diff options
| author | Enji Cooper <ngie@FreeBSD.org> | 2026-01-29 01:30:35 +0000 |
|---|---|---|
| committer | Enji Cooper <ngie@FreeBSD.org> | 2026-01-29 01:30:35 +0000 |
| commit | 677808048e318ef0c4ad69c0c2cc8d82167bffbe (patch) | |
| tree | bef7f1ad0365b42b56b6b8082996024b8483b96b /providers/implementations | |
| parent | 12b8f7324509729dbf5c06c0e8fbc4723d3eefb3 (diff) | |
Diffstat (limited to 'providers/implementations')
187 files changed, 6338 insertions, 6521 deletions
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index 8242546f61ae..799357f36aee 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -46,12 +46,12 @@ static OSSL_FUNC_asym_cipher_set_ctx_params_fn rsa_set_ctx_params; static OSSL_FUNC_asym_cipher_settable_ctx_params_fn rsa_settable_ctx_params; static OSSL_ITEM padding_item[] = { - { RSA_PKCS1_PADDING, OSSL_PKEY_RSA_PAD_MODE_PKCSV15 }, - { RSA_NO_PADDING, OSSL_PKEY_RSA_PAD_MODE_NONE }, - { RSA_PKCS1_OAEP_PADDING, OSSL_PKEY_RSA_PAD_MODE_OAEP }, /* Correct spelling first */ - { RSA_PKCS1_OAEP_PADDING, "oeap" }, - { RSA_X931_PADDING, OSSL_PKEY_RSA_PAD_MODE_X931 }, - { 0, NULL } + { RSA_PKCS1_PADDING, OSSL_PKEY_RSA_PAD_MODE_PKCSV15 }, + { RSA_NO_PADDING, OSSL_PKEY_RSA_PAD_MODE_NONE }, + { RSA_PKCS1_OAEP_PADDING, OSSL_PKEY_RSA_PAD_MODE_OAEP }, /* Correct spelling first */ + { RSA_PKCS1_OAEP_PADDING, "oeap" }, + { RSA_X931_PADDING, OSSL_PKEY_RSA_PAD_MODE_X931 }, + { 0, NULL } }; /* @@ -92,7 +92,7 @@ static void *rsa_newctx(void *provctx) } static int rsa_init(void *vprsactx, void *vrsa, const OSSL_PARAM params[], - int operation) + int operation) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -121,19 +121,19 @@ static int rsa_init(void *vprsactx, void *vrsa, const OSSL_PARAM params[], } static int rsa_encrypt_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_ENCRYPT); } static int rsa_decrypt_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_DECRYPT); } static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, - size_t outsize, const unsigned char *in, size_t inlen) + size_t outsize, const unsigned char *in, size_t inlen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; size_t len = RSA_size(prsactx->rsa); @@ -173,24 +173,23 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, return 0; } } - ret = - ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, - rsasize, in, inlen, - prsactx->oaep_label, - prsactx->oaep_labellen, - prsactx->oaep_md, - prsactx->mgf1_md); + ret = ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, + rsasize, in, inlen, + prsactx->oaep_label, + prsactx->oaep_labellen, + prsactx->oaep_md, + prsactx->mgf1_md); if (!ret) { OPENSSL_free(tbuf); return 0; } ret = RSA_public_encrypt(rsasize, tbuf, out, prsactx->rsa, - RSA_NO_PADDING); + RSA_NO_PADDING); OPENSSL_free(tbuf); } else { ret = RSA_public_encrypt(inlen, in, out, prsactx->rsa, - prsactx->pad_mode); + prsactx->pad_mode); } /* A ret value of 0 is not an error */ if (ret < 0) @@ -200,7 +199,7 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, } static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, - size_t outsize, const unsigned char *in, size_t inlen) + size_t outsize, const unsigned char *in, size_t inlen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; int ret; @@ -235,7 +234,7 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, } if (prsactx->pad_mode == RSA_PKCS1_OAEP_PADDING - || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) { + || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) { unsigned char *tbuf; if ((tbuf = OPENSSL_malloc(len)) == NULL) { @@ -243,7 +242,7 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, return 0; } ret = RSA_private_decrypt(inlen, in, tbuf, prsactx->rsa, - RSA_NO_PADDING); + RSA_NO_PADDING); /* * With no padding then, on success ret should be len, otherwise an * error occurred (non-constant time) @@ -263,11 +262,11 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, } } ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, outsize, tbuf, - len, len, - prsactx->oaep_label, - prsactx->oaep_labellen, - prsactx->oaep_md, - prsactx->mgf1_md); + len, len, + prsactx->oaep_label, + prsactx->oaep_labellen, + prsactx->oaep_md, + prsactx->mgf1_md); } else { /* RSA_PKCS1_WITH_TLS_PADDING */ if (prsactx->client_version <= 0) { @@ -276,13 +275,13 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, return 0; } ret = ossl_rsa_padding_check_PKCS1_type_2_TLS( - prsactx->libctx, out, outsize, tbuf, len, - prsactx->client_version, prsactx->alt_version); + prsactx->libctx, out, outsize, tbuf, len, + prsactx->client_version, prsactx->alt_version); } OPENSSL_free(tbuf); } else { ret = RSA_private_decrypt(inlen, in, out, prsactx->rsa, - prsactx->pad_mode); + prsactx->pad_mode); } *outlen = constant_time_select_s(constant_time_msb_s(ret), *outlen, ret); ret = constant_time_select_int(constant_time_msb(ret), 0, 1); @@ -333,6 +332,12 @@ static void *rsa_dupctx(void *vprsactx) return NULL; } + if (dstctx->oaep_label != NULL + && (dstctx->oaep_label = OPENSSL_memdup(dstctx->oaep_label, dstctx->oaep_labellen)) == NULL) { + rsa_freectx(dstctx); + return NULL; + } + return dstctx; } @@ -351,34 +356,30 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) if (!OSSL_PARAM_set_int(p, prsactx->pad_mode)) return 0; break; - case OSSL_PARAM_UTF8_STRING: - { - int i; - const char *word = NULL; + case OSSL_PARAM_UTF8_STRING: { + int i; + const char *word = NULL; - for (i = 0; padding_item[i].id != 0; i++) { - if (prsactx->pad_mode == (int)padding_item[i].id) { - word = padding_item[i].ptr; - break; - } + for (i = 0; padding_item[i].id != 0; i++) { + if (prsactx->pad_mode == (int)padding_item[i].id) { + word = padding_item[i].ptr; + break; } + } - if (word != NULL) { - if (!OSSL_PARAM_set_utf8_string(p, word)) - return 0; - } else { - ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); - } + if (word != NULL) { + if (!OSSL_PARAM_set_utf8_string(p, word)) + return 0; + } else { + ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); } - break; + } break; default: return 0; } p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST); - if (p != NULL && !OSSL_PARAM_set_utf8_string(p, prsactx->oaep_md == NULL - ? "" - : EVP_MD_get0_name(prsactx->oaep_md))) + if (p != NULL && !OSSL_PARAM_set_utf8_string(p, prsactx->oaep_md == NULL ? "" : EVP_MD_get0_name(prsactx->oaep_md))) return 0; p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST); @@ -386,16 +387,12 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) EVP_MD *mgf1_md = prsactx->mgf1_md == NULL ? prsactx->oaep_md : prsactx->mgf1_md; - if (!OSSL_PARAM_set_utf8_string(p, mgf1_md == NULL - ? "" - : EVP_MD_get0_name(mgf1_md))) - return 0; + if (!OSSL_PARAM_set_utf8_string(p, mgf1_md == NULL ? "" : EVP_MD_get0_name(mgf1_md))) + return 0; } p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL); - if (p != NULL && - !OSSL_PARAM_set_octet_ptr(p, prsactx->oaep_label, - prsactx->oaep_labellen)) + if (p != NULL && !OSSL_PARAM_set_octet_ptr(p, prsactx->oaep_label, prsactx->oaep_labellen)) return 0; p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION); @@ -414,14 +411,14 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, NULL, 0), OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST, NULL, 0), OSSL_PARAM_DEFN(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR, - NULL, 0), + NULL, 0), OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL), OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -446,7 +443,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) return 0; p = OSSL_PARAM_locate_const(params, - OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS); + OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS); if (p != NULL) { str = mdprops; if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops))) @@ -469,21 +466,19 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) if (!OSSL_PARAM_get_int(p, &pad_mode)) return 0; break; - case OSSL_PARAM_UTF8_STRING: - { - int i; + case OSSL_PARAM_UTF8_STRING: { + int i; - if (p->data == NULL) - return 0; + if (p->data == NULL) + return 0; - for (i = 0; padding_item[i].id != 0; i++) { - if (strcmp(p->data, padding_item[i].ptr) == 0) { - pad_mode = padding_item[i].id; - break; - } + for (i = 0; padding_item[i].id != 0; i++) { + if (strcmp(p->data, padding_item[i].ptr) == 0) { + pad_mode = padding_item[i].id; + break; } } - break; + } break; default: return 0; } @@ -509,7 +504,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) return 0; p = OSSL_PARAM_locate_const(params, - OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS); + OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS); if (p != NULL) { str = mdprops; if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops))) @@ -571,7 +566,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { }; static const OSSL_PARAM *rsa_settable_ctx_params(ossl_unused void *vprsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -585,12 +580,12 @@ const OSSL_DISPATCH ossl_rsa_asym_cipher_functions[] = { { OSSL_FUNC_ASYM_CIPHER_FREECTX, (void (*)(void))rsa_freectx }, { OSSL_FUNC_ASYM_CIPHER_DUPCTX, (void (*)(void))rsa_dupctx }, { OSSL_FUNC_ASYM_CIPHER_GET_CTX_PARAMS, - (void (*)(void))rsa_get_ctx_params }, + (void (*)(void))rsa_get_ctx_params }, { OSSL_FUNC_ASYM_CIPHER_GETTABLE_CTX_PARAMS, - (void (*)(void))rsa_gettable_ctx_params }, + (void (*)(void))rsa_gettable_ctx_params }, { OSSL_FUNC_ASYM_CIPHER_SET_CTX_PARAMS, - (void (*)(void))rsa_set_ctx_params }, + (void (*)(void))rsa_set_ctx_params }, { OSSL_FUNC_ASYM_CIPHER_SETTABLE_CTX_PARAMS, - (void (*)(void))rsa_settable_ctx_params }, + (void (*)(void))rsa_settable_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/asymciphers/sm2_enc.c b/providers/implementations/asymciphers/sm2_enc.c index a7c9156087cf..908d4f044be6 100644 --- a/providers/implementations/asymciphers/sm2_enc.c +++ b/providers/implementations/asymciphers/sm2_enc.c @@ -47,7 +47,7 @@ typedef struct { static void *sm2_newctx(void *provctx) { - PROV_SM2_CTX *psm2ctx = OPENSSL_zalloc(sizeof(PROV_SM2_CTX)); + PROV_SM2_CTX *psm2ctx = OPENSSL_zalloc(sizeof(PROV_SM2_CTX)); if (psm2ctx == NULL) return NULL; @@ -79,8 +79,8 @@ static const EVP_MD *sm2_get_md(PROV_SM2_CTX *psm2ctx) } static int sm2_asym_encrypt(void *vpsm2ctx, unsigned char *out, size_t *outlen, - size_t outsize, const unsigned char *in, - size_t inlen) + size_t outsize, const unsigned char *in, + size_t inlen) { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; const EVP_MD *md = sm2_get_md(psm2ctx); @@ -100,8 +100,8 @@ static int sm2_asym_encrypt(void *vpsm2ctx, unsigned char *out, size_t *outlen, } static int sm2_asym_decrypt(void *vpsm2ctx, unsigned char *out, size_t *outlen, - size_t outsize, const unsigned char *in, - size_t inlen) + size_t outsize, const unsigned char *in, + size_t inlen) { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; const EVP_MD *md = sm2_get_md(psm2ctx); @@ -165,8 +165,7 @@ static int sm2_get_ctx_params(void *vpsm2ctx, OSSL_PARAM *params) if (p != NULL) { const EVP_MD *md = ossl_prov_digest_md(&psm2ctx->md); - if (!OSSL_PARAM_set_utf8_string(p, md == NULL ? "" - : EVP_MD_get0_name(md))) + if (!OSSL_PARAM_set_utf8_string(p, md == NULL ? "" : EVP_MD_get0_name(md))) return 0; } @@ -179,7 +178,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { }; static const OSSL_PARAM *sm2_gettable_ctx_params(ossl_unused void *vpsm2ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -194,7 +193,7 @@ static int sm2_set_ctx_params(void *vpsm2ctx, const OSSL_PARAM params[]) return 1; if (!ossl_prov_digest_load_from_params(&psm2ctx->md, params, - psm2ctx->libctx)) + psm2ctx->libctx)) return 0; return 1; @@ -208,7 +207,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { }; static const OSSL_PARAM *sm2_settable_ctx_params(ossl_unused void *vpsm2ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -222,12 +221,12 @@ const OSSL_DISPATCH ossl_sm2_asym_cipher_functions[] = { { OSSL_FUNC_ASYM_CIPHER_FREECTX, (void (*)(void))sm2_freectx }, { OSSL_FUNC_ASYM_CIPHER_DUPCTX, (void (*)(void))sm2_dupctx }, { OSSL_FUNC_ASYM_CIPHER_GET_CTX_PARAMS, - (void (*)(void))sm2_get_ctx_params }, + (void (*)(void))sm2_get_ctx_params }, { OSSL_FUNC_ASYM_CIPHER_GETTABLE_CTX_PARAMS, - (void (*)(void))sm2_gettable_ctx_params }, + (void (*)(void))sm2_gettable_ctx_params }, { OSSL_FUNC_ASYM_CIPHER_SET_CTX_PARAMS, - (void (*)(void))sm2_set_ctx_params }, + (void (*)(void))sm2_set_ctx_params }, { OSSL_FUNC_ASYM_CIPHER_SETTABLE_CTX_PARAMS, - (void (*)(void))sm2_settable_ctx_params }, + (void (*)(void))sm2_settable_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/ciphers/cipher_aes.c b/providers/implementations/ciphers/cipher_aes.c index 2f469c131a7e..029da2dd4344 100644 --- a/providers/implementations/ciphers/cipher_aes.c +++ b/providers/implementations/ciphers/cipher_aes.c @@ -28,7 +28,7 @@ static void aes_freectx(void *vctx) PROV_AES_CTX *ctx = (PROV_AES_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *aes_dupctx(void *ctx) @@ -68,11 +68,11 @@ IMPLEMENT_generic_cipher(aes, AES, ofb, OFB, 0, 192, 8, 128, stream) /* ossl_aes128ofb_functions */ IMPLEMENT_generic_cipher(aes, AES, ofb, OFB, 0, 128, 8, 128, stream) /* ossl_aes256cfb_functions */ -IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 256, 8, 128, stream) +IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 256, 8, 128, stream) /* ossl_aes192cfb_functions */ -IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 192, 8, 128, stream) +IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 192, 8, 128, stream) /* ossl_aes128cfb_functions */ -IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 128, 8, 128, stream) /* ossl_aes256cfb1_functions */ IMPLEMENT_generic_cipher(aes, AES, cfb1, CFB, 0, 256, 8, 128, stream) /* ossl_aes192cfb1_functions */ diff --git a/providers/implementations/ciphers/cipher_aes.h b/providers/implementations/ciphers/cipher_aes.h index c62ac5e7eaeb..22e09c1a96ba 100644 --- a/providers/implementations/ciphers/cipher_aes.h +++ b/providers/implementations/ciphers/cipher_aes.h @@ -12,7 +12,7 @@ #include "crypto/aes_platform.h" typedef struct prov_aes_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; AES_KEY ks; diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c index 6e044576fe95..eef81e9cf94b 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c @@ -24,14 +24,14 @@ #include "prov/providercommon.h" #ifndef AES_CBC_HMAC_SHA_CAPABLE -# define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ -const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \ - { 0, NULL } \ -}; +#define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ + const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \ + { 0, NULL } \ + }; #else -# define AES_CBC_HMAC_SHA_FLAGS (PROV_CIPHER_FLAG_AEAD \ - | PROV_CIPHER_FLAG_TLS1_MULTIBLOCK) +#define AES_CBC_HMAC_SHA_FLAGS (PROV_CIPHER_FLAG_AEAD \ + | PROV_CIPHER_FLAG_TLS1_MULTIBLOCK) static OSSL_FUNC_cipher_encrypt_init_fn aes_einit; static OSSL_FUNC_cipher_decrypt_init_fn aes_dinit; @@ -41,14 +41,14 @@ static OSSL_FUNC_cipher_get_ctx_params_fn aes_get_ctx_params; static OSSL_FUNC_cipher_gettable_ctx_params_fn aes_gettable_ctx_params; static OSSL_FUNC_cipher_set_ctx_params_fn aes_set_ctx_params; static OSSL_FUNC_cipher_settable_ctx_params_fn aes_settable_ctx_params; -# define aes_gettable_params ossl_cipher_generic_gettable_params -# define aes_update ossl_cipher_generic_stream_update -# define aes_final ossl_cipher_generic_stream_final -# define aes_cipher ossl_cipher_generic_cipher +#define aes_gettable_params ossl_cipher_generic_gettable_params +#define aes_update ossl_cipher_generic_stream_update +#define aes_final ossl_cipher_generic_stream_final +#define aes_cipher ossl_cipher_generic_cipher static int aes_einit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -56,8 +56,8 @@ static int aes_einit(void *ctx, const unsigned char *key, size_t keylen, } static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -67,18 +67,18 @@ static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen, static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, NULL), OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, NULL, 0), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, NULL, 0), -# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ +#endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), OSSL_PARAM_END }; const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return cipher_aes_known_settable_ctx_params; } @@ -86,13 +86,12 @@ const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx, static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; - PROV_CIPHER_HW_AES_HMAC_SHA *hw = - (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; + PROV_CIPHER_HW_AES_HMAC_SHA *hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; const OSSL_PARAM *p; int ret = 1; -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; -# endif +#endif if (params == NULL) return 1; @@ -106,11 +105,11 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) hw->init_mac_key(ctx, p->data, p->data_size); } -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) p = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT); + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT); if (p != NULL - && !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) { + && !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -126,7 +125,7 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD); if (p != NULL) { const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); if (p->data_type != OSSL_PARAM_OCTET_STRING || p1 == NULL || !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) { @@ -151,9 +150,9 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC); if (p != NULL) { const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); const OSSL_PARAM *pin = OSSL_PARAM_locate_const(params, - OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); + OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); if (p->data_type != OSSL_PARAM_OCTET_STRING || pin == NULL @@ -169,7 +168,7 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0) return 0; } -# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ +#endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); if (p != NULL) { @@ -202,7 +201,7 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if (ctx->base.tlsversion == SSL3_VERSION - || ctx->base.tlsversion == TLS1_VERSION) { + || ctx->base.tlsversion == TLS1_VERSION) { if (!ossl_assert(ctx->base.removetlsfixed >= AES_BLOCK_SIZE)) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return 0; @@ -222,11 +221,10 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; OSSL_PARAM *p; -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE); if (p != NULL) { - PROV_CIPHER_HW_AES_HMAC_SHA *hw = - (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; + PROV_CIPHER_HW_AES_HMAC_SHA *hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; size_t len = hw->tls1_multiblock_max_bufsize(ctx); if (!OSSL_PARAM_set_size_t(p, len)) { @@ -252,7 +250,7 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } -# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ +#endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tls_aad_pad)) { @@ -287,12 +285,12 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = { -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, NULL), OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, NULL), -# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ +#endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), @@ -301,25 +299,25 @@ static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = { OSSL_PARAM_END }; const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return cipher_aes_known_gettable_ctx_params; } static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx, - const PROV_CIPHER_HW_AES_HMAC_SHA *meths, - size_t kbits, size_t blkbits, size_t ivbits, - uint64_t flags) + const PROV_CIPHER_HW_AES_HMAC_SHA *meths, + size_t kbits, size_t blkbits, size_t ivbits, + uint64_t flags) { ossl_cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, - EVP_CIPH_CBC_MODE, flags, - &meths->base, provctx); + EVP_CIPH_CBC_MODE, flags, + &meths->base, provctx); ctx->hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->base.hw; } static void *aes_cbc_hmac_sha1_newctx(void *provctx, size_t kbits, - size_t blkbits, size_t ivbits, - uint64_t flags) + size_t blkbits, size_t ivbits, + uint64_t flags) { PROV_AES_HMAC_SHA1_CTX *ctx; @@ -329,8 +327,8 @@ static void *aes_cbc_hmac_sha1_newctx(void *provctx, size_t kbits, ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) base_init(provctx, &ctx->base_ctx, - ossl_prov_cipher_hw_aes_cbc_hmac_sha1(), kbits, blkbits, - ivbits, flags); + ossl_prov_cipher_hw_aes_cbc_hmac_sha1(), kbits, blkbits, + ivbits, flags); return ctx; } @@ -355,8 +353,8 @@ static void aes_cbc_hmac_sha1_freectx(void *vctx) } static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits, - size_t blkbits, size_t ivbits, - uint64_t flags) + size_t blkbits, size_t ivbits, + uint64_t flags) { PROV_AES_HMAC_SHA256_CTX *ctx; @@ -366,8 +364,8 @@ static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits, ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) base_init(provctx, &ctx->base_ctx, - ossl_prov_cipher_hw_aes_cbc_hmac_sha256(), kbits, blkbits, - ivbits, flags); + ossl_prov_cipher_hw_aes_cbc_hmac_sha256(), kbits, blkbits, + ivbits, flags); return ctx; } @@ -388,41 +386,41 @@ static void aes_cbc_hmac_sha256_freectx(void *vctx) } } -# define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ -static OSSL_FUNC_cipher_newctx_fn nm##_##kbits##_##sub##_newctx; \ -static void *nm##_##kbits##_##sub##_newctx(void *provctx) \ -{ \ - return nm##_##sub##_newctx(provctx, kbits, blkbits, ivbits, flags); \ -} \ -static OSSL_FUNC_cipher_get_params_fn nm##_##kbits##_##sub##_get_params; \ -static int nm##_##kbits##_##sub##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))nm##_##kbits##_##sub##_newctx },\ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))nm##_##sub##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))nm##_##sub##_dupctx}, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))nm##_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))nm##_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))nm##_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))nm##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))nm##_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void))nm##_##kbits##_##sub##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))nm##_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))nm##_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))nm##_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))nm##_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))nm##_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ + static OSSL_FUNC_cipher_newctx_fn nm##_##kbits##_##sub##_newctx; \ + static void *nm##_##kbits##_##sub##_newctx(void *provctx) \ + { \ + return nm##_##sub##_newctx(provctx, kbits, blkbits, ivbits, flags); \ + } \ + static OSSL_FUNC_cipher_get_params_fn nm##_##kbits##_##sub##_get_params; \ + static int nm##_##kbits##_##sub##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))nm##_##kbits##_##sub##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))nm##_##sub##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))nm##_##sub##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))nm##_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))nm##_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))nm##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))nm##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))nm##_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))nm##_##kbits##_##sub##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))nm##_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))nm##_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))nm##_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))nm##_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))nm##_settable_ctx_params }, \ + { 0, NULL } \ + }; #endif /* AES_CBC_HMAC_SHA_CAPABLE */ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h index 6aaf3f06fb49..97831da9e788 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h @@ -17,26 +17,26 @@ typedef struct prov_cipher_hw_aes_hmac_sha_ctx_st { PROV_CIPHER_HW base; /* must