set_asn1, get_asn1,\
353 ctrl,\
354 NULL \
355};\
356const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
357*/
358
359#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
360 block_size, key_len, iv_len, cbits, \
361 flags, init_key, \
362 cleanup, set_asn1, get_asn1, ctrl) \
363 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
364 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
365 cbits, flags, init_key, cleanup, set_asn1, \
366 get_asn1, ctrl)
367
368#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
369 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
370 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
371 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
372 (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
373 cipher##_init_key, NULL, NULL, NULL, NULL)
374
375
376# ifndef OPENSSL_NO_EC
377
378#define X25519_KEYLEN 32
379#define X448_KEYLEN 56
380#define ED448_KEYLEN 57
381
382#define MAX_KEYLEN ED448_KEYLEN
383
384typedef struct {
385 unsigned char pubkey[MAX_KEYLEN];
386 unsigned char *privkey;
387} ECX_KEY;
388
389#endif
390
391/*
392 * Type needs to be a bit field Sub-type needs to be for variations on the
393 * method, as in, can it do arbitrary encryption....
394 */
395struct evp_pkey_st {
396 int type;
397 int save_type;
398 CRYPTO_REF_COUNT references;
399 const EVP_PKEY_ASN1_METHOD *ameth;
400 ENGINE *engine;
401 ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
402 union {
403 void *ptr;
404# ifndef OPENSSL_NO_RSA
405 struct rsa_st *rsa; /* RSA */
406# endif
407# ifndef OPENSSL_NO_DSA
408 struct dsa_st *dsa; /* DSA */
409# endif
410# ifndef OPENSSL_NO_DH
411 struct dh_st *dh; /* DH */
412# endif
413# ifndef OPENSSL_NO_EC
414 struct ec_key_st *ec; /* ECC */
415 ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
416# endif
417 } pkey;
418 int save_parameters;
419 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
420 CRYPTO_RWLOCK *lock;
421} /* EVP_PKEY */ ;
422
423
424void openssl_add_all_ciphers_int(void);
425void openssl_add_all_digests_int(void);
426void evp_cleanup_int(void);
427void evp_app_cleanup_int(void);
428
429/* Pulling defines out of C source files */
430
431#define EVP_RC4_KEY_SIZE 16
432#ifndef TLS1_1_VERSION
433# define TLS1_1_VERSION 0x0302
434#endif
435
436void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
437
438/* EVP_ENCODE_CTX flags */
439/* Don't generate new lines when encoding */
440#define EVP_ENCODE_CTX_NO_NEWLINES 1
441/* Use the SRP base64 alphabet instead of the standard one */
442#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2