be first */ void (*init_mac_key)(void *ctx, const unsigned char *inkey, size_t inlen); int (*set_tls1_aad)(void *ctx, unsigned char *aad_rec, int aad_len); -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) int (*tls1_multiblock_max_bufsize)(void *ctx); int (*tls1_multiblock_aad)( void *vctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param); int (*tls1_multiblock_encrypt)( void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param); -# endif /* OPENSSL_NO_MULTIBLOCK) */ +#endif /* OPENSSL_NO_MULTIBLOCK) */ } PROV_CIPHER_HW_AES_HMAC_SHA; const PROV_CIPHER_HW_AES_HMAC_SHA *ossl_prov_cipher_hw_aes_cbc_hmac_sha1(void); const PROV_CIPHER_HW_AES_HMAC_SHA *ossl_prov_cipher_hw_aes_cbc_hmac_sha256(void); #ifdef AES_CBC_HMAC_SHA_CAPABLE -# include <openssl/aes.h> -# include <openssl/sha.h> +#include <openssl/aes.h> +#include <openssl/sha.h> typedef struct prov_aes_hmac_sha_ctx_st { PROV_CIPHER_CTX base; AES_KEY ks; - size_t payload_length; /* AAD length in decrypt case */ + size_t payload_length; /* AAD length in decrypt case */ union { unsigned int tls_ver; unsigned char tls_aad[16]; /* 13 used */ @@ -60,6 +60,6 @@ typedef struct prov_aes_hmac_sha256_ctx_st { SHA256_CTX head, tail, md; } PROV_AES_HMAC_SHA256_CTX; -# define NO_PAYLOAD_LENGTH ((size_t)-1) +#define NO_PAYLOAD_LENGTH ((size_t)-1) #endif /* AES_CBC_HMAC_SHA_CAPABLE */ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c index 76674d530434..e884c6501a7d 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c @@ -28,14 +28,14 @@ const PROV_CIPHER_HW_AES_HMAC_SHA *ossl_prov_cipher_hw_aes_cbc_hmac_sha1(void) } #else -# include <openssl/rand.h> -# include "crypto/evp.h" -# include "internal/constant_time.h" +#include <openssl/rand.h> +#include "crypto/evp.h" +#include "internal/constant_time.h" void sha1_block_data_order(void *c, const void *p, size_t len); void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks, - const AES_KEY *key, unsigned char iv[16], - SHA_CTX *ctx, const void *in0); + const AES_KEY *key, unsigned char iv[16], + SHA_CTX *ctx, const void *in0); int ossl_cipher_capable_aes_cbc_hmac_sha1(void) { @@ -43,7 +43,7 @@ int ossl_cipher_capable_aes_cbc_hmac_sha1(void) } static int aesni_cbc_hmac_sha1_init_key(PROV_CIPHER_CTX *vctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { int ret; PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; @@ -54,7 +54,7 @@ static int aesni_cbc_hmac_sha1_init_key(PROV_CIPHER_CTX *vctx, else ret = aesni_set_decrypt_key(key, keylen * 8, &ctx->ks); - SHA1_Init(&sctx->head); /* handy when benchmarking */ + SHA1_Init(&sctx->head); /* handy when benchmarking */ sctx->tail = sctx->head; sctx->md = sctx->head; @@ -97,7 +97,7 @@ static void sha1_update(SHA_CTX *c, const void *data, size_t len) SHA1_Update(c, ptr, res); } -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) typedef struct { unsigned int A[8], B[8], C[8], D[8], E[8]; @@ -119,10 +119,10 @@ void sha1_multi_block(SHA1_MB_CTX *, const HASH_DESC *, int); void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int); static size_t tls1_multi_block_encrypt(void *vctx, - unsigned char *out, - const unsigned char *inp, - size_t inp_len, int n4x) -{ /* n4x is 1 or 2 */ + unsigned char *out, + const unsigned char *inp, + size_t inp_len, int n4x) +{ /* n4x is 1 or 2 */ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; HASH_DESC hash_d[8], edges[8]; @@ -138,15 +138,15 @@ static size_t tls1_multi_block_encrypt(void *vctx, unsigned int x4 = 4 * n4x, minblocks, processed = 0; size_t ret = 0; u8 *IVs; -# if defined(BSWAP8) +#if defined(BSWAP8) u64 seqnum; -# endif +#endif /* ask for IVs in bulk */ if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4, 0) <= 0) return 0; - mctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */ + mctx = (SHA1_MB_CTX *)(storage + 32 - ((size_t)storage % 32)); /* align */ frag = (unsigned int)inp_len >> (1 + n4x); last = (unsigned int)inp_len + frag - (frag << (1 + n4x)); @@ -174,15 +174,15 @@ static size_t tls1_multi_block_encrypt(void *vctx, IVs += 16; } -# if defined(BSWAP8) +#if defined(BSWAP8) memcpy(blocks[0].c, sctx->md.data, 8); seqnum = BSWAP8(blocks[0].q[0]); -# endif +#endif for (i = 0; i < x4; i++) { unsigned int len = (i == (x4 - 1) ? last : frag); -# if !defined(BSWAP8) +#if !defined(BSWAP8) unsigned int carry, j; -# endif +#endif mctx->A[i] = sctx->md.h0; mctx->B[i] = sctx->md.h1; @@ -191,14 +191,14 @@ static size_t tls1_multi_block_encrypt(void *vctx, mctx->E[i] = sctx->md.h4; /* fix seqnum */ -# if defined(BSWAP8) +#if defined(BSWAP8) blocks[i].q[0] = BSWAP8(seqnum + i); -# else +#else for (carry = i, j = 8; j--;) { blocks[i].c[j] = ((u8 *)sctx->md.data)[j] + carry; carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1); } -# endif +#endif blocks[i].c[8] = ((u8 *)sctx->md.data)[8]; blocks[i].c[9] = ((u8 *)sctx->md.data)[9]; blocks[i].c[10] = ((u8 *)sctx->md.data)[10]; @@ -217,10 +217,10 @@ static size_t tls1_multi_block_encrypt(void *vctx, /* hash 13-byte headers and first 64-13 bytes of inputs */ sha1_multi_block(mctx, edges, n4x); /* hash bulk inputs */ -# define MAXCHUNKSIZE 2048 -# if MAXCHUNKSIZE%64 -# error "MAXCHUNKSIZE is not divisible by 64" -# elif MAXCHUNKSIZE +#define MAXCHUNKSIZE 2048 +#if MAXCHUNKSIZE % 64 +#error "MAXCHUNKSIZE is not divisible by 64" +#elif MAXCHUNKSIZE /* * goal is to minimize pressure on L1 cache by moving in shorter steps, * so that hashed data is still in the cache by the time we encrypt it @@ -249,34 +249,34 @@ static size_t tls1_multi_block_encrypt(void *vctx, minblocks -= MAXCHUNKSIZE / 64; } while (minblocks > MAXCHUNKSIZE / 64); } -# endif -# undef MAXCHUNKSIZE +#endif +#undef MAXCHUNKSIZE sha1_multi_block(mctx, hash_d, n4x); memset(blocks, 0, sizeof(blocks)); for (i = 0; i < x4; i++) { unsigned int len = (i == (x4 - 1) ? last : frag), - off = hash_d[i].blocks * 64; + off = hash_d[i].blocks * 64; const unsigned char *ptr = hash_d[i].ptr + off; off = (len - processed) - (64 - 13) - off; /* remainder actually */ memcpy(blocks[i].c, ptr, off); blocks[i].c[off] = 0x80; - len += 64 + 13; /* 64 is HMAC header */ - len *= 8; /* convert to bits */ + len += 64 + 13; /* 64 is HMAC header */ + len *= 8; /* convert to bits */ if (off < (64 - 8)) { -# ifdef BSWAP4 +#ifdef BSWAP4 blocks[i].d[15] = BSWAP4(len); -# else +#else PUTU32(blocks[i].c + 60, len); -# endif +#endif edges[i].blocks = 1; } else { -# ifdef BSWAP4 +#ifdef BSWAP4 blocks[i].d[31] = BSWAP4(len); -# else +#else PUTU32(blocks[i].c + 124, len); -# endif +#endif edges[i].blocks = 2; } edges[i].ptr = blocks[i].c; @@ -287,7 +287,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, memset(blocks, 0, sizeof(blocks)); for (i = 0; i < x4; i++) { -# ifdef BSWAP4 +#ifdef BSWAP4 blocks[i].d[0] = BSWAP4(mctx->A[i]); mctx->A[i] = sctx->tail.h0; blocks[i].d[1] = BSWAP4(mctx->B[i]); @@ -300,7 +300,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, mctx->E[i] = sctx->tail.h4; blocks[i].c[20] = 0x80; blocks[i].d[15] = BSWAP4((64 + 20) * 8); -# else +#else PUTU32(blocks[i].c + 0, mctx->A[i]); mctx->A[i] = sctx->tail.h0; PUTU32(blocks[i].c + 4, mctx->B[i]); @@ -313,7 +313,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, mctx->E[i] = sctx->tail.h4; blocks[i].c[20] = 0x80; PUTU32(blocks[i].c + 60, (64 + 20) * 8); -# endif /* BSWAP */ +#endif /* BSWAP */ edges[i].ptr = blocks[i].c; edges[i].blocks = 1; } @@ -346,7 +346,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, len += pad + 1; ciph_d[i].blocks = (len - processed) / 16; - len += 16; /* account for explicit iv */ + len += 16; /* account for explicit iv */ /* arrange header */ out0[0] = ((u8 *)sctx->md.data)[8]; @@ -367,11 +367,11 @@ static size_t tls1_multi_block_encrypt(void *vctx, ctx->multiblock_encrypt_len = ret; return ret; } -# endif /* OPENSSL_NO_MULTIBLOCK */ +#endif /* OPENSSL_NO_MULTIBLOCK */ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, - unsigned char *out, - const unsigned char *in, size_t len) + unsigned char *out, + const unsigned char *in, size_t len) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; @@ -389,19 +389,17 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, if (ctx->base.enc) { if (plen == NO_PAYLOAD_LENGTH) plen = len; - else if (len != - ((plen + SHA_DIGEST_LENGTH + - AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + else if (len != ((plen + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) return 0; else if (ctx->aux.tls_ver >= TLS1_1_VERSION) iv = AES_BLOCK_SIZE; if (plen > (sha_off + iv) - && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) { + && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) { sha1_update(&sctx->md, in + iv, sha_off); aesni_cbc_sha1_enc(in, out, blocks, &ctx->ks, ctx->base.iv, - &sctx->md, in + iv + sha_off); + &sctx->md, in + iv + sha_off); blocks *= SHA_CBLOCK; aes_off += blocks; sha_off += blocks; @@ -415,7 +413,7 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, sha_off += iv; sha1_update(&sctx->md, in + sha_off, plen - sha_off); - if (plen != len) { /* "TLS" mode of operation */ + if (plen != len) { /* "TLS" mode of operation */ if (in != out) memcpy(out + aes_off, in + aes_off, plen - aes_off); @@ -431,10 +429,10 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, out[plen] = l; /* encrypt HMAC|padding at once */ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off, - &ctx->ks, ctx->base.iv, 1); + &ctx->ks, ctx->base.iv, 1); } else { aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off, - &ctx->ks, ctx->base.iv, 1); + &ctx->ks, ctx->base.iv, 1); } } else { union { @@ -509,15 +507,15 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, /* but pretend as if we hashed padded payload */ bitlen = sctx->md.Nl + (inp_len << 3); /* at most 18 bits */ -# ifdef BSWAP4 +#ifdef BSWAP4 bitlen = BSWAP4(bitlen); -# else +#else mac.c[0] = 0; mac.c[1] = (unsigned char)(bitlen >> 16); mac.c[2] = (unsigned char)(bitlen >> 8); mac.c[3] = (unsigned char)bitlen; bitlen = mac.u[0]; -# endif /* BSWAP */ +#endif /* BSWAP */ pmac->u[0] = 0; pmac->u[1] = 0; @@ -574,13 +572,13 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, pmac->u[3] |= sctx->md.h3 & mask; pmac->u[4] |= sctx->md.h4 & mask; -# ifdef BSWAP4 +#ifdef BSWAP4 pmac->u[0] = BSWAP4(pmac->u[0]); pmac->u[1] = BSWAP4(pmac->u[1]); pmac->u[2] = BSWAP4(pmac->u[2]); pmac->u[3] = BSWAP4(pmac->u[3]); pmac->u[4] = BSWAP4(pmac->u[4]); -# else +#else for (i = 0; i < 5; i++) { res = pmac->u[i]; pmac->c[4 * i + 0] = (unsigned char)(res >> 24); @@ -588,7 +586,7 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, pmac->c[4 * i + 2] = (unsigned char)(res >> 8); pmac->c[4 * i + 3] = (unsigned char)res; } -# endif /* BSWAP4 */ +#endif /* BSWAP4 */ len += SHA_DIGEST_LENGTH; sctx->md = sctx->tail; sha1_update(&sctx->md, pmac->c, SHA_DIGEST_LENGTH); @@ -605,9 +603,7 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, for (res = 0, i = 0, j = 0; j < maxpad + SHA_DIGEST_LENGTH; j++) { c = p[j]; - cmask = - ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) * - 8 - 1); + cmask = ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) * 8 - 1); res |= (c ^ pad) & ~cmask; /* ... and padding */ cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1); res |= (c ^ pmac->c[i]) & cmask; @@ -630,7 +626,7 @@ static int aesni_cbc_hmac_sha1_cipher(PROV_CIPHER_CTX *vctx, /* EVP_CTRL_AEAD_SET_MAC_KEY */ static void aesni_cbc_hmac_sha1_set_mac_key(void *vctx, - const unsigned char *mac, size_t len) + const unsigned char *mac, size_t len) { PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; unsigned int i; @@ -661,7 +657,7 @@ static void aesni_cbc_hmac_sha1_set_mac_key(void *vctx, /* EVP_CTRL_AEAD_TLS1_AAD */ static int aesni_cbc_hmac_sha1_set_tls1_aad(void *vctx, - unsigned char *aad_rec, int aad_len) + unsigned char *aad_rec, int aad_len) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA1_CTX *sctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; @@ -675,8 +671,7 @@ static int aesni_cbc_hmac_sha1_set_tls1_aad(void *vctx, if (ctx->base.enc) { ctx->payload_length = len; - if ((ctx->aux.tls_ver = - p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) { + if ((ctx->aux.tls_ver = p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) { if (len < AES_BLOCK_SIZE) return 0; len -= AES_BLOCK_SIZE; @@ -685,9 +680,8 @@ static int aesni_cbc_hmac_sha1_set_tls1_aad(void *vctx, } sctx->md = sctx->head; sha1_update(&sctx->md, p, aad_len); - ctx->tls_aad_pad = (int)(((len + SHA_DIGEST_LENGTH + - AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - - len); + ctx->tls_aad_pad = (int)(((len + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); return 1; } else { memcpy(ctx->aux.tls_aad, aad_rec, aad_len); @@ -697,7 +691,7 @@ static int aesni_cbc_hmac_sha1_set_tls1_aad(void *vctx, } } -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) /* EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE */ static int aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize(void *vctx) @@ -706,7 +700,7 @@ static int aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize(void *vctx) OPENSSL_assert(ctx->multiblock_max_send_fragment != 0); return (int)(5 + 16 - + (((int)ctx->multiblock_max_send_fragment + 20 + 16) & -16)); + + (((int)ctx->multiblock_max_send_fragment + 20 + 16) & -16)); } /* EVP_CTRL_TLS1_1_MULTIBLOCK_AAD */ @@ -759,7 +753,7 @@ static int aesni_cbc_hmac_sha1_tls1_multiblock_aad( ctx->multiblock_aad_packlen = packlen; return 1; } - return -1; /* not yet */ + return -1; /* not yet */ } /* EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT */ @@ -767,24 +761,22 @@ static int aesni_cbc_hmac_sha1_tls1_multiblock_encrypt( void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param) { return (int)tls1_multi_block_encrypt(ctx, param->out, - param->inp, param->len, - param->interleave / 4); + param->inp, param->len, + param->interleave / 4); } -# endif /* OPENSSL_NO_MULTIBLOCK */ +#endif /* OPENSSL_NO_MULTIBLOCK */ static const PROV_CIPHER_HW_AES_HMAC_SHA cipher_hw_aes_hmac_sha1 = { - { - aesni_cbc_hmac_sha1_init_key, - aesni_cbc_hmac_sha1_cipher - }, + { aesni_cbc_hmac_sha1_init_key, + aesni_cbc_hmac_sha1_cipher }, aesni_cbc_hmac_sha1_set_mac_key, aesni_cbc_hmac_sha1_set_tls1_aad, -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) aesni_cbc_hmac_sha1_tls1_multiblock_max_bufsize, aesni_cbc_hmac_sha1_tls1_multiblock_aad, aesni_cbc_hmac_sha1_tls1_multiblock_encrypt -# endif +#endif }; const PROV_CIPHER_HW_AES_HMAC_SHA *ossl_prov_cipher_hw_aes_cbc_hmac_sha1(void) diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c index f5b2f8b6da32..b1c508d5b5f2 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c @@ -28,24 +28,24 @@ const PROV_CIPHER_HW_AES_HMAC_SHA *ossl_prov_cipher_hw_aes_cbc_hmac_sha256(void) } #else -# include <openssl/rand.h> -# include "crypto/evp.h" -# include "internal/constant_time.h" +#include <openssl/rand.h> +#include "crypto/evp.h" +#include "internal/constant_time.h" void sha256_block_data_order(void *c, const void *p, size_t len); int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks, - const AES_KEY *key, unsigned char iv[16], - SHA256_CTX *ctx, const void *in0); + const AES_KEY *key, unsigned char iv[16], + SHA256_CTX *ctx, const void *in0); int ossl_cipher_capable_aes_cbc_hmac_sha256(void) { return AESNI_CBC_HMAC_SHA_CAPABLE - && aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL); + && aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL); } static int aesni_cbc_hmac_sha256_init_key(PROV_CIPHER_CTX *vctx, - const unsigned char *key, - size_t keylen) + const unsigned char *key, + size_t keylen) { int ret; PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; @@ -56,7 +56,7 @@ static int aesni_cbc_hmac_sha256_init_key(PROV_CIPHER_CTX *vctx, else ret = aesni_set_decrypt_key(key, ctx->base.keylen * 8, &ctx->ks); - SHA256_Init(&sctx->head); /* handy when benchmarking */ + SHA256_Init(&sctx->head); /* handy when benchmarking */ sctx->tail = sctx->head; sctx->md = sctx->head; @@ -101,7 +101,7 @@ static void sha256_update(SHA256_CTX *c, const void *data, size_t len) SHA256_Update(c, ptr, res); } -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) typedef struct { unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8]; @@ -123,10 +123,10 @@ void sha256_multi_block(SHA256_MB_CTX *, const HASH_DESC *, int); void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int); static size_t tls1_multi_block_encrypt(void *vctx, - unsigned char *out, - const unsigned char *inp, - size_t inp_len, int n4x) -{ /* n4x is 1 or 2 */ + unsigned char *out, + const unsigned char *inp, + size_t inp_len, int n4x) +{ /* n4x is 1 or 2 */ PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; HASH_DESC hash_d[8], edges[8]; @@ -142,15 +142,15 @@ static size_t tls1_multi_block_encrypt(void *vctx, unsigned int x4 = 4 * n4x, minblocks, processed = 0; size_t ret = 0; u8 *IVs; -# if defined(BSWAP8) +#if defined(BSWAP8) u64 seqnum; -# endif +#endif /* ask for IVs in bulk */ if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4, 0) <= 0) return 0; - mctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */ + mctx = (SHA256_MB_CTX *)(storage + 32 - ((size_t)storage % 32)); /* align */ frag = (unsigned int)inp_len >> (1 + n4x); last = (unsigned int)inp_len + frag - (frag << (1 + n4x)); @@ -178,16 +178,16 @@ static size_t tls1_multi_block_encrypt(void *vctx, IVs += 16; } -# if defined(BSWAP8) +#if defined(BSWAP8) memcpy(blocks[0].c, sctx->md.data, 8); seqnum = BSWAP8(blocks[0].q[0]); -# endif +#endif for (i = 0; i < x4; i++) { unsigned int len = (i == (x4 - 1) ? last : frag); -# if !defined(BSWAP8) +#if !defined(BSWAP8) unsigned int carry, j; -# endif +#endif mctx->A[i] = sctx->md.h[0]; mctx->B[i] = sctx->md.h[1]; @@ -199,14 +199,14 @@ static size_t tls1_multi_block_encrypt(void *vctx, mctx->H[i] = sctx->md.h[7]; /* fix seqnum */ -# if defined(BSWAP8) +#if defined(BSWAP8) blocks[i].q[0] = BSWAP8(seqnum + i); -# else +#else for (carry = i, j = 8; j--;) { blocks[i].c[j] = ((u8 *)sctx->md.data)[j] + carry; carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1); } -# endif +#endif blocks[i].c[8] = ((u8 *)sctx->md.data)[8]; blocks[i].c[9] = ((u8 *)sctx->md.data)[9]; blocks[i].c[10] = ((u8 *)sctx->md.data)[10]; @@ -225,10 +225,10 @@ static size_t tls1_multi_block_encrypt(void *vctx, /* hash 13-byte headers and first 64-13 bytes of inputs */ sha256_multi_block(mctx, edges, n4x); /* hash bulk inputs */ -# define MAXCHUNKSIZE 2048 -# if MAXCHUNKSIZE%64 -# error "MAXCHUNKSIZE is not divisible by 64" -# elif MAXCHUNKSIZE +#define MAXCHUNKSIZE 2048 +#if MAXCHUNKSIZE % 64 +#error "MAXCHUNKSIZE is not divisible by 64" +#elif MAXCHUNKSIZE /* * goal is to minimize pressure on L1 cache by moving in shorter steps, * so that hashed data is still in the cache by the time we encrypt it @@ -257,34 +257,34 @@ static size_t tls1_multi_block_encrypt(void *vctx, minblocks -= MAXCHUNKSIZE / 64; } while (minblocks > MAXCHUNKSIZE / 64); } -# endif -# undef MAXCHUNKSIZE +#endif +#undef MAXCHUNKSIZE sha256_multi_block(mctx, hash_d, n4x); memset(blocks, 0, sizeof(blocks)); for (i = 0; i < x4; i++) { unsigned int len = (i == (x4 - 1) ? last : frag), - off = hash_d[i].blocks * 64; + off = hash_d[i].blocks * 64; const unsigned char *ptr = hash_d[i].ptr + off; off = (len - processed) - (64 - 13) - off; /* remainder actually */ memcpy(blocks[i].c, ptr, off); blocks[i].c[off] = 0x80; - len += 64 + 13; /* 64 is HMAC header */ - len *= 8; /* convert to bits */ + len += 64 + 13; /* 64 is HMAC header */ + len *= 8; /* convert to bits */ if (off < (64 - 8)) { -# ifdef BSWAP4 +#ifdef BSWAP4 blocks[i].d[15] = BSWAP4(len); -# else +#else PUTU32(blocks[i].c + 60, len); -# endif +#endif edges[i].blocks = 1; } else { -# ifdef BSWAP4 +#ifdef BSWAP4 blocks[i].d[31] = BSWAP4(len); -# else +#else PUTU32(blocks[i].c + 124, len); -# endif +#endif edges[i].blocks = 2; } edges[i].ptr = blocks[i].c; @@ -295,7 +295,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, memset(blocks, 0, sizeof(blocks)); for (i = 0; i < x4; i++) { -# ifdef BSWAP4 +#ifdef BSWAP4 blocks[i].d[0] = BSWAP4(mctx->A[i]); mctx->A[i] = sctx->tail.h[0]; blocks[i].d[1] = BSWAP4(mctx->B[i]); @@ -314,7 +314,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, mctx->H[i] = sctx->tail.h[7]; blocks[i].c[32] = 0x80; blocks[i].d[15] = BSWAP4((64 + 32) * 8); -# else +#else PUTU32(blocks[i].c + 0, mctx->A[i]); mctx->A[i] = sctx->tail.h[0]; PUTU32(blocks[i].c + 4, mctx->B[i]); @@ -333,7 +333,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, mctx->H[i] = sctx->tail.h[7]; blocks[i].c[32] = 0x80; PUTU32(blocks[i].c + 60, (64 + 32) * 8); -# endif /* BSWAP */ +#endif /* BSWAP */ edges[i].ptr = blocks[i].c; edges[i].blocks = 1; } @@ -369,7 +369,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, len += pad + 1; ciph_d[i].blocks = (len - processed) / 16; - len += 16; /* account for explicit iv */ + len += 16; /* account for explicit iv */ /* arrange header */ out0[0] = ((u8 *)sctx->md.data)[8]; @@ -390,11 +390,11 @@ static size_t tls1_multi_block_encrypt(void *vctx, ctx->multiblock_encrypt_len = ret; return ret; } -# endif /* !OPENSSL_NO_MULTIBLOCK */ +#endif /* !OPENSSL_NO_MULTIBLOCK */ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, - unsigned char *out, - const unsigned char *in, size_t len) + unsigned char *out, + const unsigned char *in, size_t len) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; @@ -412,9 +412,7 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, if (ctx->base.enc) { if (plen == NO_PAYLOAD_LENGTH) plen = len; - else if (len != - ((plen + SHA256_DIGEST_LENGTH + - AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) + else if (len != ((plen + SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)) return 0; else if (ctx->aux.tls_ver >= TLS1_1_VERSION) iv = AES_BLOCK_SIZE; @@ -429,17 +427,17 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, * either even XOP-capable Bulldozer-based or GenuineIntel one. * But SHAEXT-capable go ahead... */ - if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */ - ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */ - ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */ - | (OPENSSL_ia32cap_P[0] & (1 << 30))))) && /* "Intel CPU"? */ - plen > (sha_off + iv) && - (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) { + if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */ + ((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */ + ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */ + | (OPENSSL_ia32cap_P[0] & (1 << 30))))) + && /* "Intel CPU"? */ + plen > (sha_off + iv) && (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) { sha256_update(&sctx->md, in + iv, sha_off); (void)aesni_cbc_sha256_enc(in, out, blocks, &ctx->ks, - ctx->base.iv, - &sctx->md, in + iv + sha_off); + ctx->base.iv, + &sctx->md, in + iv + sha_off); blocks *= SHA256_CBLOCK; aes_off += blocks; sha_off += blocks; @@ -453,7 +451,7 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, sha_off += iv; sha256_update(&sctx->md, in + sha_off, plen - sha_off); - if (plen != len) { /* "TLS" mode of operation */ + if (plen != len) { /* "TLS" mode of operation */ if (in != out) memcpy(out + aes_off, in + aes_off, plen - aes_off); @@ -469,10 +467,10 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, out[plen] = l; /* encrypt HMAC|padding at once */ aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off, - &ctx->ks, ctx->base.iv, 1); + &ctx->ks, ctx->base.iv, 1); } else { aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off, - &ctx->ks, ctx->base.iv, 1); + &ctx->ks, ctx->base.iv, 1); } } else { union { @@ -485,7 +483,7 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, /* decrypt HMAC|padding at once */ aesni_cbc_encrypt(in, out, len, &ctx->ks, - ctx->base.iv, 0); + ctx->base.iv, 0); if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */ size_t inp_len, mask, j, i; @@ -545,15 +543,15 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, /* but pretend as if we hashed padded payload */ bitlen = sctx->md.Nl + (inp_len << 3); /* at most 18 bits */ -# ifdef BSWAP4 +#ifdef BSWAP4 bitlen = BSWAP4(bitlen); -# else +#else mac.c[0] = 0; mac.c[1] = (unsigned char)(bitlen >> 16); mac.c[2] = (unsigned char)(bitlen >> 8); mac.c[3] = (unsigned char)bitlen; bitlen = mac.u[0]; -# endif /* BSWAP */ +#endif /* BSWAP */ pmac->u[0] = 0; pmac->u[1] = 0; @@ -622,7 +620,7 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, pmac->u[6] |= sctx->md.h[6] & mask; pmac->u[7] |= sctx->md.h[7] & mask; -# ifdef BSWAP4 +#ifdef BSWAP4 pmac->u[0] = BSWAP4(pmac->u[0]); pmac->u[1] = BSWAP4(pmac->u[1]); pmac->u[2] = BSWAP4(pmac->u[2]); @@ -631,7 +629,7 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, pmac->u[5] = BSWAP4(pmac->u[5]); pmac->u[6] = BSWAP4(pmac->u[6]); pmac->u[7] = BSWAP4(pmac->u[7]); -# else +#else for (i = 0; i < 8; i++) { res = pmac->u[i]; pmac->c[4 * i + 0] = (unsigned char)(res >> 24); @@ -639,7 +637,7 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, pmac->c[4 * i + 2] = (unsigned char)(res >> 8); pmac->c[4 * i + 3] = (unsigned char)res; } -# endif /* BSWAP */ +#endif /* BSWAP */ len += SHA256_DIGEST_LENGTH; sctx->md = sctx->tail; sha256_update(&sctx->md, pmac->c, SHA256_DIGEST_LENGTH); @@ -650,18 +648,15 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, len -= inp_len; /* code containing lucky-13 fix */ { - unsigned char *p = - out + len - 1 - maxpad - SHA256_DIGEST_LENGTH; + unsigned char *p = out + len - 1 - maxpad - SHA256_DIGEST_LENGTH; size_t off = out - p; unsigned int c, cmask; for (res = 0, i = 0, j = 0; - j < maxpad + SHA256_DIGEST_LENGTH; - j++) { + j < maxpad + SHA256_DIGEST_LENGTH; + j++) { c = p[j]; - cmask = - ((int)(j - off - SHA256_DIGEST_LENGTH)) >> - (sizeof(int) * 8 - 1); + cmask = ((int)(j - off - SHA256_DIGEST_LENGTH)) >> (sizeof(int) * 8 - 1); res |= (c ^ pad) & ~cmask; /* ... and padding */ cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1); res |= (c ^ pmac->c[i]) & cmask; @@ -682,8 +677,8 @@ static int aesni_cbc_hmac_sha256_cipher(PROV_CIPHER_CTX *vctx, /* EVP_CTRL_AEAD_SET_MAC_KEY */ static void aesni_cbc_hmac_sha256_set_mac_key(void *vctx, - const unsigned char *mackey, - size_t len) + const unsigned char *mackey, + size_t len) { PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; unsigned int i; @@ -714,7 +709,7 @@ static void aesni_cbc_hmac_sha256_set_mac_key(void *vctx, /* EVP_CTRL_AEAD_TLS1_AAD */ static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx, - unsigned char *aad_rec, int aad_len) + unsigned char *aad_rec, int aad_len) { PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA256_CTX *sctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; @@ -728,8 +723,7 @@ static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx, if (ctx->base.enc) { ctx->payload_length = len; - if ((ctx->aux.tls_ver = - p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) { + if ((ctx->aux.tls_ver = p[aad_len - 4] << 8 | p[aad_len - 3]) >= TLS1_1_VERSION) { if (len < AES_BLOCK_SIZE) return 0; len -= AES_BLOCK_SIZE; @@ -738,9 +732,8 @@ static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx, } sctx->md = sctx->head; sha256_update(&sctx->md, p, aad_len); - ctx->tls_aad_pad = (int)(((len + SHA256_DIGEST_LENGTH + - AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - - len); + ctx->tls_aad_pad = (int)(((len + SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) + - len); return 1; } else { memcpy(ctx->aux.tls_aad, p, aad_len); @@ -750,7 +743,7 @@ static int aesni_cbc_hmac_sha256_set_tls1_aad(void *vctx, } } -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) /* EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE */ static int aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize( void *vctx) @@ -759,7 +752,7 @@ static int aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize( OPENSSL_assert(ctx->multiblock_max_send_fragment != 0); return (int)(5 + 16 - + (((int)ctx->multiblock_max_send_fragment + 32 + 16) & -16)); + + (((int)ctx->multiblock_max_send_fragment + 32 + 16) & -16)); } /* EVP_CTRL_TLS1_1_MULTIBLOCK_AAD */ @@ -811,7 +804,7 @@ static int aesni_cbc_hmac_sha256_tls1_multiblock_aad( ctx->multiblock_aad_packlen = packlen; return 1; } - return -1; /* not yet */ + return -1; /* not yet */ } /* EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT */ @@ -819,23 +812,21 @@ static int aesni_cbc_hmac_sha256_tls1_multiblock_encrypt( void *ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param) { return (int)tls1_multi_block_encrypt(ctx, param->out, - param->inp, param->len, - param->interleave / 4); + param->inp, param->len, + param->interleave / 4); } -# endif +#endif static const PROV_CIPHER_HW_AES_HMAC_SHA cipher_hw_aes_hmac_sha256 = { - { - aesni_cbc_hmac_sha256_init_key, - aesni_cbc_hmac_sha256_cipher - }, + { aesni_cbc_hmac_sha256_init_key, + aesni_cbc_hmac_sha256_cipher }, aesni_cbc_hmac_sha256_set_mac_key, aesni_cbc_hmac_sha256_set_tls1_aad, -# if !defined(OPENSSL_NO_MULTIBLOCK) +#if !defined(OPENSSL_NO_MULTIBLOCK) aesni_cbc_hmac_sha256_tls1_multiblock_max_bufsize, aesni_cbc_hmac_sha256_tls1_multiblock_aad, aesni_cbc_hmac_sha256_tls1_multiblock_encrypt -# endif +#endif }; const PROV_CIPHER_HW_AES_HMAC_SHA *ossl_prov_cipher_hw_aes_cbc_hmac_sha256(void) diff --git a/providers/implementations/ciphers/cipher_aes_ccm.c b/providers/implementations/ciphers/cipher_aes_ccm.c index 1aa788b2b34b..91cf3ce8cd8d 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm.c +++ b/providers/implementations/ciphers/cipher_aes_ccm.c @@ -58,7 +58,7 @@ static void aes_ccm_freectx(void *vctx) { PROV_AES_CCM_CTX *ctx = (PROV_AES_CCM_CTX *)vctx; - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } /* ossl_aes128ccm_functions */ diff --git a/providers/implementations/ciphers/cipher_aes_ccm.h b/providers/implementations/ciphers/cipher_aes_ccm.h index fd35080db3dd..089792ee8a83 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm.h +++ b/providers/implementations/ciphers/cipher_aes_ccm.h @@ -13,7 +13,7 @@ #include "crypto/aes_platform.h" typedef struct prov_aes_ccm_ctx_st { - PROV_CCM_CTX base; /* Must be first */ + PROV_CCM_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; /*- @@ -39,7 +39,7 @@ typedef struct prov_aes_ccm_ctx_st { unsigned char b[AES_BLOCK_SIZE]; } buf; unsigned char dummy_pad[168]; - unsigned int fc; /* fc has same offset as ks.ks.rounds */ + unsigned int fc; /* fc has same offset as ks.ks.rounds */ } s390x; #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ } ccm; diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw.c b/providers/implementations/ciphers/cipher_aes_ccm_hw.c index 263d1902817f..dd71f681bec1 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm_hw.c +++ b/providers/implementations/ciphers/cipher_aes_ccm_hw.c @@ -17,15 +17,15 @@ #include "cipher_aes_ccm.h" -#define AES_HW_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \ - fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \ - CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ccm.ks.ks, \ - (block128_f)fn_blk); \ - ctx->str = ctx->enc ? (ccm128_f)fn_ccm_enc : (ccm128_f)fn_ccm_dec; \ +#define AES_HW_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \ + fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \ + CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ccm.ks.ks, \ + (block128_f)fn_blk); \ + ctx->str = ctx->enc ? (ccm128_f)fn_ccm_enc : (ccm128_f)fn_ccm_dec; \ ctx->key_set = 1; static int ccm_generic_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key, - size_t keylen) + size_t keylen) { PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx; @@ -36,7 +36,7 @@ static int ccm_generic_aes_initkey(PROV_CCM_CTX *ctx, const unsigned char *key, #endif /* HWAES_CAPABLE */ #ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { + if (VPAES_CAPABLE) { AES_HW_CCM_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_encrypt, NULL, NULL); } else #endif @@ -56,11 +56,11 @@ static const PROV_CCM_HW aes_ccm = { }; #if defined(S390X_aes_128_CAPABLE) -# include "cipher_aes_ccm_hw_s390x.inc" +#include "cipher_aes_ccm_hw_s390x.inc" #elif defined(AESNI_CAPABLE) -# include "cipher_aes_ccm_hw_aesni.inc" +#include "cipher_aes_ccm_hw_aesni.inc" #elif defined(SPARC_AES_CAPABLE) -# include "cipher_aes_ccm_hw_t4.inc" +#include "cipher_aes_ccm_hw_t4.inc" #else const PROV_CCM_HW *ossl_prov_aes_hw_ccm(size_t keybits) { diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c index 3dce743e8409..888dbdd0a27e 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm.c +++ b/providers/implementations/ciphers/cipher_aes_gcm.c @@ -30,7 +30,7 @@ static void *aes_gcm_newctx(void *provctx, size_t keybits) ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) ossl_gcm_initctx(provctx, &ctx->base, keybits, - ossl_prov_aes_hw_gcm(keybits)); + ossl_prov_aes_hw_gcm(keybits)); return ctx; } @@ -54,7 +54,7 @@ static void aes_gcm_freectx(void *vctx) { PROV_AES_GCM_CTX *ctx = (PROV_AES_GCM_CTX *)vctx; - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } /* ossl_aes128gcm_functions */ diff --git a/providers/implementations/ciphers/cipher_aes_gcm.h b/providers/implementations/ciphers/cipher_aes_gcm.h index 5e88ccca7b4d..0cd1d5a1ade4 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm.h +++ b/providers/implementations/ciphers/cipher_aes_gcm.h @@ -13,11 +13,11 @@ #include "crypto/aes_platform.h" typedef struct prov_aes_gcm_ctx_st { - PROV_GCM_CTX base; /* must be first entry in struct */ + PROV_GCM_CTX base; /* must be first entry in struct */ union { OSSL_UNION_ALIGN; AES_KEY ks; - } ks; /* AES key schedule to use */ + } ks; /* AES key schedule to use */ /* Platform specific data */ union { @@ -29,7 +29,7 @@ typedef struct prov_aes_gcm_ctx_st { S390X_KMA_PARAMS kma; } param; unsigned int fc; - unsigned int hsflag; /* hash subkey set flag */ + unsigned int hsflag; /* hash subkey set flag */ unsigned char ares[16]; unsigned char mres[16]; unsigned char kres[16]; diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw.c b/providers/implementations/ciphers/cipher_aes_gcm_hw.c index 44fa9d4d72ea..36b7139f15ad 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_hw.c +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw.c @@ -18,49 +18,49 @@ #include "cipher_aes_gcm.h" static int aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key, - size_t keylen) + size_t keylen) { PROV_AES_GCM_CTX *actx = (PROV_AES_GCM_CTX *)ctx; AES_KEY *ks = &actx->ks.ks; -# ifdef HWAES_CAPABLE +#ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { -# ifdef HWAES_ctr32_encrypt_blocks +#ifdef HWAES_ctr32_encrypt_blocks GCM_HW_SET_KEY_CTR_FN(ks, HWAES_set_encrypt_key, HWAES_encrypt, - HWAES_ctr32_encrypt_blocks); -# else + HWAES_ctr32_encrypt_blocks); +#else GCM_HW_SET_KEY_CTR_FN(ks, HWAES_set_encrypt_key, HWAES_encrypt, NULL); -# endif /* HWAES_ctr32_encrypt_blocks */ +#endif /* HWAES_ctr32_encrypt_blocks */ } else -# endif /* HWAES_CAPABLE */ +#endif /* HWAES_CAPABLE */ -# ifdef BSAES_CAPABLE - if (BSAES_CAPABLE) { +#ifdef BSAES_CAPABLE + if (BSAES_CAPABLE) { GCM_HW_SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt, - ossl_bsaes_ctr32_encrypt_blocks); + ossl_bsaes_ctr32_encrypt_blocks); } else -# endif /* BSAES_CAPABLE */ +#endif /* BSAES_CAPABLE */ -# ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { +#ifdef VPAES_CAPABLE + if (VPAES_CAPABLE) { GCM_HW_SET_KEY_CTR_FN(ks, vpaes_set_encrypt_key, vpaes_encrypt, NULL); } else -# endif /* VPAES_CAPABLE */ +#endif /* VPAES_CAPABLE */ { -# ifdef AES_CTR_ASM +#ifdef AES_CTR_ASM GCM_HW_SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt, - AES_ctr32_encrypt); -# else + AES_ctr32_encrypt); +#else GCM_HW_SET_KEY_CTR_FN(ks, AES_set_encrypt_key, AES_encrypt, NULL); -# endif /* AES_CTR_ASM */ +#endif /* AES_CTR_ASM */ } ctx->key_set = 1; return 1; } static int generic_aes_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in, - size_t len, unsigned char *out) + size_t len, unsigned char *out) { if (ctx->enc) { if (ctx->ctr != NULL) { @@ -74,14 +74,14 @@ static int generic_aes_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char return 0; bulk = AES_gcm_encrypt(in + res, out + res, len - res, - ctx->gcm.key, - ctx->gcm.Yi.c, ctx->gcm.Xi.u); + ctx->gcm.key, + ctx->gcm.Yi.c, ctx->gcm.Xi.u); ctx->gcm.len.u[1] += bulk; bulk += res; } if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in + bulk, out + bulk, - len - bulk, ctx->ctr)) + len - bulk, ctx->ctr)) return 0; #else if (CRYPTO_gcm128_encrypt_ctr32(&ctx->gcm, in, out, len, ctx->ctr)) @@ -103,14 +103,14 @@ static int generic_aes_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char return -1; bulk = AES_gcm_decrypt(in + res, out + res, len - res, - ctx->gcm.key, - ctx->gcm.Yi.c, ctx->gcm.Xi.u); + ctx->gcm.key, + ctx->gcm.Yi.c, ctx->gcm.Xi.u); ctx->gcm.len.u[1] += bulk; bulk += res; } if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in + bulk, out + bulk, - len - bulk, ctx->ctr)) + len - bulk, ctx->ctr)) return 0; #else if (CRYPTO_gcm128_decrypt_ctr32(&ctx->gcm, in, out, len, ctx->ctr)) @@ -134,17 +134,16 @@ static const PROV_GCM_HW aes_gcm = { }; #if defined(S390X_aes_128_CAPABLE) -# include "cipher_aes_gcm_hw_s390x.inc" +#include "cipher_aes_gcm_hw_s390x.inc" #elif defined(AESNI_CAPABLE) -# include "cipher_aes_gcm_hw_aesni.inc" +#include "cipher_aes_gcm_hw_aesni.inc" #elif defined(SPARC_AES_CAPABLE) -# include "cipher_aes_gcm_hw_t4.inc" +#include "cipher_aes_gcm_hw_t4.inc" #elif defined(AES_PMULL_CAPABLE) && defined(AES_GCM_ASM) -# include "cipher_aes_gcm_hw_armv8.inc" +#include "cipher_aes_gcm_hw_armv8.inc" #else const PROV_GCM_HW *ossl_prov_aes_hw_gcm(size_t keybits) { return &aes_gcm; } #endif - diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc index d633ebd54470..1aad5bcedcda 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc @@ -1,5 +1,5 @@ /* - * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,7 +8,7 @@ */ /* - * Crypto extention support for AES GCM. + * Crypto extension support for AES GCM. * This file is included by cipher_aes_gcm_hw.c */ diff --git a/providers/implementations/ciphers/cipher_aes_hw.c b/providers/implementations/ciphers/cipher_aes_hw.c index 596cdba8d307..513a08f44e01 100644 --- a/providers/implementations/ciphers/cipher_aes_hw.c +++ b/providers/implementations/ciphers/cipher_aes_hw.c @@ -17,7 +17,7 @@ #include "cipher_aes.h" static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { int ret; PROV_AES_CTX *adat = (PROV_AES_CTX *)dat; @@ -32,81 +32,85 @@ static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat, ret = HWAES_set_decrypt_key(key, keylen * 8, ks); dat->block = (block128_f)HWAES_decrypt; dat->stream.cbc = NULL; -# ifdef HWAES_cbc_encrypt +#ifdef HWAES_cbc_encrypt if (dat->mode == EVP_CIPH_CBC_MODE) dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt; -# endif -# ifdef HWAES_ecb_encrypt +#endif +#ifdef HWAES_ecb_encrypt if (dat->mode == EVP_CIPH_ECB_MODE) dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt; -# endif +#endif } else #endif #ifdef BSAES_CAPABLE - if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CBC_MODE) { + if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CBC_MODE) { ret = AES_set_decrypt_key(key, keylen * 8, ks); dat->block = (block128_f)AES_decrypt; dat->stream.cbc = (cbc128_f)ossl_bsaes_cbc_encrypt; } else #endif #ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { + if (VPAES_CAPABLE) { ret = vpaes_set_decrypt_key(key, keylen * 8, ks); dat->block = (block128_f)vpaes_decrypt; dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE) - ?(cbc128_f)vpaes_cbc_encrypt : NULL; + ? (cbc128_f)vpaes_cbc_encrypt + : NULL; } else #endif { ret = AES_set_decrypt_key(key, keylen * 8, ks); dat->block = (block128_f)AES_decrypt; dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE) - ? (cbc128_f)AES_cbc_encrypt : NULL; + ? (cbc128_f)AES_cbc_encrypt + : NULL; } } else #ifdef HWAES_CAPABLE - if (HWAES_CAPABLE) { + if (HWAES_CAPABLE) { ret = HWAES_set_encrypt_key(key, keylen * 8, ks); dat->block = (block128_f)HWAES_encrypt; dat->stream.cbc = NULL; -# ifdef HWAES_cbc_encrypt +#ifdef HWAES_cbc_encrypt if (dat->mode == EVP_CIPH_CBC_MODE) dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt; else -# endif -# ifdef HWAES_ecb_encrypt - if (dat->mode == EVP_CIPH_ECB_MODE) +#endif +#ifdef HWAES_ecb_encrypt + if (dat->mode == EVP_CIPH_ECB_MODE) dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt; else -# endif -# ifdef HWAES_ctr32_encrypt_blocks - if (dat->mode == EVP_CIPH_CTR_MODE) +#endif +#ifdef HWAES_ctr32_encrypt_blocks + if (dat->mode == EVP_CIPH_CTR_MODE) dat->stream.ctr = (ctr128_f)HWAES_ctr32_encrypt_blocks; else -# endif - (void)0; /* terminate potentially open 'else' */ +#endif + (void)0; /* terminate potentially open 'else' */ } else #endif #ifdef BSAES_CAPABLE - if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CTR_MODE) { + if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CTR_MODE) { ret = AES_set_encrypt_key(key, keylen * 8, ks); dat->block = (block128_f)AES_encrypt; dat->stream.ctr = (ctr128_f)ossl_bsaes_ctr32_encrypt_blocks; } else #endif #ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { + if (VPAES_CAPABLE) { ret = vpaes_set_encrypt_key(key, keylen * 8, ks); dat->block = (block128_f)vpaes_encrypt; dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE) - ? (cbc128_f)vpaes_cbc_encrypt : NULL; + ? (cbc128_f)vpaes_cbc_encrypt + : NULL; } else #endif { ret = AES_set_encrypt_key(key, keylen * 8, ks); dat->block = (block128_f)AES_encrypt; dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE) - ? (cbc128_f)AES_cbc_encrypt : NULL; + ? (cbc128_f)AES_cbc_encrypt + : NULL; #ifdef AES_CTR_ASM if (dat->mode == EVP_CIPH_CTR_MODE) dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt; @@ -123,35 +127,35 @@ static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat, IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aes_copyctx, PROV_AES_CTX) -#define PROV_CIPHER_HW_aes_mode(mode) \ -static const PROV_CIPHER_HW aes_##mode = { \ - cipher_hw_aes_initkey, \ - ossl_cipher_hw_generic_##mode, \ - cipher_hw_aes_copyctx \ -}; \ -PROV_CIPHER_HW_declare(mode) \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_##mode(size_t keybits) \ -{ \ - PROV_CIPHER_HW_select(mode) \ - return &aes_##mode; \ -} +#define PROV_CIPHER_HW_aes_mode(mode) \ + static const PROV_CIPHER_HW aes_##mode = { \ + cipher_hw_aes_initkey, \ + ossl_cipher_hw_generic_##mode, \ + cipher_hw_aes_copyctx \ + }; \ + PROV_CIPHER_HW_declare(mode) \ + const PROV_CIPHER_HW * \ + ossl_prov_cipher_hw_aes_##mode(size_t keybits) \ + { \ + PROV_CIPHER_HW_select(mode) return &aes_##mode; \ + } #if defined(AESNI_CAPABLE) -# include "cipher_aes_hw_aesni.inc" +#include "cipher_aes_hw_aesni.inc" #elif defined(SPARC_AES_CAPABLE) -# include "cipher_aes_hw_t4.inc" +#include "cipher_aes_hw_t4.inc" #elif defined(S390X_aes_128_CAPABLE) -# include "cipher_aes_hw_s390x.inc" +#include "cipher_aes_hw_s390x.inc" #else /* The generic case */ -# define PROV_CIPHER_HW_declare(mode) -# define PROV_CIPHER_HW_select(mode) +#define PROV_CIPHER_HW_declare(mode) +#define PROV_CIPHER_HW_select(mode) #endif PROV_CIPHER_HW_aes_mode(cbc) -PROV_CIPHER_HW_aes_mode(ecb) -PROV_CIPHER_HW_aes_mode(ofb128) -PROV_CIPHER_HW_aes_mode(cfb128) -PROV_CIPHER_HW_aes_mode(cfb1) -PROV_CIPHER_HW_aes_mode(cfb8) -PROV_CIPHER_HW_aes_mode(ctr) + PROV_CIPHER_HW_aes_mode(ecb) + PROV_CIPHER_HW_aes_mode(ofb128) + PROV_CIPHER_HW_aes_mode(cfb128) + PROV_CIPHER_HW_aes_mode(cfb1) + PROV_CIPHER_HW_aes_mode(cfb8) + PROV_CIPHER_HW_aes_mode(ctr) diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index 891e73f6726c..1f21c722af61 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -23,13 +23,11 @@ #define AES_OCB_FLAGS AEAD_FLAGS #define OCB_DEFAULT_TAG_LEN 16 -#define OCB_DEFAULT_IV_LEN 12 -#define OCB_MIN_IV_LEN 1 -#define OCB_MAX_IV_LEN 15 +#define OCB_DEFAULT_IV_LEN 12 +#define OCB_MIN_IV_LEN 1 +#define OCB_MAX_IV_LEN 15 -PROV_CIPHER_FUNC(int, ocb_cipher, (PROV_AES_OCB_CTX *ctx, - const unsigned char *in, unsigned char *out, - size_t nextblock)); +PROV_CIPHER_FUNC(int, ocb_cipher, (PROV_AES_OCB_CTX * ctx, const unsigned char *in, unsigned char *out, size_t nextblock)); /* forward declarations */ static OSSL_FUNC_cipher_encrypt_init_fn aes_ocb_einit; static OSSL_FUNC_cipher_decrypt_init_fn aes_ocb_dinit; @@ -48,21 +46,21 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn cipher_ocb_settable_ctx_params; * multiple hardware implementations are ever needed. */ static ossl_inline int aes_generic_ocb_setiv(PROV_AES_OCB_CTX *ctx, - const unsigned char *iv, - size_t ivlen, size_t taglen) + const unsigned char *iv, + size_t ivlen, size_t taglen) { return (CRYPTO_ocb128_setiv(&ctx->ocb, iv, ivlen, taglen) == 1); } static ossl_inline int aes_generic_ocb_setaad(PROV_AES_OCB_CTX *ctx, - const unsigned char *aad, - size_t alen) + const unsigned char *aad, + size_t alen) { return CRYPTO_ocb128_aad(&ctx->ocb, aad, alen) == 1; } static ossl_inline int aes_generic_ocb_gettag(PROV_AES_OCB_CTX *ctx, - unsigned char *tag, size_t tlen) + unsigned char *tag, size_t tlen) { return CRYPTO_ocb128_tag(&ctx->ocb, tag, tlen) > 0; } @@ -78,8 +76,8 @@ static ossl_inline void aes_generic_ocb_cleanup(PROV_AES_OCB_CTX *ctx) } static ossl_inline int aes_generic_ocb_cipher(PROV_AES_OCB_CTX *ctx, - const unsigned char *in, - unsigned char *out, size_t len) + const unsigned char *in, + unsigned char *out, size_t len) { if (ctx->base.enc) { if (!CRYPTO_ocb128_encrypt(&ctx->ocb, in, out, len)) @@ -92,18 +90,18 @@ static ossl_inline int aes_generic_ocb_cipher(PROV_AES_OCB_CTX *ctx, } static ossl_inline int aes_generic_ocb_copy_ctx(PROV_AES_OCB_CTX *dst, - PROV_AES_OCB_CTX *src) + PROV_AES_OCB_CTX *src) { return CRYPTO_ocb128_copy_ctx(&dst->ocb, &src->ocb, - &dst->ksenc.ks, &dst->ksdec.ks); + &dst->ksenc.ks, &dst->ksdec.ks); } /*- * Provider dispatch functions */ static int aes_ocb_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; @@ -139,15 +137,15 @@ static int aes_ocb_init(void *vctx, const unsigned char *key, size_t keylen, } static int aes_ocb_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return aes_ocb_init(vctx, key, keylen, iv, ivlen, params, 1); } static int aes_ocb_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return aes_ocb_init(vctx, key, keylen, iv, ivlen, params, 0); } @@ -157,10 +155,10 @@ static int aes_ocb_dinit(void *vctx, const unsigned char *key, size_t keylen, * same way. Only the last block can be a partial block. */ static int aes_ocb_block_update_internal(PROV_AES_OCB_CTX *ctx, - unsigned char *buf, size_t *bufsz, - unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl, OSSL_ocb_cipher_fn ciph) + unsigned char *buf, size_t *bufsz, + unsigned char *out, size_t *outl, + size_t outsize, const unsigned char *in, + size_t inl, OSSL_ocb_cipher_fn ciph) { size_t nextblocks; size_t outlint = 0; @@ -168,7 +166,7 @@ static int aes_ocb_block_update_internal(PROV_AES_OCB_CTX *ctx, if (*bufsz != 0) nextblocks = ossl_cipher_fillblock(buf, bufsz, AES_BLOCK_SIZE, &in, &inl); else - nextblocks = inl & ~(AES_BLOCK_SIZE-1); + nextblocks = inl & ~(AES_BLOCK_SIZE - 1); if (*bufsz == AES_BLOCK_SIZE) { if (outsize < AES_BLOCK_SIZE) { @@ -209,7 +207,7 @@ static int aes_ocb_block_update_internal(PROV_AES_OCB_CTX *ctx, /* A wrapper function that has the same signature as cipher */ static int cipher_updateaad(PROV_AES_OCB_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { return aes_generic_ocb_setaad(ctx, in, len); } @@ -221,7 +219,7 @@ static int update_iv(PROV_AES_OCB_CTX *ctx) return 0; if (ctx->iv_state == IV_STATE_BUFFERED) { if (!aes_generic_ocb_setiv(ctx, ctx->base.iv, ctx->base.ivlen, - ctx->taglen)) + ctx->taglen)) return 0; ctx->iv_state = IV_STATE_COPIED; } @@ -229,8 +227,8 @@ static int update_iv(PROV_AES_OCB_CTX *ctx) } static int aes_ocb_block_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) + size_t outsize, const unsigned char *in, + size_t inl) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; unsigned char *buf; @@ -256,11 +254,11 @@ static int aes_ocb_block_update(void *vctx, unsigned char *out, size_t *outl, fn = aes_generic_ocb_cipher; } return aes_ocb_block_update_internal(ctx, buf, buflen, out, outl, outsize, - in, inl, fn); + in, inl, fn); } static int aes_ocb_block_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; @@ -304,7 +302,7 @@ static int aes_ocb_block_final(void *vctx, unsigned char *out, size_t *outl, } static void *aes_ocb_newctx(void *provctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, uint64_t flags) + size_t ivbits, unsigned int mode, uint64_t flags) { PROV_AES_OCB_CTX *ctx; @@ -314,7 +312,7 @@ static void *aes_ocb_newctx(void *provctx, size_t kbits, size_t blkbits, ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, - ossl_prov_cipher_hw_aes_ocb(kbits), NULL); + ossl_prov_cipher_hw_aes_ocb(kbits), NULL); ctx->taglen = OCB_DEFAULT_TAG_LEN; } return ctx; @@ -327,7 +325,7 @@ static void aes_ocb_freectx(void *vctx) if (ctx != NULL) { aes_generic_ocb_cleanup(ctx); ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } } @@ -385,7 +383,7 @@ static int aes_ocb_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } memcpy(ctx->tag, p->data, p->data_size); } - } + } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_IVLEN); if (p != NULL) { if (!OSSL_PARAM_get_size_t(p, &sz)) { @@ -488,7 +486,7 @@ static const OSSL_PARAM cipher_ocb_known_gettable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *cipher_ocb_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { return cipher_ocb_known_gettable_ctx_params; } @@ -500,13 +498,13 @@ static const OSSL_PARAM cipher_ocb_known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *cipher_ocb_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { return cipher_ocb_known_settable_ctx_params; } static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, size_t inl) + size_t outsize, const unsigned char *in, size_t inl) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; @@ -527,43 +525,43 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 1; } -#define IMPLEMENT_cipher(mode, UCMODE, flags, kbits, blkbits, ivbits) \ -static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##mode##_get_params; \ -static int aes_##kbits##_##mode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -static OSSL_FUNC_cipher_newctx_fn aes_##kbits##_##mode##_newctx; \ -static void *aes_##kbits##_##mode##_newctx(void *provctx) \ -{ \ - return aes_##mode##_newctx(provctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags); \ -} \ -const OSSL_DISPATCH ossl_##aes##kbits##mode##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void))aes_##kbits##_##mode##_newctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_##mode##_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_##mode##_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_##mode##_block_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_##mode##_block_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))aes_ocb_cipher }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_##mode##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_##mode##_dupctx }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void))aes_##kbits##_##mode##_get_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))aes_##mode##_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))aes_##mode##_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_ocb_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_ocb_settable_ctx_params }, \ - { 0, NULL } \ -} +#define IMPLEMENT_cipher(mode, UCMODE, flags, kbits, blkbits, ivbits) \ + static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##mode##_get_params; \ + static int aes_##kbits##_##mode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn aes_##kbits##_##mode##_newctx; \ + static void *aes_##kbits##_##mode##_newctx(void *provctx) \ + { \ + return aes_##mode##_newctx(provctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags); \ + } \ + const OSSL_DISPATCH ossl_##aes##kbits##mode##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))aes_##kbits##_##mode##_newctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_##mode##_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_##mode##_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_##mode##_block_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_##mode##_block_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))aes_ocb_cipher }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_##mode##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_##mode##_dupctx }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))aes_##kbits##_##mode##_get_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))aes_##mode##_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))aes_##mode##_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))cipher_ocb_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))cipher_ocb_settable_ctx_params }, \ + { 0, NULL } \ + } IMPLEMENT_cipher(ocb, OCB, AES_OCB_FLAGS, 256, 128, OCB_DEFAULT_IV_LEN * 8); IMPLEMENT_cipher(ocb, OCB, AES_OCB_FLAGS, 192, 128, OCB_DEFAULT_IV_LEN * 8); diff --git a/providers/implementations/ciphers/cipher_aes_ocb.h b/providers/implementations/ciphers/cipher_aes_ocb.h index 370717b43614..b03482560348 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.h +++ b/providers/implementations/ciphers/cipher_aes_ocb.h @@ -11,29 +11,29 @@ #include "prov/ciphercommon.h" #include "crypto/aes_platform.h" -#define OCB_MAX_TAG_LEN AES_BLOCK_SIZE -#define OCB_MAX_DATA_LEN AES_BLOCK_SIZE -#define OCB_MAX_AAD_LEN AES_BLOCK_SIZE +#define OCB_MAX_TAG_LEN AES_BLOCK_SIZE +#define OCB_MAX_DATA_LEN AES_BLOCK_SIZE +#define OCB_MAX_AAD_LEN AES_BLOCK_SIZE typedef struct prov_aes_ocb_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; AES_KEY ks; - } ksenc; /* AES key schedule to use for encryption/aad */ + } ksenc; /* AES key schedule to use for encryption/aad */ union { OSSL_UNION_ALIGN; AES_KEY ks; - } ksdec; /* AES key schedule to use for decryption */ + } ksdec; /* AES key schedule to use for decryption */ OCB128_CONTEXT ocb; - unsigned int iv_state; /* set to one of IV_STATE_XXX */ + unsigned int iv_state; /* set to one of IV_STATE_XXX */ unsigned int key_set : 1; size_t taglen; size_t data_buf_len; size_t aad_buf_len; unsigned char tag[OCB_MAX_TAG_LEN]; unsigned char data_buf[OCB_MAX_DATA_LEN]; /* Store partial data blocks */ - unsigned char aad_buf[OCB_MAX_AAD_LEN]; /* Store partial AAD blocks */ + unsigned char aad_buf[OCB_MAX_AAD_LEN]; /* Store partial AAD blocks */ } PROV_AES_OCB_CTX; const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ocb(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_aes_ocb_hw.c b/providers/implementations/ciphers/cipher_aes_ocb_hw.c index 7aa97dc77e39..4e82e2fba600 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb_hw.c +++ b/providers/implementations/ciphers/cipher_aes_ocb_hw.c @@ -15,23 +15,21 @@ #include "cipher_aes_ocb.h" -#define OCB_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key, \ - fn_block_enc, fn_block_dec, \ - fn_stream_enc, fn_stream_dec) \ -CRYPTO_ocb128_cleanup(&ctx->ocb); \ -fn_set_enc_key(key, keylen * 8, &ctx->ksenc.ks); \ -fn_set_dec_key(key, keylen * 8, &ctx->ksdec.ks); \ -if (!CRYPTO_ocb128_init(&ctx->ocb, &ctx->ksenc.ks, &ctx->ksdec.ks, \ - (block128_f)fn_block_enc, (block128_f)fn_block_dec, \ - ctx->base.enc ? (ocb128_f)fn_stream_enc : \ - (ocb128_f)fn_stream_dec)) \ - return 0; \ -ctx->key_set = 1 - +#define OCB_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key, \ + fn_block_enc, fn_block_dec, \ + fn_stream_enc, fn_stream_dec) \ + CRYPTO_ocb128_cleanup(&ctx->ocb); \ + fn_set_enc_key(key, keylen * 8, &ctx->ksenc.ks); \ + fn_set_dec_key(key, keylen * 8, &ctx->ksdec.ks); \ + if (!CRYPTO_ocb128_init(&ctx->ocb, &ctx->ksenc.ks, &ctx->ksdec.ks, \ + (block128_f)fn_block_enc, (block128_f)fn_block_dec, \ + ctx->base.enc ? (ocb128_f)fn_stream_enc : (ocb128_f)fn_stream_dec)) \ + return 0; \ + ctx->key_set = 1 static int cipher_hw_aes_ocb_generic_initkey(PROV_CIPHER_CTX *vctx, - const unsigned char *key, - size_t keylen) + const unsigned char *key, + size_t keylen) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; @@ -39,84 +37,81 @@ static int cipher_hw_aes_ocb_generic_initkey(PROV_CIPHER_CTX *vctx, * We set both the encrypt and decrypt key here because decrypt * needs both. (i.e- AAD uses encrypt). */ -# ifdef HWAES_CAPABLE +#ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { OCB_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key, - HWAES_encrypt, HWAES_decrypt, - HWAES_ocb_encrypt, HWAES_ocb_decrypt); + HWAES_encrypt, HWAES_decrypt, + HWAES_ocb_encrypt, HWAES_ocb_decrypt); } else -# endif -# ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { +#endif +#ifdef VPAES_CAPABLE + if (VPAES_CAPABLE) { OCB_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_set_decrypt_key, - vpaes_encrypt, vpaes_decrypt, NULL, NULL); + vpaes_encrypt, vpaes_decrypt, NULL, NULL); } else -# endif +#endif { OCB_SET_KEY_FN(AES_set_encrypt_key, AES_set_decrypt_key, - AES_encrypt, AES_decrypt, NULL, NULL); + AES_encrypt, AES_decrypt, NULL, NULL); } return 1; } -# if defined(AESNI_CAPABLE) +#if defined(AESNI_CAPABLE) static int cipher_hw_aes_ocb_aesni_initkey(PROV_CIPHER_CTX *vctx, - const unsigned char *key, - size_t keylen) + const unsigned char *key, + size_t keylen) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; OCB_SET_KEY_FN(aesni_set_encrypt_key, aesni_set_decrypt_key, - aesni_encrypt, aesni_decrypt, - aesni_ocb_encrypt, aesni_ocb_decrypt); + aesni_encrypt, aesni_decrypt, + aesni_ocb_encrypt, aesni_ocb_decrypt); return 1; } -# define PROV_CIPHER_HW_declare() \ -static const PROV_CIPHER_HW aesni_ocb = { \ - cipher_hw_aes_ocb_aesni_initkey, \ - NULL \ -}; -# define PROV_CIPHER_HW_select() \ - if (AESNI_CAPABLE) \ +#define PROV_CIPHER_HW_declare() \ + static const PROV_CIPHER_HW aesni_ocb = { \ + cipher_hw_aes_ocb_aesni_initkey, \ + NULL \ + }; +#define PROV_CIPHER_HW_select() \ + if (AESNI_CAPABLE) \ return &aesni_ocb; #elif defined(SPARC_AES_CAPABLE) static int cipher_hw_aes_ocb_t4_initkey(PROV_CIPHER_CTX *vctx, - const unsigned char *key, - size_t keylen) + const unsigned char *key, + size_t keylen) { PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx; OCB_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_set_decrypt_key, - aes_t4_encrypt, aes_t4_decrypt, NULL, NULL); + aes_t4_encrypt, aes_t4_decrypt, NULL, NULL); return 1; } -# define PROV_CIPHER_HW_declare() \ -static const PROV_CIPHER_HW aes_t4_ocb = { \ - cipher_hw_aes_ocb_t4_initkey, \ - NULL \ -}; -# define PROV_CIPHER_HW_select() \ - if (SPARC_AES_CAPABLE) \ +#define PROV_CIPHER_HW_declare() \ + static const PROV_CIPHER_HW aes_t4_ocb = { \ + cipher_hw_aes_ocb_t4_initkey, \ + NULL \ + }; +#define PROV_CIPHER_HW_select() \ + if (SPARC_AES_CAPABLE) \ return &aes_t4_ocb; #else -# define PROV_CIPHER_HW_declare() -# define PROV_CIPHER_HW_select() -# endif +#define PROV_CIPHER_HW_declare() +#define PROV_CIPHER_HW_select() +#endif static const PROV_CIPHER_HW aes_generic_ocb = { cipher_hw_aes_ocb_generic_initkey, NULL }; PROV_CIPHER_HW_declare() -const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ocb(size_t keybits) + const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ocb(size_t keybits) { - PROV_CIPHER_HW_select() - return &aes_generic_ocb; + PROV_CIPHER_HW_select() return &aes_generic_ocb; } - - diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c index bdc896e8f7e4..510c1581b593 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.c +++ b/providers/implementations/ciphers/cipher_aes_siv.c @@ -28,7 +28,7 @@ static OSSL_FUNC_cipher_set_ctx_params_fn aes_siv_set_ctx_params; static void *aes_siv_newctx(void *provctx, size_t keybits, unsigned int mode, - uint64_t flags) + uint64_t flags) { PROV_AES_SIV_CTX *ctx; @@ -52,7 +52,7 @@ static void aes_siv_freectx(void *vctx) if (ctx != NULL) { ctx->hw->cleanup(ctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } } @@ -77,8 +77,8 @@ static void *siv_dupctx(void *vctx) } static int siv_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; @@ -99,21 +99,21 @@ static int siv_init(void *vctx, const unsigned char *key, size_t keylen, } static int siv_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return siv_init(vctx, key, keylen, iv, ivlen, params, 1); } static int siv_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return siv_init(vctx, key, keylen, iv, ivlen, params, 0); } static int siv_cipher(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, size_t inl) + size_t outsize, const unsigned char *in, size_t inl) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; @@ -143,7 +143,7 @@ static int siv_cipher(void *vctx, unsigned char *out, size_t *outl, } static int siv_stream_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; @@ -193,7 +193,7 @@ static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *aes_siv_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return aes_siv_known_gettable_ctx_params; } @@ -247,60 +247,60 @@ static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *aes_siv_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return aes_siv_known_settable_ctx_params; } -#define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ -static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \ -static OSSL_FUNC_cipher_freectx_fn alg##_##lc##_freectx; \ -static OSSL_FUNC_cipher_dupctx_fn lc##_dupctx; \ -static OSSL_FUNC_cipher_encrypt_init_fn lc##_einit; \ -static OSSL_FUNC_cipher_decrypt_init_fn lc##_dinit; \ -static OSSL_FUNC_cipher_update_fn lc##_stream_update; \ -static OSSL_FUNC_cipher_final_fn lc##_stream_final; \ -static OSSL_FUNC_cipher_cipher_fn lc##_cipher; \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ -static OSSL_FUNC_cipher_get_ctx_params_fn alg##_##lc##_get_ctx_params; \ -static OSSL_FUNC_cipher_gettable_ctx_params_fn \ - alg##_##lc##_gettable_ctx_params; \ -static OSSL_FUNC_cipher_set_ctx_params_fn alg##_##lc##_set_ctx_params; \ -static OSSL_FUNC_cipher_settable_ctx_params_fn \ - alg##_##lc##_settable_ctx_params; \ -static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, 2*kbits, blkbits, ivbits); \ -} \ -static void * alg##kbits##lc##_newctx(void *provctx) \ -{ \ - return alg##_##lc##_newctx(provctx, 2*kbits, EVP_CIPH_##UCMODE##_MODE, \ - flags); \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) lc##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) lc##_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) lc##_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void)) lc##_stream_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void)) lc##_stream_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void)) lc##_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_##lc##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void)) alg##_##lc##_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void)) alg##_##lc##_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void)) alg##_##lc##_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void)) alg##_##lc##_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ + static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \ + static OSSL_FUNC_cipher_freectx_fn alg##_##lc##_freectx; \ + static OSSL_FUNC_cipher_dupctx_fn lc##_dupctx; \ + static OSSL_FUNC_cipher_encrypt_init_fn lc##_einit; \ + static OSSL_FUNC_cipher_decrypt_init_fn lc##_dinit; \ + static OSSL_FUNC_cipher_update_fn lc##_stream_update; \ + static OSSL_FUNC_cipher_final_fn lc##_stream_final; \ + static OSSL_FUNC_cipher_cipher_fn lc##_cipher; \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ + static OSSL_FUNC_cipher_get_ctx_params_fn alg##_##lc##_get_ctx_params; \ + static OSSL_FUNC_cipher_gettable_ctx_params_fn \ + alg##_##lc##_gettable_ctx_params; \ + static OSSL_FUNC_cipher_set_ctx_params_fn alg##_##lc##_set_ctx_params; \ + static OSSL_FUNC_cipher_settable_ctx_params_fn \ + alg##_##lc##_settable_ctx_params; \ + static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, 2 * kbits, blkbits, ivbits); \ + } \ + static void *alg##kbits##lc##_newctx(void *provctx) \ + { \ + return alg##_##lc##_newctx(provctx, 2 * kbits, EVP_CIPH_##UCMODE##_MODE, \ + flags); \ + } \ + const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))lc##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))lc##_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))lc##_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))lc##_stream_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))lc##_stream_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))lc##_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_##lc##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))alg##_##lc##_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))alg##_##lc##_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))alg##_##lc##_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))alg##_##lc##_settable_ctx_params }, \ + { 0, NULL } \ + }; IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 128, 8, 0) IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 192, 8, 0) diff --git a/providers/implementations/ciphers/cipher_aes_siv.h b/providers/implementations/ciphers/cipher_aes_siv.h index 4a682b77c440..28f6668a29a1 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.h +++ b/providers/implementations/ciphers/cipher_aes_siv.h @@ -14,7 +14,7 @@ typedef struct prov_cipher_hw_aes_siv_st { int (*initkey)(void *ctx, const uint8_t *key, size_t keylen); int (*cipher)(void *ctx, unsigned char *out, const unsigned char *in, - size_t len); + size_t len); void (*setspeed)(void *ctx, int speed); int (*settag)(void *ctx, const unsigned char *tag, size_t tagl); void (*cleanup)(void *ctx); @@ -22,12 +22,12 @@ typedef struct prov_cipher_hw_aes_siv_st { } PROV_CIPHER_HW_AES_SIV; typedef struct prov_siv_ctx_st { - unsigned int mode; /* The mode that we are using */ - unsigned int enc : 1; /* Set to 1 if we are encrypting or 0 otherwise */ - size_t keylen; /* The input keylength (twice the alg key length) */ - size_t taglen; /* the taglen is the same as the sivlen */ + unsigned int mode; /* The mode that we are using */ + unsigned int enc : 1; /* Set to 1 if we are encrypting or 0 otherwise */ + size_t keylen; /* The input keylength (twice the alg key length) */ + size_t taglen; /* the taglen is the same as the sivlen */ SIV128_CONTEXT siv; - EVP_CIPHER *ctr; /* These are fetched - so we need to free them */ + EVP_CIPHER *ctr; /* These are fetched - so we need to free them */ EVP_CIPHER *cbc; const PROV_CIPHER_HW_AES_SIV *hw; OSSL_LIB_CTX *libctx; diff --git a/providers/implementations/ciphers/cipher_aes_siv_hw.c b/providers/implementations/ciphers/cipher_aes_siv_hw.c index 1e6b3d56e4bd..d90d37aac89d 100644 --- a/providers/implementations/ciphers/cipher_aes_siv_hw.c +++ b/providers/implementations/ciphers/cipher_aes_siv_hw.c @@ -21,7 +21,7 @@ static int aes_siv_initkey(void *vctx, const unsigned char *key, size_t keylen) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; SIV128_CONTEXT *sctx = &ctx->siv; - size_t klen = keylen / 2; + size_t klen = keylen / 2; OSSL_LIB_CTX *libctx = ctx->libctx; const char *propq = NULL; @@ -53,7 +53,7 @@ static int aes_siv_initkey(void *vctx, const unsigned char *key, size_t keylen) * which should be twice as long */ return ossl_siv128_init(sctx, key, klen, ctx->cbc, ctx->ctr, libctx, - propq); + propq); } static int aes_siv_dupctx(void *in_vctx, void *out_vctx) @@ -101,7 +101,7 @@ static void aes_siv_cleanup(void *vctx) } static int aes_siv_cipher(void *vctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; SIV128_CONTEXT *sctx = &ctx->siv; @@ -120,8 +120,7 @@ static int aes_siv_cipher(void *vctx, unsigned char *out, return ossl_siv128_decrypt(sctx, in, out, len) > 0; } -static const PROV_CIPHER_HW_AES_SIV aes_siv_hw = -{ +static const PROV_CIPHER_HW_AES_SIV aes_siv_hw = { aes_siv_initkey, aes_siv_cipher, aes_siv_setspeed, diff --git a/providers/implementations/ciphers/cipher_aes_wrp.c b/providers/implementations/ciphers/cipher_aes_wrp.c index d44002fa69d9..f1c27173a7e1 100644 --- a/providers/implementations/ciphers/cipher_aes_wrp.c +++ b/providers/implementations/ciphers/cipher_aes_wrp.c @@ -19,15 +19,15 @@ #include "prov/implementations.h" /* AES wrap with padding has IV length of 4, without padding 8 */ -#define AES_WRAP_PAD_IVLEN 4 +#define AES_WRAP_PAD_IVLEN 4 #define AES_WRAP_NOPAD_IVLEN 8 #define WRAP_FLAGS (PROV_CIPHER_FLAG_CUSTOM_IV) #define WRAP_FLAGS_INV (WRAP_FLAGS | PROV_CIPHER_FLAG_INVERSE_CIPHER) typedef size_t (*aeswrap_fn)(void *key, const unsigned char *iv, - unsigned char *out, const unsigned char *in, - size_t inlen, block128_f block); + unsigned char *out, const unsigned char *in, + size_t inlen, block128_f block); static OSSL_FUNC_cipher_encrypt_init_fn aes_wrap_einit; static OSSL_FUNC_cipher_decrypt_init_fn aes_wrap_dinit; @@ -46,9 +46,8 @@ typedef struct prov_aes_wrap_ctx_st { } PROV_AES_WRAP_CTX; - static void *aes_wrap_newctx(size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, uint64_t flags) + size_t ivbits, unsigned int mode, uint64_t flags) { PROV_AES_WRAP_CTX *wctx; PROV_CIPHER_CTX *ctx; @@ -60,7 +59,7 @@ static void *aes_wrap_newctx(size_t kbits, size_t blkbits, ctx = (PROV_CIPHER_CTX *)wctx; if (ctx != NULL) { ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, - NULL, NULL); + NULL, NULL); ctx->pad = (ctx->ivlen == AES_WRAP_PAD_IVLEN); } return wctx; @@ -77,7 +76,7 @@ static void *aes_wrap_dupctx(void *wctx) if (dctx != NULL && dctx->base.tlsmac != NULL && dctx->base.alloced) { dctx->base.tlsmac = OPENSSL_memdup(dctx->base.tlsmac, - dctx->base.tlsmacsize); + dctx->base.tlsmacsize); if (dctx->base.tlsmac == NULL) { OPENSSL_free(dctx); dctx = NULL; @@ -91,12 +90,12 @@ static void aes_wrap_freectx(void *vctx) PROV_AES_WRAP_CTX *wctx = (PROV_AES_WRAP_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(wctx, sizeof(*wctx)); + OPENSSL_clear_free(wctx, sizeof(*wctx)); } static int aes_wrap_init(void *vctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[], int enc) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[], int enc) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; PROV_AES_WRAP_CTX *wctx = (PROV_AES_WRAP_CTX *)vctx; @@ -118,8 +117,8 @@ static int aes_wrap_init(void *vctx, const unsigned char *key, int use_forward_transform; if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); - return 0; + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); + return 0; } /* * See SP800-38F : Section 5.1 @@ -146,21 +145,21 @@ static int aes_wrap_init(void *vctx, const unsigned char *key, } static int aes_wrap_einit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return aes_wrap_init(ctx, key, keylen, iv, ivlen, params, 1); } static int aes_wrap_dinit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return aes_wrap_init(ctx, key, keylen, iv, ivlen, params, 0); } static int aes_wrap_cipher_internal(void *vctx, unsigned char *out, - const unsigned char *in, size_t inlen) + const unsigned char *in, size_t inlen) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; PROV_AES_WRAP_CTX *wctx = (PROV_AES_WRAP_CTX *)vctx; @@ -207,7 +206,7 @@ static int aes_wrap_cipher_internal(void *vctx, unsigned char *out, } rv = wctx->wrapfn(&wctx->ks.ks, ctx->iv_set ? ctx->iv : NULL, out, in, - inlen, ctx->block); + inlen, ctx->block); if (!rv) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return -1; @@ -220,7 +219,7 @@ static int aes_wrap_cipher_internal(void *vctx, unsigned char *out, } static int aes_wrap_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { if (!ossl_prov_is_running()) return 0; @@ -230,8 +229,8 @@ static int aes_wrap_final(void *vctx, unsigned char *out, size_t *outl, } static int aes_wrap_cipher(void *vctx, - unsigned char *out, size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + unsigned char *out, size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { PROV_AES_WRAP_CTX *ctx = (PROV_AES_WRAP_CTX *)vctx; size_t len; @@ -280,41 +279,41 @@ static int aes_wrap_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -#define IMPLEMENT_cipher(mode, fname, UCMODE, flags, kbits, blkbits, ivbits) \ - static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##fname##_get_params; \ - static int aes_##kbits##_##fname##_get_params(OSSL_PARAM params[]) \ - { \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE,\ - flags, kbits, blkbits, ivbits); \ - } \ - static OSSL_FUNC_cipher_newctx_fn aes_##kbits##fname##_newctx; \ - static void *aes_##kbits##fname##_newctx(void *provctx) \ - { \ - return aes_##mode##_newctx(kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags); \ - } \ - const OSSL_DISPATCH ossl_##aes##kbits##fname##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void))aes_##kbits##fname##_newctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_##mode##_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_##mode##_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_##mode##_cipher }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_##mode##_final }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_##mode##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_##mode##_dupctx }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void))aes_##kbits##_##fname##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))aes_wrap_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ - { 0, NULL } \ +#define IMPLEMENT_cipher(mode, fname, UCMODE, flags, kbits, blkbits, ivbits) \ + static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##fname##_get_params; \ + static int aes_##kbits##_##fname##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn aes_##kbits##fname##_newctx; \ + static void *aes_##kbits##fname##_newctx(void *provctx) \ + { \ + return aes_##mode##_newctx(kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags); \ + } \ + const OSSL_DISPATCH ossl_##aes##kbits##fname##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))aes_##kbits##fname##_newctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_##mode##_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_##mode##_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_##mode##_cipher }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_##mode##_final }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_##mode##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_##mode##_dupctx }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))aes_##kbits##_##fname##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))aes_wrap_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ + { 0, NULL } \ } IMPLEMENT_cipher(wrap, wrap, WRAP, WRAP_FLAGS, 256, 64, AES_WRAP_NOPAD_IVLEN * 8); diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c index dce2032986b1..99fcc960e4f6 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.c +++ b/providers/implementations/ciphers/cipher_aes_xts.c @@ -52,10 +52,10 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn aes_xts_settable_ctx_params; * data with them." */ static int aes_xts_check_keys_differ(const unsigned char *key, size_t bytes, - int enc) + int enc) { if ((!ossl_aes_xts_allow_insecure_decrypt || enc) - && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { + && CRYPTO_memcmp(key, key + bytes, bytes) == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_XTS_DUPLICATED_KEYS); return 0; } @@ -66,8 +66,8 @@ static int aes_xts_check_keys_differ(const unsigned char *key, size_t bytes, * Provider dispatch functions */ static int aes_xts_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)vctx; PROV_CIPHER_CTX *ctx = &xctx->base; @@ -95,28 +95,28 @@ static int aes_xts_init(void *vctx, const unsigned char *key, size_t keylen, } static int aes_xts_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return aes_xts_init(vctx, key, keylen, iv, ivlen, params, 1); } static int aes_xts_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return aes_xts_init(vctx, key, keylen, iv, ivlen, params, 0); } static void *aes_xts_newctx(void *provctx, unsigned int mode, uint64_t flags, - size_t kbits, size_t blkbits, size_t ivbits) + size_t kbits, size_t blkbits, size_t ivbits) { PROV_AES_XTS_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { ossl_cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, mode, - flags, ossl_prov_cipher_hw_aes_xts(kbits), - NULL); + flags, ossl_prov_cipher_hw_aes_xts(kbits), + NULL); } return ctx; } @@ -126,7 +126,7 @@ static void aes_xts_freectx(void *vctx) PROV_AES_XTS_CTX *ctx = (PROV_AES_XTS_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *aes_xts_dupctx(void *vctx) @@ -155,17 +155,17 @@ static void *aes_xts_dupctx(void *vctx) } static int aes_xts_cipher(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, size_t inl) + size_t outsize, const unsigned char *in, size_t inl) { PROV_AES_XTS_CTX *ctx = (PROV_AES_XTS_CTX *)vctx; if (!ossl_prov_is_running() - || ctx->xts.key1 == NULL - || ctx->xts.key2 == NULL - || !ctx->base.iv_set - || out == NULL - || in == NULL - || inl < AES_BLOCK_SIZE) + || ctx->xts.key1 == NULL + || ctx->xts.key2 == NULL + || !ctx->base.iv_set + || out == NULL + || in == NULL + || inl < AES_BLOCK_SIZE) return 0; /* @@ -182,7 +182,7 @@ static int aes_xts_cipher(void *vctx, unsigned char *out, size_t *outl, if (ctx->stream != NULL) (*ctx->stream)(in, out, inl, ctx->xts.key1, ctx->xts.key2, ctx->base.iv); else if (CRYPTO_xts128_encrypt(&ctx->xts, ctx->base.iv, in, out, inl, - ctx->base.enc)) + ctx->base.enc)) return 0; *outl = inl; @@ -190,8 +190,8 @@ static int aes_xts_cipher(void *vctx, unsigned char *out, size_t *outl, } static int aes_xts_stream_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) + size_t outsize, const unsigned char *in, + size_t inl) { PROV_AES_XTS_CTX *ctx = (PROV_AES_XTS_CTX *)vctx; @@ -209,7 +209,7 @@ static int aes_xts_stream_update(void *vctx, unsigned char *out, size_t *outl, } static int aes_xts_stream_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { if (!ossl_prov_is_running()) return 0; @@ -223,7 +223,7 @@ static const OSSL_PARAM aes_xts_known_settable_ctx_params[] = { }; static const OSSL_PARAM *aes_xts_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return aes_xts_known_settable_ctx_params; } @@ -252,43 +252,43 @@ static int aes_xts_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -#define IMPLEMENT_cipher(lcmode, UCMODE, kbits, flags) \ -static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##lcmode##_get_params; \ -static int aes_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, 2 * kbits, AES_XTS_BLOCK_BITS, \ - AES_XTS_IV_BITS); \ -} \ -static OSSL_FUNC_cipher_newctx_fn aes_##kbits##_xts_newctx; \ -static void *aes_##kbits##_xts_newctx(void *provctx) \ -{ \ - return aes_xts_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, flags, 2 * kbits, \ - AES_XTS_BLOCK_BITS, AES_XTS_IV_BITS); \ -} \ -const OSSL_DISPATCH ossl_aes##kbits##xts_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))aes_##kbits##_xts_newctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_xts_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_xts_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_xts_stream_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_xts_stream_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))aes_xts_cipher }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_xts_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_xts_dupctx }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void))aes_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))aes_xts_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))aes_xts_settable_ctx_params }, \ - { 0, NULL } \ -} +#define IMPLEMENT_cipher(lcmode, UCMODE, kbits, flags) \ + static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##lcmode##_get_params; \ + static int aes_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, 2 * kbits, AES_XTS_BLOCK_BITS, \ + AES_XTS_IV_BITS); \ + } \ + static OSSL_FUNC_cipher_newctx_fn aes_##kbits##_xts_newctx; \ + static void *aes_##kbits##_xts_newctx(void *provctx) \ + { \ + return aes_xts_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, flags, 2 * kbits, \ + AES_XTS_BLOCK_BITS, AES_XTS_IV_BITS); \ + } \ + const OSSL_DISPATCH ossl_aes##kbits##xts_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))aes_##kbits##_xts_newctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_xts_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_xts_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_xts_stream_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_xts_stream_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))aes_xts_cipher }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_xts_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_xts_dupctx }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))aes_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))aes_xts_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))aes_xts_settable_ctx_params }, \ + { 0, NULL } \ + } IMPLEMENT_cipher(xts, XTS, 256, AES_XTS_FLAGS); IMPLEMENT_cipher(xts, XTS, 128, AES_XTS_FLAGS); diff --git a/providers/implementations/ciphers/cipher_aes_xts.h b/providers/implementations/ciphers/cipher_aes_xts.h index afc42ef444b3..5709ed580f55 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.h +++ b/providers/implementations/ciphers/cipher_aes_xts.h @@ -18,16 +18,16 @@ extern const int ossl_aes_xts_allow_insecure_decrypt; PROV_CIPHER_FUNC(void, xts_stream, - (const unsigned char *in, unsigned char *out, size_t len, - const AES_KEY *key1, const AES_KEY *key2, - const unsigned char iv[16])); + (const unsigned char *in, unsigned char *out, size_t len, + const AES_KEY *key1, const AES_KEY *key2, + const unsigned char iv[16])); typedef struct prov_aes_xts_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; AES_KEY ks; - } ks1, ks2; /* AES key schedules to use */ + } ks1, ks2; /* AES key schedules to use */ XTS128_CONTEXT xts; OSSL_xts_stream_fn stream; } PROV_AES_XTS_CTX; diff --git a/providers/implementations/ciphers/cipher_aes_xts_hw.c b/providers/implementations/ciphers/cipher_aes_xts_hw.c index c71492f51f5e..573eb685e784 100644 --- a/providers/implementations/ciphers/cipher_aes_xts_hw.c +++ b/providers/implementations/ciphers/cipher_aes_xts_hw.c @@ -15,29 +15,30 @@ #include "cipher_aes_xts.h" -#define XTS_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key, \ - fn_block_enc, fn_block_dec, \ - fn_stream_enc, fn_stream_dec) { \ - size_t bytes = keylen / 2; \ - size_t bits = bytes * 8; \ - \ - if (ctx->enc) { \ - fn_set_enc_key(key, bits, &xctx->ks1.ks); \ - xctx->xts.block1 = (block128_f)fn_block_enc; \ - } else { \ - fn_set_dec_key(key, bits, &xctx->ks1.ks); \ - xctx->xts.block1 = (block128_f)fn_block_dec; \ - } \ - fn_set_enc_key(key + bytes, bits, &xctx->ks2.ks); \ - xctx->xts.block2 = (block128_f)fn_block_enc; \ - xctx->xts.key1 = &xctx->ks1; \ - xctx->xts.key2 = &xctx->ks2; \ - xctx->stream = ctx->enc ? fn_stream_enc : fn_stream_dec; \ -} +#define XTS_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key, \ + fn_block_enc, fn_block_dec, \ + fn_stream_enc, fn_stream_dec) \ + { \ + size_t bytes = keylen / 2; \ + size_t bits = bytes * 8; \ + \ + if (ctx->enc) { \ + fn_set_enc_key(key, bits, &xctx->ks1.ks); \ + xctx->xts.block1 = (block128_f)fn_block_enc; \ + } else { \ + fn_set_dec_key(key, bits, &xctx->ks1.ks); \ + xctx->xts.block1 = (block128_f)fn_block_dec; \ + } \ + fn_set_enc_key(key + bytes, bits, &xctx->ks2.ks); \ + xctx->xts.block2 = (block128_f)fn_block_enc; \ + xctx->xts.key1 = &xctx->ks1; \ + xctx->xts.key2 = &xctx->ks2; \ + xctx->stream = ctx->enc ? fn_stream_enc : fn_stream_dec; \ + } static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, - size_t keylen) + const unsigned char *key, + size_t keylen) { PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx; OSSL_xts_stream_fn stream_enc = NULL; @@ -50,29 +51,29 @@ static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx, #ifdef HWAES_CAPABLE if (HWAES_CAPABLE) { -# ifdef HWAES_xts_encrypt +#ifdef HWAES_xts_encrypt stream_enc = HWAES_xts_encrypt; -# endif /* HWAES_xts_encrypt */ -# ifdef HWAES_xts_decrypt +#endif /* HWAES_xts_encrypt */ +#ifdef HWAES_xts_decrypt stream_dec = HWAES_xts_decrypt; -# endif /* HWAES_xts_decrypt */ +#endif /* HWAES_xts_decrypt */ XTS_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key, - HWAES_encrypt, HWAES_decrypt, - stream_enc, stream_dec); + HWAES_encrypt, HWAES_decrypt, + stream_enc, stream_dec); return 1; } else #endif /* HWAES_CAPABLE */ #ifdef BSAES_CAPABLE - if (BSAES_CAPABLE) { + if (BSAES_CAPABLE) { stream_enc = ossl_bsaes_xts_encrypt; stream_dec = ossl_bsaes_xts_decrypt; } else #endif /* BSAES_CAPABLE */ #ifdef VPAES_CAPABLE - if (VPAES_CAPABLE) { + if (VPAES_CAPABLE) { XTS_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_set_decrypt_key, - vpaes_encrypt, vpaes_decrypt, stream_enc, stream_dec); + vpaes_encrypt, vpaes_decrypt, stream_enc, stream_dec); return 1; } else #endif /* VPAES_CAPABLE */ @@ -81,13 +82,13 @@ static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx, } { XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_decrypt_key, - AES_encrypt, AES_decrypt, stream_enc, stream_dec); + AES_encrypt, AES_decrypt, stream_enc, stream_dec); } return 1; } static void cipher_hw_aes_xts_copyctx(PROV_CIPHER_CTX *dst, - const PROV_CIPHER_CTX *src) + const PROV_CIPHER_CTX *src) { PROV_AES_XTS_CTX *sctx = (PROV_AES_XTS_CTX *)src; PROV_AES_XTS_CTX *dctx = (PROV_AES_XTS_CTX *)dst; @@ -100,30 +101,30 @@ static void cipher_hw_aes_xts_copyctx(PROV_CIPHER_CTX *dst, #if defined(AESNI_CAPABLE) static int cipher_hw_aesni_xts_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx; XTS_SET_KEY_FN(aesni_set_encrypt_key, aesni_set_decrypt_key, - aesni_encrypt, aesni_decrypt, - aesni_xts_encrypt, aesni_xts_decrypt); + aesni_encrypt, aesni_decrypt, + aesni_xts_encrypt, aesni_xts_decrypt); return 1; } -# define PROV_CIPHER_HW_declare_xts() \ -static const PROV_CIPHER_HW aesni_xts = { \ - cipher_hw_aesni_xts_initkey, \ - NULL, \ - cipher_hw_aes_xts_copyctx \ -}; -# define PROV_CIPHER_HW_select_xts() \ -if (AESNI_CAPABLE) \ - return &aesni_xts; +#define PROV_CIPHER_HW_declare_xts() \ + static const PROV_CIPHER_HW aesni_xts = { \ + cipher_hw_aesni_xts_initkey, \ + NULL, \ + cipher_hw_aes_xts_copyctx \ + }; +#define PROV_CIPHER_HW_select_xts() \ + if (AESNI_CAPABLE) \ + return &aesni_xts; -# elif defined(SPARC_AES_CAPABLE) +#elif defined(SPARC_AES_CAPABLE) static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx; OSSL_xts_stream_fn stream_enc = NULL; @@ -144,24 +145,24 @@ static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx, } XTS_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_set_decrypt_key, - aes_t4_encrypt, aes_t4_decrypt, - stream_enc, stream_dec); + aes_t4_encrypt, aes_t4_decrypt, + stream_enc, stream_dec); return 1; } -# define PROV_CIPHER_HW_declare_xts() \ -static const PROV_CIPHER_HW aes_xts_t4 = { \ - cipher_hw_aes_xts_t4_initkey, \ - NULL, \ - cipher_hw_aes_xts_copyctx \ -}; -# define PROV_CIPHER_HW_select_xts() \ -if (SPARC_AES_CAPABLE) \ - return &aes_xts_t4; -# else +#define PROV_CIPHER_HW_declare_xts() \ + static const PROV_CIPHER_HW aes_xts_t4 = { \ + cipher_hw_aes_xts_t4_initkey, \ + NULL, \ + cipher_hw_aes_xts_copyctx \ + }; +#define PROV_CIPHER_HW_select_xts() \ + if (SPARC_AES_CAPABLE) \ + return &aes_xts_t4; +#else /* The generic case */ -# define PROV_CIPHER_HW_declare_xts() -# define PROV_CIPHER_HW_select_xts() +#define PROV_CIPHER_HW_declare_xts() +#define PROV_CIPHER_HW_select_xts() #endif static const PROV_CIPHER_HW aes_generic_xts = { @@ -170,8 +171,7 @@ static const PROV_CIPHER_HW aes_generic_xts = { cipher_hw_aes_xts_copyctx }; PROV_CIPHER_HW_declare_xts() -const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts(size_t keybits) + const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts(size_t keybits) { - PROV_CIPHER_HW_select_xts() - return &aes_generic_xts; + PROV_CIPHER_HW_select_xts() return &aes_generic_xts; } diff --git a/providers/implementations/ciphers/cipher_aria.c b/providers/implementations/ciphers/cipher_aria.c index be69c39baba3..bfffedbbb003 100644 --- a/providers/implementations/ciphers/cipher_aria.c +++ b/providers/implementations/ciphers/cipher_aria.c @@ -21,7 +21,7 @@ static void aria_freectx(void *vctx) PROV_ARIA_CTX *ctx = (PROV_ARIA_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *aria_dupctx(void *ctx) @@ -61,11 +61,11 @@ IMPLEMENT_generic_cipher(aria, ARIA, ofb, OFB, 0, 192, 8, 128, stream) /* ossl_aria128ofb_functions */ IMPLEMENT_generic_cipher(aria, ARIA, ofb, OFB, 0, 128, 8, 128, stream) /* ossl_aria256cfb_functions */ -IMPLEMENT_generic_cipher(aria, ARIA, cfb, CFB, 0, 256, 8, 128, stream) +IMPLEMENT_generic_cipher(aria, ARIA, cfb, CFB, 0, 256, 8, 128, stream) /* ossl_aria192cfb_functions */ -IMPLEMENT_generic_cipher(aria, ARIA, cfb, CFB, 0, 192, 8, 128, stream) +IMPLEMENT_generic_cipher(aria, ARIA, cfb, CFB, 0, 192, 8, 128, stream) /* ossl_aria128cfb_functions */ -IMPLEMENT_generic_cipher(aria, ARIA, cfb, CFB, 0, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(aria, ARIA, cfb, CFB, 0, 128, 8, 128, stream) /* ossl_aria256cfb1_functions */ IMPLEMENT_generic_cipher(aria, ARIA, cfb1, CFB, 0, 256, 8, 128, stream) /* ossl_aria192cfb1_functions */ diff --git a/providers/implementations/ciphers/cipher_aria.h b/providers/implementations/ciphers/cipher_aria.h index 39f84d3b4321..563262aee8b4 100644 --- a/providers/implementations/ciphers/cipher_aria.h +++ b/providers/implementations/ciphers/cipher_aria.h @@ -11,14 +11,13 @@ #include "prov/ciphercommon.h" typedef struct prov_aria_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; ARIA_KEY ks; } ks; } PROV_ARIA_CTX; - #define ossl_prov_cipher_hw_aria_ofb ossl_prov_cipher_hw_aria_ofb128 #define ossl_prov_cipher_hw_aria_cfb ossl_prov_cipher_hw_aria_cfb128 const PROV_CIPHER_HW *ossl_prov_cipher_hw_aria_ecb(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_aria_ccm.c b/providers/implementations/ciphers/cipher_aria_ccm.c index 9f0e1dc20a69..c673487deead 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm.c +++ b/providers/implementations/ciphers/cipher_aria_ccm.c @@ -47,7 +47,7 @@ static void aria_ccm_freectx(void *vctx) { PROV_ARIA_CCM_CTX *ctx = (PROV_ARIA_CCM_CTX *)vctx; - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } /* aria128ccm functions */ @@ -56,4 +56,3 @@ IMPLEMENT_aead_cipher(aria, ccm, CCM, AEAD_FLAGS, 128, 8, 96); IMPLEMENT_aead_cipher(aria, ccm, CCM, AEAD_FLAGS, 192, 8, 96); /* aria256ccm functions */ IMPLEMENT_aead_cipher(aria, ccm, CCM, AEAD_FLAGS, 256, 8, 96); - diff --git a/providers/implementations/ciphers/cipher_aria_ccm.h b/providers/implementations/ciphers/cipher_aria_ccm.h index 558da4973fa2..7de71e7c0014 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm.h +++ b/providers/implementations/ciphers/cipher_aria_ccm.h @@ -16,7 +16,7 @@ typedef struct prov_aria_ccm_ctx_st { union { OSSL_UNION_ALIGN; ARIA_KEY ks; - } ks; /* ARIA key schedule to use */ + } ks; /* ARIA key schedule to use */ } PROV_ARIA_CCM_CTX; const PROV_CCM_HW *ossl_prov_aria_hw_ccm(size_t keylen); diff --git a/providers/implementations/ciphers/cipher_aria_ccm_hw.c b/providers/implementations/ciphers/cipher_aria_ccm_hw.c index e56ec8fb0865..6c5a42030575 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm_hw.c +++ b/providers/implementations/ciphers/cipher_aria_ccm_hw.c @@ -14,13 +14,13 @@ #include "cipher_aria_ccm.h" static int ccm_aria_initkey(PROV_CCM_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_ARIA_CCM_CTX *actx = (PROV_ARIA_CCM_CTX *)ctx; ossl_aria_set_encrypt_key(key, keylen * 8, &actx->ks.ks); CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ks.ks, - (block128_f)ossl_aria_encrypt); + (block128_f)ossl_aria_encrypt); ctx->str = NULL; ctx->key_set = 1; return 1; diff --git a/providers/implementations/ciphers/cipher_aria_gcm.c b/providers/implementations/ciphers/cipher_aria_gcm.c index 21c28cd56d9b..a0f56985a1fb 100644 --- a/providers/implementations/ciphers/cipher_aria_gcm.c +++ b/providers/implementations/ciphers/cipher_aria_gcm.c @@ -23,7 +23,7 @@ static void *aria_gcm_newctx(void *provctx, size_t keybits) ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) ossl_gcm_initctx(provctx, &ctx->base, keybits, - ossl_prov_aria_hw_gcm(keybits)); + ossl_prov_aria_hw_gcm(keybits)); return ctx; } @@ -35,7 +35,7 @@ static void *aria_gcm_dupctx(void *provctx) if (ctx == NULL) return NULL; - dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); + dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); if (dctx != NULL && dctx->base.gcm.key != NULL) dctx->base.gcm.key = &dctx->ks.ks; @@ -47,7 +47,7 @@ static void aria_gcm_freectx(void *vctx) { PROV_ARIA_GCM_CTX *ctx = (PROV_ARIA_GCM_CTX *)vctx; - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } /* ossl_aria128gcm_functions */ @@ -56,4 +56,3 @@ IMPLEMENT_aead_cipher(aria, gcm, GCM, AEAD_FLAGS, 128, 8, 96); IMPLEMENT_aead_cipher(aria, gcm, GCM, AEAD_FLAGS, 192, 8, 96); /* ossl_aria256gcm_functions */ IMPLEMENT_aead_cipher(aria, gcm, GCM, AEAD_FLAGS, 256, 8, 96); - diff --git a/providers/implementations/ciphers/cipher_aria_gcm.h b/providers/implementations/ciphers/cipher_aria_gcm.h index 6251e8322f36..622053a5594d 100644 --- a/providers/implementations/ciphers/cipher_aria_gcm.h +++ b/providers/implementations/ciphers/cipher_aria_gcm.h @@ -12,7 +12,7 @@ #include "prov/ciphercommon_gcm.h" typedef struct prov_aria_gcm_ctx_st { - PROV_GCM_CTX base; /* must be first entry in struct */ + PROV_GCM_CTX base; /* must be first entry in struct */ union { OSSL_UNION_ALIGN; ARIA_KEY ks; diff --git a/providers/implementations/ciphers/cipher_aria_gcm_hw.c b/providers/implementations/ciphers/cipher_aria_gcm_hw.c index 927327c29c77..f4c8646103f0 100644 --- a/providers/implementations/ciphers/cipher_aria_gcm_hw.c +++ b/providers/implementations/ciphers/cipher_aria_gcm_hw.c @@ -14,7 +14,7 @@ #include "cipher_aria_gcm.h" static int aria_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key, - size_t keylen) + size_t keylen) { PROV_ARIA_GCM_CTX *actx = (PROV_ARIA_GCM_CTX *)ctx; ARIA_KEY *ks = &actx->ks.ks; diff --git a/providers/implementations/ciphers/cipher_aria_hw.c b/providers/implementations/ciphers/cipher_aria_hw.c index 425d87a65eca..12ba59a46a27 100644 --- a/providers/implementations/ciphers/cipher_aria_hw.c +++ b/providers/implementations/ciphers/cipher_aria_hw.c @@ -11,7 +11,7 @@ #include "cipher_aria.h" static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { int ret, mode = dat->mode; PROV_ARIA_CTX *adat = (PROV_ARIA_CTX *)dat; @@ -32,21 +32,21 @@ static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aria_copyctx, PROV_ARIA_CTX) -# define PROV_CIPHER_HW_aria_mode(mode) \ -static const PROV_CIPHER_HW aria_##mode = { \ - cipher_hw_aria_initkey, \ - ossl_cipher_hw_chunked_##mode, \ - cipher_hw_aria_copyctx \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_aria_##mode(size_t keybits) \ -{ \ - return &aria_##mode; \ -} +#define PROV_CIPHER_HW_aria_mode(mode) \ + static const PROV_CIPHER_HW aria_##mode = { \ + cipher_hw_aria_initkey, \ + ossl_cipher_hw_chunked_##mode, \ + cipher_hw_aria_copyctx \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_aria_##mode(size_t keybits) \ + { \ + return &aria_##mode; \ + } PROV_CIPHER_HW_aria_mode(cbc) -PROV_CIPHER_HW_aria_mode(ecb) -PROV_CIPHER_HW_aria_mode(ofb128) -PROV_CIPHER_HW_aria_mode(cfb128) -PROV_CIPHER_HW_aria_mode(cfb1) -PROV_CIPHER_HW_aria_mode(cfb8) -PROV_CIPHER_HW_aria_mode(ctr) + PROV_CIPHER_HW_aria_mode(ecb) + PROV_CIPHER_HW_aria_mode(ofb128) + PROV_CIPHER_HW_aria_mode(cfb128) + PROV_CIPHER_HW_aria_mode(cfb1) + PROV_CIPHER_HW_aria_mode(cfb8) + PROV_CIPHER_HW_aria_mode(ctr) diff --git a/providers/implementations/ciphers/cipher_blowfish.c b/providers/implementations/ciphers/cipher_blowfish.c index 748028d3f32b..f574e90e38f5 100644 --- a/providers/implementations/ciphers/cipher_blowfish.c +++ b/providers/implementations/ciphers/cipher_blowfish.c @@ -29,7 +29,7 @@ static void blowfish_freectx(void *vctx) PROV_BLOWFISH_CTX *ctx = (PROV_BLOWFISH_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *blowfish_dupctx(void *ctx) @@ -57,4 +57,4 @@ IMPLEMENT_var_keylen_cipher(blowfish, BLOWFISH, cbc, CBC, BF_FLAGS, 128, 64, 64, /* bf_ofb_functions */ IMPLEMENT_var_keylen_cipher(blowfish, BLOWFISH, ofb64, OFB, BF_FLAGS, 128, 8, 64, stream) /* bf_cfb_functions */ -IMPLEMENT_var_keylen_cipher(blowfish, BLOWFISH, cfb64, CFB, BF_FLAGS, 128, 8, 64, stream) +IMPLEMENT_var_keylen_cipher(blowfish, BLOWFISH, cfb64, CFB, BF_FLAGS, 128, 8, 64, stream) diff --git a/providers/implementations/ciphers/cipher_blowfish.h b/providers/implementations/ciphers/cipher_blowfish.h index bbdc9da3789d..18c824fed1e3 100644 --- a/providers/implementations/ciphers/cipher_blowfish.h +++ b/providers/implementations/ciphers/cipher_blowfish.h @@ -11,7 +11,7 @@ #include "prov/ciphercommon.h" typedef struct prov_blowfish_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; BF_KEY ks; diff --git a/providers/implementations/ciphers/cipher_blowfish_hw.c b/providers/implementations/ciphers/cipher_blowfish_hw.c index 4855a71f6871..5cbc4886fa46 100644 --- a/providers/implementations/ciphers/cipher_blowfish_hw.c +++ b/providers/implementations/ciphers/cipher_blowfish_hw.c @@ -16,27 +16,27 @@ #include "cipher_blowfish.h" static int cipher_hw_blowfish_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_BLOWFISH_CTX *bctx = (PROV_BLOWFISH_CTX *)ctx; + PROV_BLOWFISH_CTX *bctx = (PROV_BLOWFISH_CTX *)ctx; BF_set_key(&bctx->ks.ks, keylen, key); return 1; } -# define PROV_CIPHER_HW_blowfish_mode(mode, UCMODE) \ -IMPLEMENT_CIPHER_HW_##UCMODE(mode, blowfish, PROV_BLOWFISH_CTX, BF_KEY, \ - BF_##mode) \ -static const PROV_CIPHER_HW bf_##mode = { \ - cipher_hw_blowfish_initkey, \ - cipher_hw_blowfish_##mode##_cipher \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_blowfish_##mode(size_t keybits) \ -{ \ - return &bf_##mode; \ -} +#define PROV_CIPHER_HW_blowfish_mode(mode, UCMODE) \ + IMPLEMENT_CIPHER_HW_##UCMODE(mode, blowfish, PROV_BLOWFISH_CTX, BF_KEY, \ + BF_##mode) static const PROV_CIPHER_HW bf_##mode \ + = { \ + cipher_hw_blowfish_initkey, \ + cipher_hw_blowfish_##mode##_cipher \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_blowfish_##mode(size_t keybits) \ + { \ + return &bf_##mode; \ + } PROV_CIPHER_HW_blowfish_mode(cbc, CBC) -PROV_CIPHER_HW_blowfish_mode(ecb, ECB) -PROV_CIPHER_HW_blowfish_mode(ofb64, OFB) -PROV_CIPHER_HW_blowfish_mode(cfb64, CFB) + PROV_CIPHER_HW_blowfish_mode(ecb, ECB) + PROV_CIPHER_HW_blowfish_mode(ofb64, OFB) + PROV_CIPHER_HW_blowfish_mode(cfb64, CFB) diff --git a/providers/implementations/ciphers/cipher_camellia.c b/providers/implementations/ciphers/cipher_camellia.c index b119666aa8b0..690e9bf17a17 100644 --- a/providers/implementations/ciphers/cipher_camellia.c +++ b/providers/implementations/ciphers/cipher_camellia.c @@ -27,7 +27,7 @@ static void camellia_freectx(void *vctx) PROV_CAMELLIA_CTX *ctx = (PROV_CAMELLIA_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *camellia_dupctx(void *ctx) @@ -67,11 +67,11 @@ IMPLEMENT_generic_cipher(camellia, CAMELLIA, ofb, OFB, 0, 192, 8, 128, stream) /* ossl_camellia128ofb_functions */ IMPLEMENT_generic_cipher(camellia, CAMELLIA, ofb, OFB, 0, 128, 8, 128, stream) /* ossl_camellia256cfb_functions */ -IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb, CFB, 0, 256, 8, 128, stream) +IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb, CFB, 0, 256, 8, 128, stream) /* ossl_camellia192cfb_functions */ -IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb, CFB, 0, 192, 8, 128, stream) +IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb, CFB, 0, 192, 8, 128, stream) /* ossl_camellia128cfb_functions */ -IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb, CFB, 0, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb, CFB, 0, 128, 8, 128, stream) /* ossl_camellia256cfb1_functions */ IMPLEMENT_generic_cipher(camellia, CAMELLIA, cfb1, CFB, 0, 256, 8, 128, stream) /* ossl_camellia192cfb1_functions */ diff --git a/providers/implementations/ciphers/cipher_camellia.h b/providers/implementations/ciphers/cipher_camellia.h index 953ea74c0b5d..2c1156ae92da 100644 --- a/providers/implementations/ciphers/cipher_camellia.h +++ b/providers/implementations/ciphers/cipher_camellia.h @@ -12,7 +12,7 @@ #include "crypto/cmll_platform.h" typedef struct prov_camellia_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; CAMELLIA_KEY ks; diff --git a/providers/implementations/ciphers/cipher_camellia_hw.c b/providers/implementations/ciphers/cipher_camellia_hw.c index 3ebf5b8d4612..652cdf9d4a97 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw.c +++ b/providers/implementations/ciphers/cipher_camellia_hw.c @@ -18,7 +18,7 @@ #include "cipher_camellia.h" static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { int ret, mode = dat->mode; PROV_CAMELLIA_CTX *adat = (PROV_CAMELLIA_CTX *)dat; @@ -31,44 +31,42 @@ static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, return 0; } if (dat->enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) { - dat->block = (block128_f) Camellia_encrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f) Camellia_cbc_encrypt : NULL; + dat->block = (block128_f)Camellia_encrypt; + dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f)Camellia_cbc_encrypt : NULL; } else { - dat->block = (block128_f) Camellia_decrypt; - dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? - (cbc128_f) Camellia_cbc_encrypt : NULL; + dat->block = (block128_f)Camellia_decrypt; + dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ? (cbc128_f)Camellia_cbc_encrypt : NULL; } return 1; } IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_camellia_copyctx, PROV_CAMELLIA_CTX) -# if defined(SPARC_CMLL_CAPABLE) -# include "cipher_camellia_hw_t4.inc" -# else +#if defined(SPARC_CMLL_CAPABLE) +#include "cipher_camellia_hw_t4.inc" +#else /* The generic case */ -# define PROV_CIPHER_HW_declare(mode) -# define PROV_CIPHER_HW_select(mode) -# endif /* SPARC_CMLL_CAPABLE */ +#define PROV_CIPHER_HW_declare(mode) +#define PROV_CIPHER_HW_select(mode) +#endif /* SPARC_CMLL_CAPABLE */ -#define PROV_CIPHER_HW_camellia_mode(mode) \ -static const PROV_CIPHER_HW camellia_##mode = { \ - cipher_hw_camellia_initkey, \ - ossl_cipher_hw_generic_##mode, \ - cipher_hw_camellia_copyctx \ -}; \ -PROV_CIPHER_HW_declare(mode) \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_camellia_##mode(size_t keybits) \ -{ \ - PROV_CIPHER_HW_select(mode) \ - return &camellia_##mode; \ -} +#define PROV_CIPHER_HW_camellia_mode(mode) \ + static const PROV_CIPHER_HW camellia_##mode = { \ + cipher_hw_camellia_initkey, \ + ossl_cipher_hw_generic_##mode, \ + cipher_hw_camellia_copyctx \ + }; \ + PROV_CIPHER_HW_declare(mode) \ + const PROV_CIPHER_HW * \ + ossl_prov_cipher_hw_camellia_##mode(size_t keybits) \ + { \ + PROV_CIPHER_HW_select(mode) return &camellia_##mode; \ + } PROV_CIPHER_HW_camellia_mode(cbc) -PROV_CIPHER_HW_camellia_mode(ecb) -PROV_CIPHER_HW_camellia_mode(ofb128) -PROV_CIPHER_HW_camellia_mode(cfb128) -PROV_CIPHER_HW_camellia_mode(cfb1) -PROV_CIPHER_HW_camellia_mode(cfb8) -PROV_CIPHER_HW_camellia_mode(ctr) + PROV_CIPHER_HW_camellia_mode(ecb) + PROV_CIPHER_HW_camellia_mode(ofb128) + PROV_CIPHER_HW_camellia_mode(cfb128) + PROV_CIPHER_HW_camellia_mode(cfb1) + PROV_CIPHER_HW_camellia_mode(cfb8) + PROV_CIPHER_HW_camellia_mode(ctr) diff --git a/providers/implementations/ciphers/cipher_cast.h b/providers/implementations/ciphers/cipher_cast.h index 84b58621c1bc..d0451861e32e 100644 --- a/providers/implementations/ciphers/cipher_cast.h +++ b/providers/implementations/ciphers/cipher_cast.h @@ -11,7 +11,7 @@ #include "prov/ciphercommon.h" typedef struct prov_cast_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; CAST_KEY ks; diff --git a/providers/implementations/ciphers/cipher_cast5.c b/providers/implementations/ciphers/cipher_cast5.c index 55081ccbe958..b8307f52d564 100644 --- a/providers/implementations/ciphers/cipher_cast5.c +++ b/providers/implementations/ciphers/cipher_cast5.c @@ -30,7 +30,7 @@ static void cast5_freectx(void *vctx) PROV_CAST_CTX *ctx = (PROV_CAST_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *cast5_dupctx(void *ctx) @@ -58,4 +58,4 @@ IMPLEMENT_var_keylen_cipher(cast5, CAST, cbc, CBC, CAST5_FLAGS, 128, 64, 64, blo /* ossl_cast5128ofb64_functions */ IMPLEMENT_var_keylen_cipher(cast5, CAST, ofb64, OFB, CAST5_FLAGS, 128, 8, 64, stream) /* ossl_cast5128cfb64_functions */ -IMPLEMENT_var_keylen_cipher(cast5, CAST, cfb64, CFB, CAST5_FLAGS, 128, 8, 64, stream) +IMPLEMENT_var_keylen_cipher(cast5, CAST, cfb64, CFB, CAST5_FLAGS, 128, 8, 64, stream) diff --git a/providers/implementations/ciphers/cipher_cast5_hw.c b/providers/implementations/ciphers/cipher_cast5_hw.c index 73f0628e578b..e4ccc8aa0955 100644 --- a/providers/implementations/ciphers/cipher_cast5_hw.c +++ b/providers/implementations/ciphers/cipher_cast5_hw.c @@ -16,27 +16,27 @@ #include "cipher_cast.h" static int cipher_hw_cast5_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_CAST_CTX *bctx = (PROV_CAST_CTX *)ctx; + PROV_CAST_CTX *bctx = (PROV_CAST_CTX *)ctx; CAST_set_key(&(bctx->ks.ks), keylen, key); return 1; } -# define PROV_CIPHER_HW_cast_mode(mode, UCMODE) \ -IMPLEMENT_CIPHER_HW_##UCMODE(mode, cast5, PROV_CAST_CTX, CAST_KEY, \ - CAST_##mode) \ -static const PROV_CIPHER_HW cast5_##mode = { \ - cipher_hw_cast5_initkey, \ - cipher_hw_cast5_##mode##_cipher \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_cast5_##mode(size_t keybits) \ -{ \ - return &cast5_##mode; \ -} +#define PROV_CIPHER_HW_cast_mode(mode, UCMODE) \ + IMPLEMENT_CIPHER_HW_##UCMODE(mode, cast5, PROV_CAST_CTX, CAST_KEY, \ + CAST_##mode) static const PROV_CIPHER_HW cast5_##mode \ + = { \ + cipher_hw_cast5_initkey, \ + cipher_hw_cast5_##mode##_cipher \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_cast5_##mode(size_t keybits) \ + { \ + return &cast5_##mode; \ + } PROV_CIPHER_HW_cast_mode(cbc, CBC) -PROV_CIPHER_HW_cast_mode(ecb, ECB) -PROV_CIPHER_HW_cast_mode(ofb64, OFB) -PROV_CIPHER_HW_cast_mode(cfb64, CFB) + PROV_CIPHER_HW_cast_mode(ecb, ECB) + PROV_CIPHER_HW_cast_mode(ofb64, OFB) + PROV_CIPHER_HW_cast_mode(cfb64, CFB) diff --git a/providers/implementations/ciphers/cipher_chacha20.c b/providers/implementations/ciphers/cipher_chacha20.c index ef80a515d756..b65e29f47811 100644 --- a/providers/implementations/ciphers/cipher_chacha20.c +++ b/providers/implementations/ciphers/cipher_chacha20.c @@ -35,11 +35,11 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn chacha20_settable_ctx_params; void ossl_chacha20_initctx(PROV_CHACHA20_CTX *ctx) { ossl_cipher_generic_initkey(ctx, CHACHA20_KEYLEN * 8, - CHACHA20_BLKLEN * 8, - CHACHA20_IVLEN * 8, - 0, CHACHA20_FLAGS, - ossl_prov_cipher_hw_chacha20(CHACHA20_KEYLEN * 8), - NULL); + CHACHA20_BLKLEN * 8, + CHACHA20_IVLEN * 8, + 0, CHACHA20_FLAGS, + ossl_prov_cipher_hw_chacha20(CHACHA20_KEYLEN * 8), + NULL); } static void *chacha20_newctx(void *provctx) @@ -74,7 +74,7 @@ static void *chacha20_dupctx(void *vctx) dupctx = OPENSSL_memdup(ctx, sizeof(*dupctx)); if (dupctx != NULL && dupctx->base.tlsmac != NULL && dupctx->base.alloced) { dupctx->base.tlsmac = OPENSSL_memdup(dupctx->base.tlsmac, - dupctx->base.tlsmacsize); + dupctx->base.tlsmacsize); if (dupctx->base.tlsmac == NULL) { OPENSSL_free(dupctx); dupctx = NULL; @@ -87,9 +87,9 @@ static void *chacha20_dupctx(void *vctx) static int chacha20_get_params(OSSL_PARAM params[]) { return ossl_cipher_generic_get_params(params, 0, CHACHA20_FLAGS, - CHACHA20_KEYLEN * 8, - CHACHA20_BLKLEN * 8, - CHACHA20_IVLEN * 8); + CHACHA20_KEYLEN * 8, + CHACHA20_BLKLEN * 8, + CHACHA20_IVLEN * 8); } static int chacha20_get_ctx_params(void *vctx, OSSL_PARAM params[]) @@ -116,7 +116,7 @@ static const OSSL_PARAM chacha20_known_gettable_ctx_params[] = { OSSL_PARAM_END }; const OSSL_PARAM *chacha20_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return chacha20_known_gettable_ctx_params; } @@ -160,14 +160,14 @@ static const OSSL_PARAM chacha20_known_settable_ctx_params[] = { OSSL_PARAM_END }; const OSSL_PARAM *chacha20_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return chacha20_known_settable_ctx_params; } int ossl_chacha20_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { int ret; @@ -185,8 +185,8 @@ int ossl_chacha20_einit(void *vctx, const unsigned char *key, size_t keylen, } int ossl_chacha20_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { int ret; @@ -212,9 +212,9 @@ const OSSL_DISPATCH ossl_chacha20_functions[] = { { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_chacha20_dinit }, { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))chacha20_update }, { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))chacha20_final }, - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))chacha20_cipher}, + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))chacha20_cipher }, { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))chacha20_get_params }, - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS,(void (*)(void))chacha20_gettable_params }, + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, (void (*)(void))chacha20_gettable_params }, { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))chacha20_get_ctx_params }, { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, (void (*)(void))chacha20_gettable_ctx_params }, @@ -223,4 +223,3 @@ const OSSL_DISPATCH ossl_chacha20_functions[] = { (void (*)(void))chacha20_settable_ctx_params }, { 0, NULL } }; - diff --git a/providers/implementations/ciphers/cipher_chacha20.h b/providers/implementations/ciphers/cipher_chacha20.h index 9db8ed9cb424..ed531d7933bb 100644 --- a/providers/implementations/ciphers/cipher_chacha20.h +++ b/providers/implementations/ciphers/cipher_chacha20.h @@ -11,14 +11,14 @@ #include "prov/ciphercommon.h" typedef struct { - PROV_CIPHER_CTX base; /* must be first */ + PROV_CIPHER_CTX base; /* must be first */ union { OSSL_UNION_ALIGN; unsigned int d[CHACHA_KEY_SIZE / 4]; } key; - unsigned int counter[CHACHA_CTR_SIZE / 4]; + unsigned int counter[CHACHA_CTR_SIZE / 4]; unsigned char buf[CHACHA_BLK_SIZE]; - unsigned int partial_len; + unsigned int partial_len; } PROV_CHACHA20_CTX; typedef struct prov_cipher_hw_chacha20_st { diff --git a/providers/implementations/ciphers/cipher_chacha20_hw.c b/providers/implementations/ciphers/cipher_chacha20_hw.c index 3b03bc81ed5a..18a4578b4912 100644 --- a/providers/implementations/ciphers/cipher_chacha20_hw.c +++ b/providers/implementations/ciphers/cipher_chacha20_hw.c @@ -12,7 +12,7 @@ #include "cipher_chacha20.h" static int chacha20_initkey(PROV_CIPHER_CTX *bctx, const uint8_t *key, - size_t keylen) + size_t keylen) { PROV_CHACHA20_CTX *ctx = (PROV_CHACHA20_CTX *)bctx; unsigned int i; @@ -39,7 +39,7 @@ static int chacha20_initiv(PROV_CIPHER_CTX *bctx) } static int chacha20_cipher(PROV_CIPHER_CTX *bctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_CHACHA20_CTX *ctx = (PROV_CHACHA20_CTX *)bctx; unsigned int n, rem, ctr32; @@ -95,13 +95,14 @@ static int chacha20_cipher(PROV_CIPHER_CTX *bctx, unsigned char *out, out += blocks; ctx->counter[0] = ctr32; - if (ctr32 == 0) ctx->counter[1]++; + if (ctr32 == 0) + ctx->counter[1]++; } if (rem > 0) { memset(ctx->buf, 0, sizeof(ctx->buf)); ChaCha20_ctr32(ctx->buf, ctx->buf, CHACHA_BLK_SIZE, - ctx->key.d, ctx->counter); + ctx->key.d, ctx->counter); for (n = 0; n < rem; n++) out[n] = in[n] ^ ctx->buf[n]; ctx->partial_len = rem; @@ -119,4 +120,3 @@ const PROV_CIPHER_HW *ossl_prov_cipher_hw_chacha20(size_t keybits) { return (PROV_CIPHER_HW *)&chacha20_hw; } - diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c index 7fba6ab64f39..e1727bb1d2f5 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c @@ -18,8 +18,8 @@ #define CHACHA20_POLY1305_BLKLEN 1 #define CHACHA20_POLY1305_MAX_IVLEN 12 #define CHACHA20_POLY1305_MODE 0 -#define CHACHA20_POLY1305_FLAGS (PROV_CIPHER_FLAG_AEAD \ - | PROV_CIPHER_FLAG_CUSTOM_IV) +#define CHACHA20_POLY1305_FLAGS (PROV_CIPHER_FLAG_AEAD \ + | PROV_CIPHER_FLAG_CUSTOM_IV) static OSSL_FUNC_cipher_newctx_fn chacha20_poly1305_newctx; static OSSL_FUNC_cipher_freectx_fn chacha20_poly1305_freectx; @@ -46,13 +46,13 @@ static void *chacha20_poly1305_newctx(void *provctx) ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { ossl_cipher_generic_initkey(&ctx->base, CHACHA20_POLY1305_KEYLEN * 8, - CHACHA20_POLY1305_BLKLEN * 8, - CHACHA20_POLY1305_IVLEN * 8, - CHACHA20_POLY1305_MODE, - CHACHA20_POLY1305_FLAGS, - ossl_prov_cipher_hw_chacha20_poly1305( - CHACHA20_POLY1305_KEYLEN * 8), - NULL); + CHACHA20_POLY1305_BLKLEN * 8, + CHACHA20_POLY1305_IVLEN * 8, + CHACHA20_POLY1305_MODE, + CHACHA20_POLY1305_FLAGS, + ossl_prov_cipher_hw_chacha20_poly1305( + CHACHA20_POLY1305_KEYLEN * 8), + NULL); ctx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH; ossl_chacha20_initctx(&ctx->chacha); } @@ -69,7 +69,7 @@ static void *chacha20_poly1305_dupctx(void *provctx) dctx = OPENSSL_memdup(ctx, sizeof(*ctx)); if (dctx != NULL && dctx->base.tlsmac != NULL && dctx->base.alloced) { dctx->base.tlsmac = OPENSSL_memdup(dctx->base.tlsmac, - dctx->base.tlsmacsize); + dctx->base.tlsmacsize); if (dctx->base.tlsmac == NULL) { OPENSSL_free(dctx); dctx = NULL; @@ -91,9 +91,9 @@ static void chacha20_poly1305_freectx(void *vctx) static int chacha20_poly1305_get_params(OSSL_PARAM params[]) { return ossl_cipher_generic_get_params(params, 0, CHACHA20_POLY1305_FLAGS, - CHACHA20_POLY1305_KEYLEN * 8, - CHACHA20_POLY1305_BLKLEN * 8, - CHACHA20_POLY1305_IVLEN * 8); + CHACHA20_POLY1305_KEYLEN * 8, + CHACHA20_POLY1305_BLKLEN * 8, + CHACHA20_POLY1305_IVLEN * 8); } static int chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) @@ -152,8 +152,7 @@ static const OSSL_PARAM chacha20_poly1305_known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), OSSL_PARAM_END }; -static const OSSL_PARAM *chacha20_poly1305_gettable_ctx_params - (ossl_unused void *cctx, ossl_unused void *provctx) +static const OSSL_PARAM *chacha20_poly1305_gettable_ctx_params(ossl_unused void *cctx, ossl_unused void *provctx) { return chacha20_poly1305_known_gettable_ctx_params; } @@ -167,20 +166,18 @@ static const OSSL_PARAM chacha20_poly1305_known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *chacha20_poly1305_settable_ctx_params( - ossl_unused void *cctx, ossl_unused void *provctx - ) + ossl_unused void *cctx, ossl_unused void *provctx) { return chacha20_poly1305_known_settable_ctx_params; } static int chacha20_poly1305_set_ctx_params(void *vctx, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { const OSSL_PARAM *p; size_t len; PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)vctx; - PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = - (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->base.hw; + PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->base.hw; if (params == NULL) return 1; @@ -257,8 +254,8 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, } static int chacha20_poly1305_einit(void *vctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[]) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[]) { int ret; @@ -266,8 +263,7 @@ static int chacha20_poly1305_einit(void *vctx, const unsigned char *key, ret = ossl_cipher_generic_einit(vctx, key, keylen, iv, ivlen, NULL); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = - (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; + PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; hw->initiv(ctx); } @@ -277,8 +273,8 @@ static int chacha20_poly1305_einit(void *vctx, const unsigned char *key, } static int chacha20_poly1305_dinit(void *vctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[]) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[]) { int ret; @@ -286,8 +282,7 @@ static int chacha20_poly1305_dinit(void *vctx, const unsigned char *key, ret = ossl_cipher_generic_dinit(vctx, key, keylen, iv, ivlen, NULL); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = - (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; + PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; hw->initiv(ctx); } @@ -297,12 +292,11 @@ static int chacha20_poly1305_dinit(void *vctx, const unsigned char *key, } static int chacha20_poly1305_cipher(void *vctx, unsigned char *out, - size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = - (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; + PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; if (!ossl_prov_is_running()) return 0; @@ -324,11 +318,10 @@ static int chacha20_poly1305_cipher(void *vctx, unsigned char *out, } static int chacha20_poly1305_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = - (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; + PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = (PROV_CIPHER_HW_CHACHA20_POLY1305 *)ctx->hw; if (!ossl_prov_is_running()) return 0; @@ -355,7 +348,7 @@ const OSSL_DISPATCH ossl_chacha20_ossl_poly1305_functions[] = { { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, (void (*)(void))chacha20_poly1305_gettable_params }, { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, - (void (*)(void))chacha20_poly1305_get_ctx_params }, + (void (*)(void))chacha20_poly1305_get_ctx_params }, { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, (void (*)(void))chacha20_poly1305_gettable_ctx_params }, { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, @@ -364,4 +357,3 @@ const OSSL_DISPATCH ossl_chacha20_ossl_poly1305_functions[] = { (void (*)(void))chacha20_poly1305_settable_ctx_params }, { 0, NULL } }; - diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.h b/providers/implementations/ciphers/cipher_chacha20_poly1305.h index f2ea26a77f3a..2e82fdb94782 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.h +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.h @@ -16,13 +16,15 @@ #define CHACHA20_POLY1305_IVLEN 12 typedef struct { - PROV_CIPHER_CTX base; /* must be first */ + PROV_CIPHER_CTX base; /* must be first */ PROV_CHACHA20_CTX chacha; POLY1305 poly1305; unsigned int nonce[12 / 4]; unsigned char tag[POLY1305_BLOCK_SIZE]; unsigned char tls_aad[POLY1305_BLOCK_SIZE]; - struct { uint64_t aad, text; } len; + struct { + uint64_t aad, text; + } len; unsigned int aad : 1; unsigned int mac_inited : 1; size_t tag_len; @@ -33,11 +35,11 @@ typedef struct { typedef struct prov_cipher_hw_chacha_aead_st { PROV_CIPHER_HW base; /* must be first */ int (*aead_cipher)(PROV_CIPHER_CTX *dat, unsigned char *out, size_t *outl, - const unsigned char *in, size_t len); + const unsigned char *in, size_t len); int (*initiv)(PROV_CIPHER_CTX *ctx); int (*tls_init)(PROV_CIPHER_CTX *ctx, unsigned char *aad, size_t alen); int (*tls_iv_set_fixed)(PROV_CIPHER_CTX *ctx, unsigned char *fixed, - size_t flen); + size_t flen); } PROV_CIPHER_HW_CHACHA20_POLY1305; const PROV_CIPHER_HW *ossl_prov_cipher_hw_chacha20_poly1305(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c b/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c index 8173663e5e7e..e8920cae68b2 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c @@ -13,7 +13,7 @@ #include "cipher_chacha20_poly1305.h" static int chacha_poly1305_tls_init(PROV_CIPHER_CTX *bctx, - unsigned char *aad, size_t alen) + unsigned char *aad, size_t alen) { unsigned int len; PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)bctx; @@ -36,14 +36,14 @@ static int chacha_poly1305_tls_init(PROV_CIPHER_CTX *bctx, /* merge record sequence number as per RFC7905 */ ctx->chacha.counter[1] = ctx->nonce[0]; ctx->chacha.counter[2] = ctx->nonce[1] ^ CHACHA_U8TOU32(aad); - ctx->chacha.counter[3] = ctx->nonce[2] ^ CHACHA_U8TOU32(aad+4); + ctx->chacha.counter[3] = ctx->nonce[2] ^ CHACHA_U8TOU32(aad + 4); ctx->mac_inited = 0; - return POLY1305_BLOCK_SIZE; /* tag length */ + return POLY1305_BLOCK_SIZE; /* tag length */ } static int chacha_poly1305_tls_iv_set_fixed(PROV_CIPHER_CTX *bctx, - unsigned char *fixed, size_t flen) + unsigned char *fixed, size_t flen) { PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)bctx; @@ -56,7 +56,7 @@ static int chacha_poly1305_tls_iv_set_fixed(PROV_CIPHER_CTX *bctx, } static int chacha20_poly1305_initkey(PROV_CIPHER_CTX *bctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)bctx; @@ -87,14 +87,14 @@ static int chacha20_poly1305_initiv(PROV_CIPHER_CTX *bctx) /* pad on the left */ memcpy(tempiv + CHACHA_CTR_SIZE - noncelen, bctx->oiv, - noncelen); + noncelen); if (bctx->enc) ret = ossl_chacha20_einit(&ctx->chacha, NULL, 0, - tempiv, sizeof(tempiv), NULL); + tempiv, sizeof(tempiv), NULL); else ret = ossl_chacha20_dinit(&ctx->chacha, NULL, 0, - tempiv, sizeof(tempiv), NULL); + tempiv, sizeof(tempiv), NULL); ctx->nonce[0] = ctx->chacha.counter[1]; ctx->nonce[1] = ctx->chacha.counter[2]; ctx->nonce[2] = ctx->chacha.counter[3]; @@ -104,20 +104,19 @@ static int chacha20_poly1305_initiv(PROV_CIPHER_CTX *bctx) #if !defined(OPENSSL_SMALL_FOOTPRINT) -# if defined(POLY1305_ASM) && (defined(__x86_64) || defined(__x86_64__) \ - || defined(_M_AMD64) || defined(_M_X64)) -# define XOR128_HELPERS +#if defined(POLY1305_ASM) && (defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)) +#define XOR128_HELPERS void *xor128_encrypt_n_pad(void *out, const void *inp, void *otp, size_t len); void *xor128_decrypt_n_pad(void *out, const void *inp, void *otp, size_t len); static const unsigned char zero[4 * CHACHA_BLK_SIZE] = { 0 }; -# else +#else static const unsigned char zero[2 * CHACHA_BLK_SIZE] = { 0 }; -# endif +#endif static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx, - unsigned char *out, - size_t *out_padlen, - const unsigned char *in, size_t len) + unsigned char *out, + size_t *out_padlen, + const unsigned char *in, size_t len) { PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)bctx; POLY1305 *poly = &ctx->poly1305; @@ -126,11 +125,11 @@ static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx, DECLARE_IS_ENDIAN; - buf = storage + ((0 - (size_t)storage) & 15); /* align */ + buf = storage + ((0 - (size_t)storage) & 15); /* align */ ctr = buf + CHACHA_BLK_SIZE; tohash = buf + CHACHA_BLK_SIZE - POLY1305_BLOCK_SIZE; -# ifdef XOR128_HELPERS +#ifdef XOR128_HELPERS if (plen <= 3 * CHACHA_BLK_SIZE) { ctx->chacha.counter[0] = 0; buf_len = (plen + 2 * CHACHA_BLK_SIZE - 1) & (0 - CHACHA_BLK_SIZE); @@ -153,13 +152,13 @@ static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx, tohash_len = (size_t)(ctr - tohash); } } -# else +#else if (plen <= CHACHA_BLK_SIZE) { size_t i; ctx->chacha.counter[0] = 0; ChaCha20_ctr32(buf, zero, (buf_len = 2 * CHACHA_BLK_SIZE), - ctx->chacha.key.d, ctx->chacha.counter); + ctx->chacha.key.d, ctx->chacha.counter); Poly1305_Init(poly, buf); ctx->chacha.partial_len = 0; memcpy(tohash, ctx->tls_aad, POLY1305_BLOCK_SIZE); @@ -187,11 +186,11 @@ static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx, ctr += i + tail; tohash_len += i + tail; } -# endif +#endif else { ctx->chacha.counter[0] = 0; ChaCha20_ctr32(buf, zero, (buf_len = CHACHA_BLK_SIZE), - ctx->chacha.key.d, ctx->chacha.counter); + ctx->chacha.key.d, ctx->chacha.counter); Poly1305_Init(poly, buf); ctx->chacha.counter[0] = 1; ctx->chacha.partial_len = 0; @@ -218,23 +217,23 @@ static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx, if (IS_LITTLE_ENDIAN) { memcpy(ctr, (unsigned char *)&ctx->len, POLY1305_BLOCK_SIZE); } else { - ctr[0] = (unsigned char)(ctx->len.aad); - ctr[1] = (unsigned char)(ctx->len.aad>>8); - ctr[2] = (unsigned char)(ctx->len.aad>>16); - ctr[3] = (unsigned char)(ctx->len.aad>>24); - ctr[4] = (unsigned char)(ctx->len.aad>>32); - ctr[5] = (unsigned char)(ctx->len.aad>>40); - ctr[6] = (unsigned char)(ctx->len.aad>>48); - ctr[7] = (unsigned char)(ctx->len.aad>>56); + ctr[0] = (unsigned char)(ctx->len.aad); + ctr[1] = (unsigned char)(ctx->len.aad >> 8); + ctr[2] = (unsigned char)(ctx->len.aad >> 16); + ctr[3] = (unsigned char)(ctx->len.aad >> 24); + ctr[4] = (unsigned char)(ctx->len.aad >> 32); + ctr[5] = (unsigned char)(ctx->len.aad >> 40); + ctr[6] = (unsigned char)(ctx->len.aad >> 48); + ctr[7] = (unsigned char)(ctx->len.aad >> 56); - ctr[8] = (unsigned char)(ctx->len.text); - ctr[9] = (unsigned char)(ctx->len.text>>8); - ctr[10] = (unsigned char)(ctx->len.text>>16); - ctr[11] = (unsigned char)(ctx->len.text>>24); - ctr[12] = (unsigned char)(ctx->len.text>>32); - ctr[13] = (unsigned char)(ctx->len.text>>40); - ctr[14] = (unsigned char)(ctx->len.text>>48); - ctr[15] = (unsigned char)(ctx->len.text>>56); + ctr[8] = (unsigned char)(ctx->len.text); + ctr[9] = (unsigned char)(ctx->len.text >> 8); + ctr[10] = (unsigned char)(ctx->len.text >> 16); + ctr[11] = (unsigned char)(ctx->len.text >> 24); + ctr[12] = (unsigned char)(ctx->len.text >> 32); + ctr[13] = (unsigned char)(ctx->len.text >> 40); + ctr[14] = (unsigned char)(ctx->len.text >> 48); + ctr[15] = (unsigned char)(ctx->len.text >> 56); } tohash_len += POLY1305_BLOCK_SIZE; @@ -250,7 +249,7 @@ static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx, if (CRYPTO_memcmp(tohash, in, POLY1305_BLOCK_SIZE)) { if (len > POLY1305_BLOCK_SIZE) memset(out - (len - POLY1305_BLOCK_SIZE), 0, - len - POLY1305_BLOCK_SIZE); + len - POLY1305_BLOCK_SIZE); return 0; } /* Strip the tag */ @@ -265,8 +264,8 @@ static const unsigned char zero[CHACHA_BLK_SIZE] = { 0 }; #endif /* OPENSSL_SMALL_FOOTPRINT */ static int chacha20_poly1305_aead_cipher(PROV_CIPHER_CTX *bctx, - unsigned char *out, size_t *outl, - const unsigned char *in, size_t inl) + unsigned char *out, size_t *outl, + const unsigned char *in, size_t inl) { PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)bctx; POLY1305 *poly = &ctx->poly1305; @@ -287,7 +286,7 @@ static int chacha20_poly1305_aead_cipher(PROV_CIPHER_CTX *bctx, ctx->chacha.counter[0] = 0; ChaCha20_ctr32(ctx->chacha.buf, zero, CHACHA_BLK_SIZE, - ctx->chacha.key.d, ctx->chacha.counter); + ctx->chacha.key.d, ctx->chacha.counter); Poly1305_Init(poly, ctx->chacha.buf); ctx->chacha.counter[0] = 1; ctx->chacha.partial_len = 0; @@ -339,7 +338,7 @@ static int chacha20_poly1305_aead_cipher(PROV_CIPHER_CTX *bctx, unsigned char temp[POLY1305_BLOCK_SIZE]; - if (ctx->aad) { /* wrap up aad */ + if (ctx->aad) { /* wrap up aad */ if ((rem = (size_t)ctx->len.aad % POLY1305_BLOCK_SIZE)) Poly1305_Update(poly, zero, POLY1305_BLOCK_SIZE - rem); ctx->aad = 0; @@ -350,24 +349,24 @@ static int chacha20_poly1305_aead_cipher(PROV_CIPHER_CTX *bctx, if (IS_LITTLE_ENDIAN) { Poly1305_Update(poly, (unsigned char *)&ctx->len, - POLY1305_BLOCK_SIZE); + POLY1305_BLOCK_SIZE); } else { - temp[0] = (unsigned char)(ctx->len.aad); - temp[1] = (unsigned char)(ctx->len.aad>>8); - temp[2] = (unsigned char)(ctx->len.aad>>16); - temp[3] = (unsigned char)(ctx->len.aad>>24); - temp[4] = (unsigned char)(ctx->len.aad>>32); - temp[5] = (unsigned char)(ctx->len.aad>>40); - temp[6] = (unsigned char)(ctx->len.aad>>48); - temp[7] = (unsigned char)(ctx->len.aad>>56); - temp[8] = (unsigned char)(ctx->len.text); - temp[9] = (unsigned char)(ctx->len.text>>8); - temp[10] = (unsigned char)(ctx->len.text>>16); - temp[11] = (unsigned char)(ctx->len.text>>24); - temp[12] = (unsigned char)(ctx->len.text>>32); - temp[13] = (unsigned char)(ctx->len.text>>40); - temp[14] = (unsigned char)(ctx->len.text>>48); - temp[15] = (unsigned char)(ctx->len.text>>56); + temp[0] = (unsigned char)(ctx->len.aad); + temp[1] = (unsigned char)(ctx->len.aad >> 8); + temp[2] = (unsigned char)(ctx->len.aad >> 16); + temp[3] = (unsigned char)(ctx->len.aad >> 24); + temp[4] = (unsigned char)(ctx->len.aad >> 32); + temp[5] = (unsigned char)(ctx->len.aad >> 40); + temp[6] = (unsigned char)(ctx->len.aad >> 48); + temp[7] = (unsigned char)(ctx->len.aad >> 56); + temp[8] = (unsigned char)(ctx->len.text); + temp[9] = (unsigned char)(ctx->len.text >> 8); + temp[10] = (unsigned char)(ctx->len.text >> 16); + temp[11] = (unsigned char)(ctx->len.text >> 24); + temp[12] = (unsigned char)(ctx->len.text >> 32); + temp[13] = (unsigned char)(ctx->len.text >> 40); + temp[14] = (unsigned char)(ctx->len.text >> 48); + temp[15] = (unsigned char)(ctx->len.text >> 56); Poly1305_Update(poly, temp, POLY1305_BLOCK_SIZE); } Poly1305_Final(poly, bctx->enc ? ctx->tag : temp); @@ -384,8 +383,7 @@ static int chacha20_poly1305_aead_cipher(PROV_CIPHER_CTX *bctx, /* Strip the tag */ inl -= POLY1305_BLOCK_SIZE; } - } - else if (!bctx->enc) { + } else if (!bctx->enc) { if (CRYPTO_memcmp(temp, ctx->tag, ctx->tag_len)) goto err; } @@ -398,8 +396,7 @@ err: return rv; } -static const PROV_CIPHER_HW_CHACHA20_POLY1305 chacha20poly1305_hw = -{ +static const PROV_CIPHER_HW_CHACHA20_POLY1305 chacha20poly1305_hw = { { chacha20_poly1305_initkey, NULL }, chacha20_poly1305_aead_cipher, chacha20_poly1305_initiv, diff --git a/providers/implementations/ciphers/cipher_cts.c b/providers/implementations/ciphers/cipher_cts.c index 6a596508da69..18c9025d2976 100644 --- a/providers/implementations/ciphers/cipher_cts.c +++ b/providers/implementations/ciphers/cipher_cts.c @@ -68,8 +68,7 @@ typedef struct cts_mode_name2id_st { const char *name; } CTS_MODE_NAME2ID; -static CTS_MODE_NAME2ID cts_modes[] = -{ +static CTS_MODE_NAME2ID cts_modes[] = { { CTS_CS1, OSSL_CIPHER_CTS_MODE_CS1 }, { CTS_CS2, OSSL_CIPHER_CTS_MODE_CS2 }, { CTS_CS3, OSSL_CIPHER_CTS_MODE_CS3 }, @@ -98,7 +97,7 @@ int ossl_cipher_cbc_cts_mode_name2id(const char *name) } static size_t cts128_cs1_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { aligned_16bytes tmp_in; size_t residue; @@ -117,13 +116,13 @@ static size_t cts128_cs1_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, memset(tmp_in.c, 0, sizeof(tmp_in)); memcpy(tmp_in.c, in, residue); if (!ctx->hw->cipher(ctx, out - CTS_BLOCK_SIZE + residue, tmp_in.c, - CTS_BLOCK_SIZE)) + CTS_BLOCK_SIZE)) return 0; return len + residue; } static void do_xor(const unsigned char *in1, const unsigned char *in2, - size_t len, unsigned char *out) + size_t len, unsigned char *out) { size_t i; @@ -132,7 +131,7 @@ static void do_xor(const unsigned char *in1, const unsigned char *in2, } static size_t cts128_cs1_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { aligned_16bytes mid_iv, ct_mid, cn, pt_last; size_t residue; @@ -194,12 +193,12 @@ static size_t cts128_cs1_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, } static size_t cts128_cs3_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { aligned_16bytes tmp_in; size_t residue; - if (len < CTS_BLOCK_SIZE) /* CS3 requires at least one block */ + if (len < CTS_BLOCK_SIZE) /* CS3 requires at least one block */ return 0; /* If we only have one block then just process the aligned block */ @@ -234,7 +233,7 @@ static size_t cts128_cs3_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, * the last two decoded ciphertext blocks. */ static size_t cts128_cs3_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { aligned_16bytes mid_iv, ct_mid, cn, pt_last; size_t residue; @@ -300,7 +299,7 @@ static size_t cts128_cs3_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, } static size_t cts128_cs2_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { if (len % CTS_BLOCK_SIZE == 0) { /* If there are no partial blocks then it is the same as CBC mode */ @@ -313,7 +312,7 @@ static size_t cts128_cs2_encrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, } static size_t cts128_cs2_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len) + unsigned char *out, size_t len) { if (len % CTS_BLOCK_SIZE == 0) { /* If there are no partial blocks then it is the same as CBC mode */ @@ -326,8 +325,8 @@ static size_t cts128_cs2_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, } int ossl_cipher_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) + size_t outsize, const unsigned char *in, + size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; size_t sz = 0; @@ -371,7 +370,7 @@ int ossl_cipher_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *out } int ossl_cipher_cbc_cts_block_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { *outl = 0; return 1; diff --git a/providers/implementations/ciphers/cipher_cts.h b/providers/implementations/ciphers/cipher_cts.h index 9473fbde886c..370365fba750 100644 --- a/providers/implementations/ciphers/cipher_cts.h +++ b/providers/implementations/ciphers/cipher_cts.h @@ -10,40 +10,40 @@ #include "crypto/evp.h" /* NOTE: The underlying block cipher is CBC so we reuse most of the code */ -#define IMPLEMENT_cts_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ -static int alg##_cts_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_cts_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) alg##_cbc_cts_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) alg##_cbc_cts_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void)) ossl_cipher_cbc_cts_block_update }, \ - { OSSL_FUNC_CIPHER_FINAL, \ - (void (*)(void)) ossl_cipher_cbc_cts_block_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_cts_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void)) alg##_cbc_cts_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void)) alg##_cbc_cts_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void)) alg##_cbc_cts_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void)) alg##_cbc_cts_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_cts_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ + static int alg##_cts_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_cts_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))alg##_##kbits##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))alg##_cbc_cts_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))alg##_cbc_cts_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, \ + (void (*)(void))ossl_cipher_cbc_cts_block_update }, \ + { OSSL_FUNC_CIPHER_FINAL, \ + (void (*)(void))ossl_cipher_cbc_cts_block_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_cts_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))alg##_cbc_cts_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))alg##_cbc_cts_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))alg##_cbc_cts_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))alg##_cbc_cts_settable_ctx_params }, \ + { 0, NULL } \ + }; OSSL_FUNC_cipher_update_fn ossl_cipher_cbc_cts_block_update; OSSL_FUNC_cipher_final_fn ossl_cipher_cbc_cts_block_final; diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index b8bd47c7405b..04de0d8760a9 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -29,8 +29,8 @@ static OSSL_FUNC_cipher_get_ctx_params_fn des_get_ctx_params; static OSSL_FUNC_cipher_gettable_ctx_params_fn des_gettable_ctx_params; static void *des_newctx(void *provctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, uint64_t flags, - const PROV_CIPHER_HW *hw) + size_t ivbits, unsigned int mode, uint64_t flags, + const PROV_CIPHER_HW *hw) { PROV_DES_CTX *ctx; @@ -40,7 +40,7 @@ static void *des_newctx(void *provctx, size_t kbits, size_t blkbits, ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, - hw, provctx); + hw, provctx); return ctx; } @@ -67,12 +67,12 @@ static void des_freectx(void *vctx) PROV_DES_CTX *ctx = (PROV_DES_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static int des_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -104,15 +104,15 @@ static int des_init(void *vctx, const unsigned char *key, size_t keylen, } static int des_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return des_init(vctx, key, keylen, iv, ivlen, params, 1); } static int des_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return des_init(vctx, key, keylen, iv, ivlen, params, 0); } @@ -130,12 +130,12 @@ static int des_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) } CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(des) - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0), -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(des) +OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0), + CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(des) -static int des_get_ctx_params(void *vctx, OSSL_PARAM params[]) + static int des_get_ctx_params(void *vctx, OSSL_PARAM params[]) { - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; + PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; OSSL_PARAM *p; if (!ossl_cipher_generic_get_ctx_params(vctx, params)) @@ -149,45 +149,45 @@ static int des_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 1; } -#define IMPLEMENT_des_cipher(type, lcmode, UCMODE, flags, \ - kbits, blkbits, ivbits, block) \ -static OSSL_FUNC_cipher_newctx_fn type##_##lcmode##_newctx; \ -static void *des_##lcmode##_newctx(void *provctx) \ -{ \ - return des_newctx(provctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags, \ - ossl_prov_cipher_hw_des_##lcmode()); \ -} \ -static OSSL_FUNC_cipher_get_params_fn des_##lcmode##_get_params; \ -static int des_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -const OSSL_DISPATCH ossl_##des_##lcmode##_functions[] = { \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))des_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))des_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void))ossl_cipher_generic_##block##_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##block##_final },\ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void))des_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))des_dupctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))des_freectx }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void))des_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))des_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))des_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ - { 0, NULL } \ -} +#define IMPLEMENT_des_cipher(type, lcmode, UCMODE, flags, \ + kbits, blkbits, ivbits, block) \ + static OSSL_FUNC_cipher_newctx_fn type##_##lcmode##_newctx; \ + static void *des_##lcmode##_newctx(void *provctx) \ + { \ + return des_newctx(provctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ + ossl_prov_cipher_hw_des_##lcmode()); \ + } \ + static OSSL_FUNC_cipher_get_params_fn des_##lcmode##_get_params; \ + static int des_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + const OSSL_DISPATCH ossl_##des_##lcmode##_functions[] = { \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))des_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))des_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, \ + (void (*)(void))ossl_cipher_generic_##block##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##block##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))des_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))des_dupctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))des_freectx }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))des_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))des_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))des_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ + { 0, NULL } \ + } /* ossl_des_ecb_functions */ IMPLEMENT_des_cipher(des, ecb, ECB, DES_FLAGS, 64, 64, 0, block); diff --git a/providers/implementations/ciphers/cipher_des.h b/providers/implementations/ciphers/cipher_des.h index ad10f63d8b16..9fd72f00688c 100644 --- a/providers/implementations/ciphers/cipher_des.h +++ b/providers/implementations/ciphers/cipher_des.h @@ -13,14 +13,14 @@ #define TDES_FLAGS 0 typedef struct prov_des_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; DES_key_schedule ks; } dks; union { - void (*cbc) (const void *, void *, size_t, - const DES_key_schedule *, unsigned char *); + void (*cbc)(const void *, void *, size_t, + const DES_key_schedule *, unsigned char *); } dstream; } PROV_DES_CTX; diff --git a/providers/implementations/ciphers/cipher_des_hw.c b/providers/implementations/ciphers/cipher_des_hw.c index a77fcc681a4a..e2c3863b805d 100644 --- a/providers/implementations/ciphers/cipher_des_hw.c +++ b/providers/implementations/ciphers/cipher_des_hw.c @@ -17,7 +17,7 @@ #include "cipher_des.h" static int cipher_hw_des_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_DES_CTX *dctx = (PROV_DES_CTX *)ctx; DES_cblock *deskey = (DES_cblock *)key; @@ -28,8 +28,7 @@ static int cipher_hw_des_initkey(PROV_CIPHER_CTX *ctx, if (SPARC_DES_CAPABLE) { if (ctx->mode == EVP_CIPH_CBC_MODE) { des_t4_key_expand(&deskey[0], ks); - dctx->dstream.cbc = ctx->enc ? des_t4_cbc_encrypt : - des_t4_cbc_decrypt; + dctx->dstream.cbc = ctx->enc ? des_t4_cbc_encrypt : des_t4_cbc_decrypt; return 1; } } @@ -39,7 +38,7 @@ static int cipher_hw_des_initkey(PROV_CIPHER_CTX *ctx, } static void cipher_hw_des_copyctx(PROV_CIPHER_CTX *dst, - const PROV_CIPHER_CTX *src) + const PROV_CIPHER_CTX *src) { PROV_DES_CTX *sctx = (PROV_DES_CTX *)src; PROV_DES_CTX *dctx = (PROV_DES_CTX *)dst; @@ -49,7 +48,7 @@ static void cipher_hw_des_copyctx(PROV_CIPHER_CTX *dst, } static int cipher_hw_des_ecb_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { size_t i, bl = ctx->blocksize; DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks); @@ -58,36 +57,36 @@ static int cipher_hw_des_ecb_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, return 1; for (i = 0, len -= bl; i <= len; i += bl) DES_ecb_encrypt((const_DES_cblock *)(in + i), - (const_DES_cblock *)(out + i), key, ctx->enc); + (const_DES_cblock *)(out + i), key, ctx->enc); return 1; } static int cipher_hw_des_cbc_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { PROV_DES_CTX *dctx = (PROV_DES_CTX *)ctx; DES_key_schedule *key = &(dctx->dks.ks); if (dctx->dstream.cbc != NULL) { - (*dctx->dstream.cbc) (in, out, len, key, ctx->iv); + (*dctx->dstream.cbc)(in, out, len, key, ctx->iv); return 1; } while (len >= MAXCHUNK) { DES_ncbc_encrypt(in, out, MAXCHUNK, key, (DES_cblock *)ctx->iv, - ctx->enc); + ctx->enc); len -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (len > 0) DES_ncbc_encrypt(in, out, (long)len, key, (DES_cblock *)ctx->iv, - ctx->enc); + ctx->enc); return 1; } static int cipher_hw_des_ofb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { int num = ctx->num; DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks); @@ -106,7 +105,7 @@ static int cipher_hw_des_ofb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, } static int cipher_hw_des_cfb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { size_t chunk = MAXCHUNK; DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks); @@ -116,7 +115,7 @@ static int cipher_hw_des_cfb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, chunk = len; while (len > 0 && len >= chunk) { DES_cfb64_encrypt(in, out, (long)chunk, key, (DES_cblock *)ctx->iv, - &num, ctx->enc); + &num, ctx->enc); len -= chunk; in += chunk; out += chunk; @@ -132,7 +131,7 @@ static int cipher_hw_des_cfb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, * way, so wrap it here */ static int cipher_hw_des_cfb1_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { size_t n, chunk = MAXCHUNK / 8; DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks); @@ -145,9 +144,7 @@ static int cipher_hw_des_cfb1_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, for (n = 0; n < chunk * 8; ++n) { c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; DES_cfb_encrypt(c, d, 1, 1, key, (DES_cblock *)ctx->iv, ctx->enc); - out[n / 8] = - (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | - ((d[0] & 0x80) >> (unsigned int)(n % 8)); + out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | ((d[0] & 0x80) >> (unsigned int)(n % 8)); } inl -= chunk; in += chunk; @@ -160,37 +157,37 @@ static int cipher_hw_des_cfb1_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, } static int cipher_hw_des_cfb8_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks); while (inl >= MAXCHUNK) { DES_cfb_encrypt(in, out, 8, (long)MAXCHUNK, key, - (DES_cblock *)ctx->iv, ctx->enc); + (DES_cblock *)ctx->iv, ctx->enc); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) DES_cfb_encrypt(in, out, 8, (long)inl, key, - (DES_cblock *)ctx->iv, ctx->enc); + (DES_cblock *)ctx->iv, ctx->enc); return 1; } -#define PROV_CIPHER_HW_des_mode(mode) \ -static const PROV_CIPHER_HW des_##mode = { \ - cipher_hw_des_initkey, \ - cipher_hw_des_##mode##_cipher, \ - cipher_hw_des_copyctx \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_des_##mode(void) \ -{ \ - return &des_##mode; \ -} +#define PROV_CIPHER_HW_des_mode(mode) \ + static const PROV_CIPHER_HW des_##mode = { \ + cipher_hw_des_initkey, \ + cipher_hw_des_##mode##_cipher, \ + cipher_hw_des_copyctx \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_des_##mode(void) \ + { \ + return &des_##mode; \ + } PROV_CIPHER_HW_des_mode(ecb) -PROV_CIPHER_HW_des_mode(cbc) -PROV_CIPHER_HW_des_mode(ofb64) -PROV_CIPHER_HW_des_mode(cfb64) -PROV_CIPHER_HW_des_mode(cfb1) -PROV_CIPHER_HW_des_mode(cfb8) + PROV_CIPHER_HW_des_mode(cbc) + PROV_CIPHER_HW_des_mode(ofb64) + PROV_CIPHER_HW_des_mode(cfb64) + PROV_CIPHER_HW_des_mode(cfb1) + PROV_CIPHER_HW_des_mode(cfb8) diff --git a/providers/implementations/ciphers/cipher_desx.c b/providers/implementations/ciphers/cipher_desx.c index 41596554435e..733d6364e90e 100644 --- a/providers/implementations/ciphers/cipher_desx.c +++ b/providers/implementations/ciphers/cipher_desx.c @@ -17,5 +17,4 @@ #include "prov/implementations.h" /* desx_cbc_functions */ -IMPLEMENT_tdes_cipher(desx, DESX, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block); - +IMPLEMENT_tdes_cipher(desx, DESX, cbc, CBC, TDES_FLAGS, 64 * 3, 64, 64, block); diff --git a/providers/implementations/ciphers/cipher_desx_hw.c b/providers/implementations/ciphers/cipher_desx_hw.c index 7dc4c50ef55a..7cdb1fdea8e5 100644 --- a/providers/implementations/ciphers/cipher_desx_hw.c +++ b/providers/implementations/ciphers/cipher_desx_hw.c @@ -25,7 +25,7 @@ #define ks3 tks.ks[2].ks[0].cblock static int cipher_hw_desx_cbc_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; DES_cblock *deskey = (DES_cblock *)key; @@ -38,7 +38,7 @@ static int cipher_hw_desx_cbc_initkey(PROV_CIPHER_CTX *ctx, } static void cipher_hw_desx_copyctx(PROV_CIPHER_CTX *dst, - const PROV_CIPHER_CTX *src) + const PROV_CIPHER_CTX *src) { PROV_TDES_CTX *sctx = (PROV_TDES_CTX *)src; PROV_TDES_CTX *dctx = (PROV_TDES_CTX *)dst; @@ -48,27 +48,26 @@ static void cipher_hw_desx_copyctx(PROV_CIPHER_CTX *dst, } static int cipher_hw_desx_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; while (inl >= MAXCHUNK) { DES_xcbc_encrypt(in, out, (long)MAXCHUNK, &tctx->ks1, - (DES_cblock *)ctx->iv, &tctx->ks2, &tctx->ks3, - ctx->enc); + (DES_cblock *)ctx->iv, &tctx->ks2, &tctx->ks3, + ctx->enc); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) DES_xcbc_encrypt(in, out, (long)inl, &tctx->ks1, - (DES_cblock *)ctx->iv, &tctx->ks2, &tctx->ks3, - ctx->enc); + (DES_cblock *)ctx->iv, &tctx->ks2, &tctx->ks3, + ctx->enc); return 1; } -static const PROV_CIPHER_HW desx_cbc = -{ +static const PROV_CIPHER_HW desx_cbc = { cipher_hw_desx_cbc_initkey, cipher_hw_desx_cbc, cipher_hw_desx_copyctx diff --git a/providers/implementations/ciphers/cipher_idea.c b/providers/implementations/ciphers/cipher_idea.c index bc716290a48a..9824f01447ec 100644 --- a/providers/implementations/ciphers/cipher_idea.c +++ b/providers/implementations/ciphers/cipher_idea.c @@ -28,7 +28,7 @@ static void idea_freectx(void *vctx) PROV_IDEA_CTX *ctx = (PROV_IDEA_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *idea_dupctx(void *ctx) @@ -56,4 +56,4 @@ IMPLEMENT_generic_cipher(idea, IDEA, cbc, CBC, 0, 128, 64, 64, block) /* ossl_idea128ofb64_functions */ IMPLEMENT_generic_cipher(idea, IDEA, ofb64, OFB, 0, 128, 8, 64, stream) /* ossl_idea128cfb64_functions */ -IMPLEMENT_generic_cipher(idea, IDEA, cfb64, CFB, 0, 128, 8, 64, stream) +IMPLEMENT_generic_cipher(idea, IDEA, cfb64, CFB, 0, 128, 8, 64, stream) diff --git a/providers/implementations/ciphers/cipher_idea.h b/providers/implementations/ciphers/cipher_idea.h index 212efa8af575..44f9571ff370 100644 --- a/providers/implementations/ciphers/cipher_idea.h +++ b/providers/implementations/ciphers/cipher_idea.h @@ -11,7 +11,7 @@ #include "prov/ciphercommon.h" typedef struct prov_idea_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; IDEA_KEY_SCHEDULE ks; diff --git a/providers/implementations/ciphers/cipher_idea_hw.c b/providers/implementations/ciphers/cipher_idea_hw.c index 1c451b77edc4..0107397c53fc 100644 --- a/providers/implementations/ciphers/cipher_idea_hw.c +++ b/providers/implementations/ciphers/cipher_idea_hw.c @@ -17,14 +17,14 @@ #include "cipher_idea.h" static int cipher_hw_idea_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_IDEA_CTX *ictx = (PROV_IDEA_CTX *)ctx; + PROV_IDEA_CTX *ictx = (PROV_IDEA_CTX *)ctx; IDEA_KEY_SCHEDULE *ks = &(ictx->ks.ks); if (ctx->enc - || ctx->mode == EVP_CIPH_OFB_MODE - || ctx->mode == EVP_CIPH_CFB_MODE) { + || ctx->mode == EVP_CIPH_OFB_MODE + || ctx->mode == EVP_CIPH_CFB_MODE) { IDEA_set_encrypt_key(key, ks); } else { IDEA_KEY_SCHEDULE tmp; @@ -36,28 +36,28 @@ static int cipher_hw_idea_initkey(PROV_CIPHER_CTX *ctx, return 1; } -# define PROV_CIPHER_HW_idea_mode_ex(mode, UCMODE, fname) \ -IMPLEMENT_CIPHER_HW_##UCMODE(mode, idea, PROV_IDEA_CTX, IDEA_KEY_SCHEDULE, \ - fname) \ -static const PROV_CIPHER_HW idea_##mode = { \ - cipher_hw_idea_initkey, \ - cipher_hw_idea_##mode##_cipher \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_idea_##mode(size_t keybits) \ -{ \ - return &idea_##mode; \ -} +#define PROV_CIPHER_HW_idea_mode_ex(mode, UCMODE, fname) \ + IMPLEMENT_CIPHER_HW_##UCMODE(mode, idea, PROV_IDEA_CTX, IDEA_KEY_SCHEDULE, \ + fname) static const PROV_CIPHER_HW idea_##mode \ + = { \ + cipher_hw_idea_initkey, \ + cipher_hw_idea_##mode##_cipher \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_idea_##mode(size_t keybits) \ + { \ + return &idea_##mode; \ + } -# define PROV_CIPHER_HW_idea_mode(mode, UCMODE) \ +#define PROV_CIPHER_HW_idea_mode(mode, UCMODE) \ PROV_CIPHER_HW_idea_mode_ex(mode, UCMODE, IDEA_##mode) PROV_CIPHER_HW_idea_mode(cbc, CBC) -PROV_CIPHER_HW_idea_mode(ofb64, OFB) -PROV_CIPHER_HW_idea_mode(cfb64, CFB) + PROV_CIPHER_HW_idea_mode(ofb64, OFB) + PROV_CIPHER_HW_idea_mode(cfb64, CFB) /* * IDEA_ecb_encrypt() does not have a enc parameter - so we create a macro * that ignores this parameter when IMPLEMENT_CIPHER_HW_ecb() is called. */ #define IDEA2_ecb_encrypt(in, out, ks, enc) IDEA_ecb_encrypt(in, out, ks) -PROV_CIPHER_HW_idea_mode_ex(ecb, ECB, IDEA2_ecb) + PROV_CIPHER_HW_idea_mode_ex(ecb, ECB, IDEA2_ecb) diff --git a/providers/implementations/ciphers/cipher_null.c b/providers/implementations/ciphers/cipher_null.c index 0df97a7f8bc3..b69df775468c 100644 --- a/providers/implementations/ciphers/cipher_null.c +++ b/providers/implementations/ciphers/cipher_null.c @@ -38,8 +38,8 @@ static void null_freectx(void *vctx) static OSSL_FUNC_cipher_encrypt_init_fn null_einit; static int null_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { PROV_CIPHER_NULL_CTX *ctx = (PROV_CIPHER_NULL_CTX *)vctx; @@ -52,8 +52,8 @@ static int null_einit(void *vctx, const unsigned char *key, size_t keylen, static OSSL_FUNC_cipher_decrypt_init_fn null_dinit; static int null_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_prov_is_running()) return 0; @@ -63,7 +63,7 @@ static int null_dinit(void *vctx, const unsigned char *key, size_t keylen, static OSSL_FUNC_cipher_cipher_fn null_cipher; static int null_cipher(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, size_t inl) + size_t outsize, const unsigned char *in, size_t inl) { PROV_CIPHER_NULL_CTX *ctx = (PROV_CIPHER_NULL_CTX *)vctx; @@ -90,7 +90,7 @@ static int null_cipher(void *vctx, unsigned char *out, size_t *outl, static OSSL_FUNC_cipher_final_fn null_final; static int null_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { if (!ossl_prov_is_running()) return 0; @@ -114,7 +114,7 @@ static const OSSL_PARAM null_known_gettable_ctx_params[] = { static OSSL_FUNC_cipher_gettable_ctx_params_fn null_gettable_ctx_params; static const OSSL_PARAM *null_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return null_known_gettable_ctx_params; } @@ -151,12 +151,11 @@ static const OSSL_PARAM null_known_settable_ctx_params[] = { static OSSL_FUNC_cipher_settable_ctx_params_fn null_settable_ctx_params; static const OSSL_PARAM *null_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return null_known_settable_ctx_params; } - static OSSL_FUNC_cipher_set_ctx_params_fn null_set_ctx_params; static int null_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { @@ -176,22 +175,22 @@ static int null_set_ctx_params(void *vctx, const OSSL_PARAM params[]) const OSSL_DISPATCH ossl_null_functions[] = { { OSSL_FUNC_CIPHER_NEWCTX, - (void (*)(void)) null_newctx }, - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) null_freectx }, - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) null_newctx }, + (void (*)(void))null_newctx }, + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))null_freectx }, + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))null_newctx }, { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))null_einit }, { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))null_dinit }, { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))null_cipher }, { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))null_final }, { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))null_cipher }, - { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void)) null_get_params }, + { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))null_get_params }, { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, (void (*)(void))ossl_cipher_generic_gettable_params }, { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))null_get_ctx_params }, { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, - (void (*)(void))null_gettable_ctx_params }, + (void (*)(void))null_gettable_ctx_params }, { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, (void (*)(void))null_set_ctx_params }, { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, - (void (*)(void))null_settable_ctx_params }, + (void (*)(void))null_settable_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/ciphers/cipher_rc2.c b/providers/implementations/ciphers/cipher_rc2.c index 106f47e8667a..4f406c5eb88d 100644 --- a/providers/implementations/ciphers/cipher_rc2.c +++ b/providers/implementations/ciphers/cipher_rc2.c @@ -20,10 +20,10 @@ #include "prov/implementations.h" #include "prov/providercommon.h" -#define RC2_40_MAGIC 0xa0 -#define RC2_64_MAGIC 0x78 -#define RC2_128_MAGIC 0x3a -#define RC2_FLAGS PROV_CIPHER_FLAG_VARIABLE_LENGTH +#define RC2_40_MAGIC 0xa0 +#define RC2_64_MAGIC 0x78 +#define RC2_128_MAGIC 0x3a +#define RC2_FLAGS PROV_CIPHER_FLAG_VARIABLE_LENGTH static OSSL_FUNC_cipher_encrypt_init_fn rc2_einit; static OSSL_FUNC_cipher_decrypt_init_fn rc2_dinit; @@ -38,7 +38,7 @@ static void rc2_freectx(void *vctx) PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *rc2_dupctx(void *ctx) @@ -88,8 +88,8 @@ static int rc2_magic_to_keybits(int magic) } static int rc2_einit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -97,8 +97,8 @@ static int rc2_einit(void *ctx, const unsigned char *key, size_t keylen, } static int rc2_dinit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -137,7 +137,7 @@ static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) /* Is this the original IV or the running IV? */ num = rc2_keybits_to_magic(ctx->key_bits); if (!ASN1_TYPE_set_int_octetstring(type, num, - ctx->base.iv, ctx->base.ivlen)) { + ctx->base.iv, ctx->base.ivlen)) { ASN1_TYPE_free(type); ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return 0; @@ -171,7 +171,7 @@ static int rc2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_RC2_KEYBITS); if (p != NULL) { - if (!OSSL_PARAM_get_size_t(p, &ctx->key_bits)) { + if (!OSSL_PARAM_get_size_t(p, &ctx->key_bits)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } @@ -188,7 +188,7 @@ static int rc2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) || ctx->base.ivlen > sizeof(iv) || (type = d2i_ASN1_TYPE(NULL, &d, p->data_size)) == NULL || ((size_t)ASN1_TYPE_get_int_octetstring(type, &num, iv, - ctx->base.ivlen) + ctx->base.ivlen) != ctx->base.ivlen) || !ossl_cipher_generic_initiv(&ctx->base, iv, ctx->base.ivlen) || (ctx->key_bits = rc2_magic_to_keybits(num)) == 0) { @@ -210,66 +210,66 @@ static int rc2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(rc2) OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL), -OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0), -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc2) + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0), + CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc2) -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc2) -OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), -OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL), -OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc2) + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc2) + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0), + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc2) -#define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, blkbits, \ - ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ -static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ -static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ -{ \ - PROV_##UCALG##_CTX *ctx; \ - if (!ossl_prov_is_running()) \ - return NULL; \ - ctx = OPENSSL_zalloc(sizeof(*ctx)); \ - if (ctx != NULL) { \ - ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags, \ - ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ - NULL); \ - ctx->key_bits = kbits; \ - } \ - return ctx; \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc2_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc2_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))rc2_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))rc2_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))rc2_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))rc2_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, blkbits, \ + ivbits, typ) \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ + static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ + static void *alg##_##kbits##_##lcmode##_newctx(void *provctx) \ + { \ + PROV_##UCALG##_CTX *ctx; \ + if (!ossl_prov_is_running()) \ + return NULL; \ + ctx = OPENSSL_zalloc(sizeof(*ctx)); \ + if (ctx != NULL) { \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ + ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ + NULL); \ + ctx->key_bits = kbits; \ + } \ + return ctx; \ + } \ + const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))alg##_##kbits##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc2_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc2_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))rc2_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))rc2_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))rc2_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))rc2_settable_ctx_params }, \ + { 0, NULL } \ + }; -/* ossl_rc2128ecb_functions */ -IMPLEMENT_cipher(rc2, RC2, ecb, ECB, RC2_FLAGS, 128, 64, 0, block) + /* ossl_rc2128ecb_functions */ + IMPLEMENT_cipher(rc2, RC2, ecb, ECB, RC2_FLAGS, 128, 64, 0, block) /* ossl_rc2128cbc_functions */ IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 128, 64, 64, block) /* ossl_rc240cbc_functions */ diff --git a/providers/implementations/ciphers/cipher_rc2.h b/providers/implementations/ciphers/cipher_rc2.h index 7a4bea5ac404..bfb1d45495dc 100644 --- a/providers/implementations/ciphers/cipher_rc2.h +++ b/providers/implementations/ciphers/cipher_rc2.h @@ -11,7 +11,7 @@ #include "prov/ciphercommon.h" typedef struct prov_rc2_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; RC2_KEY ks; diff --git a/providers/implementations/ciphers/cipher_rc2_hw.c b/providers/implementations/ciphers/cipher_rc2_hw.c index da9ff729cda0..c5abe3904142 100644 --- a/providers/implementations/ciphers/cipher_rc2_hw.c +++ b/providers/implementations/ciphers/cipher_rc2_hw.c @@ -16,28 +16,28 @@ #include "cipher_rc2.h" static int cipher_hw_rc2_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_RC2_CTX *rctx = (PROV_RC2_CTX *)ctx; + PROV_RC2_CTX *rctx = (PROV_RC2_CTX *)ctx; RC2_KEY *ks = &(rctx->ks.ks); RC2_set_key(ks, (int)ctx->keylen, key, (int)rctx->key_bits); return 1; } -# define PROV_CIPHER_HW_rc2_mode(mode, UCMODE) \ -IMPLEMENT_CIPHER_HW_##UCMODE(mode, rc2, PROV_RC2_CTX, RC2_KEY, \ - RC2_##mode) \ -static const PROV_CIPHER_HW rc2_##mode = { \ - cipher_hw_rc2_initkey, \ - cipher_hw_rc2_##mode##_cipher \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc2_##mode(size_t keybits) \ -{ \ - return &rc2_##mode; \ -} +#define PROV_CIPHER_HW_rc2_mode(mode, UCMODE) \ + IMPLEMENT_CIPHER_HW_##UCMODE(mode, rc2, PROV_RC2_CTX, RC2_KEY, \ + RC2_##mode) static const PROV_CIPHER_HW rc2_##mode \ + = { \ + cipher_hw_rc2_initkey, \ + cipher_hw_rc2_##mode##_cipher \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc2_##mode(size_t keybits) \ + { \ + return &rc2_##mode; \ + } PROV_CIPHER_HW_rc2_mode(cbc, CBC) -PROV_CIPHER_HW_rc2_mode(ecb, ECB) -PROV_CIPHER_HW_rc2_mode(ofb64, OFB) -PROV_CIPHER_HW_rc2_mode(cfb64, CFB) + PROV_CIPHER_HW_rc2_mode(ecb, ECB) + PROV_CIPHER_HW_rc2_mode(ofb64, OFB) + PROV_CIPHER_HW_rc2_mode(cfb64, CFB) diff --git a/providers/implementations/ciphers/cipher_rc4.c b/providers/implementations/ciphers/cipher_rc4.c index a548beafaf5f..bb44854f6ea2 100644 --- a/providers/implementations/ciphers/cipher_rc4.c +++ b/providers/implementations/ciphers/cipher_rc4.c @@ -31,7 +31,7 @@ static void rc4_freectx(void *vctx) PROV_RC4_CTX *ctx = (PROV_RC4_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *rc4_dupctx(void *ctx) @@ -53,8 +53,8 @@ static void *rc4_dupctx(void *ctx) } static int rc4_einit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -62,58 +62,58 @@ static int rc4_einit(void *ctx, const unsigned char *key, size_t keylen, } static int rc4_dinit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL)) return 0; return ossl_cipher_var_keylen_set_ctx_params(ctx, params); } -#define IMPLEMENT_cipher(alg, UCALG, flags, kbits, blkbits, ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_get_params; \ -static int alg##_##kbits##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, 0, flags, \ - kbits, blkbits, ivbits); \ -} \ -static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_newctx; \ -static void * alg##_##kbits##_newctx(void *provctx) \ -{ \ - PROV_##UCALG##_CTX *ctx; \ - if (!ossl_prov_is_running()) \ - return NULL; \ - ctx = OPENSSL_zalloc(sizeof(*ctx)); \ - if (ctx != NULL) { \ - ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, 0, flags, \ - ossl_prov_cipher_hw_##alg(kbits), NULL); \ - } \ - return ctx; \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc4_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc4_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_get_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_var_keylen_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_var_keylen_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_cipher(alg, UCALG, flags, kbits, blkbits, ivbits, typ) \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_get_params; \ + static int alg##_##kbits##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, 0, flags, \ + kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_newctx; \ + static void *alg##_##kbits##_newctx(void *provctx) \ + { \ + PROV_##UCALG##_CTX *ctx; \ + if (!ossl_prov_is_running()) \ + return NULL; \ + ctx = OPENSSL_zalloc(sizeof(*ctx)); \ + if (ctx != NULL) { \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, 0, flags, \ + ossl_prov_cipher_hw_##alg(kbits), NULL); \ + } \ + return ctx; \ + } \ + const OSSL_DISPATCH ossl_##alg##kbits##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))alg##_##kbits##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc4_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc4_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_get_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_var_keylen_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_var_keylen_settable_ctx_params }, \ + { 0, NULL } \ + }; /* ossl_rc440_functions */ IMPLEMENT_cipher(rc4, RC4, RC4_FLAGS, 40, 8, 0, stream) diff --git a/providers/implementations/ciphers/cipher_rc4.h b/providers/implementations/ciphers/cipher_rc4.h index 40d822ceb2ef..8bb6f226523f 100644 --- a/providers/implementations/ciphers/cipher_rc4.h +++ b/providers/implementations/ciphers/cipher_rc4.h @@ -11,7 +11,7 @@ #include "prov/ciphercommon.h" typedef struct prov_rc4_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; RC4_KEY ks; diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c index c1325c12c2aa..0adc4314ea98 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c @@ -20,8 +20,8 @@ #include "prov/implementations.h" #include "prov/providercommon.h" -#define RC4_HMAC_MD5_FLAGS (PROV_CIPHER_FLAG_VARIABLE_LENGTH \ - | PROV_CIPHER_FLAG_AEAD) +#define RC4_HMAC_MD5_FLAGS (PROV_CIPHER_FLAG_VARIABLE_LENGTH \ + | PROV_CIPHER_FLAG_AEAD) #define RC4_HMAC_MD5_KEY_BITS (16 * 8) #define RC4_HMAC_MD5_BLOCK_BITS (1 * 8) @@ -55,13 +55,13 @@ static void *rc4_hmac_md5_newctx(void *provctx) ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) ossl_cipher_generic_initkey(ctx, RC4_HMAC_MD5_KEY_BITS, - RC4_HMAC_MD5_BLOCK_BITS, - RC4_HMAC_MD5_IV_BITS, - RC4_HMAC_MD5_MODE, RC4_HMAC_MD5_FLAGS, - ossl_prov_cipher_hw_rc4_hmac_md5( - RC4_HMAC_MD5_KEY_BITS - ), NULL); - return ctx; + RC4_HMAC_MD5_BLOCK_BITS, + RC4_HMAC_MD5_IV_BITS, + RC4_HMAC_MD5_MODE, RC4_HMAC_MD5_FLAGS, + ossl_prov_cipher_hw_rc4_hmac_md5( + RC4_HMAC_MD5_KEY_BITS), + NULL); + return ctx; } static void rc4_hmac_md5_freectx(void *vctx) @@ -69,7 +69,7 @@ static void rc4_hmac_md5_freectx(void *vctx) PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *rc4_hmac_md5_dupctx(void *vctx) @@ -82,8 +82,8 @@ static void *rc4_hmac_md5_dupctx(void *vctx) } static int rc4_hmac_md5_einit(void *ctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[]) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[]) { if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -91,8 +91,8 @@ static int rc4_hmac_md5_einit(void *ctx, const unsigned char *key, } static int rc4_hmac_md5_dinit(void *ctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[]) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[]) { if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -106,7 +106,7 @@ static const OSSL_PARAM rc4_hmac_md5_known_gettable_ctx_params[] = { OSSL_PARAM_END }; const OSSL_PARAM *rc4_hmac_md5_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return rc4_hmac_md5_known_gettable_ctx_params; } @@ -142,7 +142,7 @@ static const OSSL_PARAM rc4_hmac_md5_known_settable_ctx_params[] = { OSSL_PARAM_END }; const OSSL_PARAM *rc4_hmac_md5_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return rc4_hmac_md5_known_settable_ctx_params; } @@ -215,10 +215,10 @@ static int rc4_hmac_md5_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static int rc4_hmac_md5_get_params(OSSL_PARAM params[]) { return ossl_cipher_generic_get_params(params, RC4_HMAC_MD5_MODE, - RC4_HMAC_MD5_FLAGS, - RC4_HMAC_MD5_KEY_BITS, - RC4_HMAC_MD5_BLOCK_BITS, - RC4_HMAC_MD5_IV_BITS); + RC4_HMAC_MD5_FLAGS, + RC4_HMAC_MD5_KEY_BITS, + RC4_HMAC_MD5_BLOCK_BITS, + RC4_HMAC_MD5_IV_BITS); } const OSSL_DISPATCH ossl_rc4_hmac_ossl_md5_functions[] = { diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.h b/providers/implementations/ciphers/cipher_rc4_hmac_md5.h index 4a1d154a7ceb..87fa8e060db8 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.h +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.h @@ -12,7 +12,7 @@ #include "prov/ciphercommon.h" typedef struct prov_rc4_hmac_md5_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; RC4_KEY ks; @@ -26,11 +26,11 @@ typedef struct prov_cipher_hw_rc4_hmac_md5_st { PROV_CIPHER_HW base; /* Must be first */ int (*tls_init)(PROV_CIPHER_CTX *ctx, unsigned char *aad, size_t aad_len); void (*init_mackey)(PROV_CIPHER_CTX *ctx, const unsigned char *key, - size_t len); + size_t len); } PROV_CIPHER_HW_RC4_HMAC_MD5; const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc4_hmac_md5(size_t keybits); void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out, - MD5_CTX *ctx, const void *inp, size_t blocks); + MD5_CTX *ctx, const void *inp, size_t blocks); diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c index 8cce02b1c5af..9bdb20667922 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5_hw.c @@ -19,26 +19,26 @@ #define NO_PAYLOAD_LENGTH ((size_t)-1) -#if defined(RC4_ASM) \ - && defined(MD5_ASM) \ - && (defined(__x86_64) \ - || defined(__x86_64__) \ - || defined(_M_AMD64) \ +#if defined(RC4_ASM) \ + && defined(MD5_ASM) \ + && (defined(__x86_64) \ + || defined(__x86_64__) \ + || defined(_M_AMD64) \ || defined(_M_X64)) -# define STITCHED_CALL -# define MOD 32 /* 32 is $MOD from rc4_md5-x86_64.pl */ +#define STITCHED_CALL +#define MOD 32 /* 32 is $MOD from rc4_md5-x86_64.pl */ #else -# define rc4_off 0 -# define md5_off 0 +#define rc4_off 0 +#define md5_off 0 #endif static int cipher_hw_rc4_hmac_md5_initkey(PROV_CIPHER_CTX *bctx, - const uint8_t *key, size_t keylen) + const uint8_t *key, size_t keylen) { PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)bctx; RC4_set_key(&ctx->ks.ks, keylen, key); - MD5_Init(&ctx->head); /* handy when benchmarking */ + MD5_Init(&ctx->head); /* handy when benchmarking */ ctx->tail = ctx->head; ctx->md = ctx->head; ctx->payload_length = NO_PAYLOAD_LENGTH; @@ -47,8 +47,8 @@ static int cipher_hw_rc4_hmac_md5_initkey(PROV_CIPHER_CTX *bctx, } static int cipher_hw_rc4_hmac_md5_cipher(PROV_CIPHER_CTX *bctx, - unsigned char *out, - const unsigned char *in, size_t len) + unsigned char *out, + const unsigned char *in, size_t len) { PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)bctx; RC4_KEY *ks = &ctx->ks.ks; @@ -72,13 +72,13 @@ static int cipher_hw_rc4_hmac_md5_cipher(PROV_CIPHER_CTX *bctx, md5_off += MD5_CBLOCK; if (plen > md5_off - && (blocks = (plen - md5_off) / MD5_CBLOCK) - && (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) { + && (blocks = (plen - md5_off) / MD5_CBLOCK) + && (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) { MD5_Update(&ctx->md, in, md5_off); RC4(ks, rc4_off, in, out); rc4_md5_enc(ks, in + rc4_off, out + rc4_off, - &ctx->md, in + md5_off, blocks); + &ctx->md, in + md5_off, blocks); blocks *= MD5_CBLOCK; rc4_off += blocks; md5_off += blocks; @@ -93,7 +93,7 @@ static int cipher_hw_rc4_hmac_md5_cipher(PROV_CIPHER_CTX *bctx, #endif MD5_Update(&ctx->md, in + md5_off, plen - md5_off); - if (plen != len) { /* "TLS" mode of operation */ + if (plen != len) { /* "TLS" mode of operation */ if (in != out) memcpy(out + rc4_off, in + rc4_off, plen - rc4_off); @@ -118,13 +118,13 @@ static int cipher_hw_rc4_hmac_md5_cipher(PROV_CIPHER_CTX *bctx, rc4_off += MD5_CBLOCK; if (len > rc4_off - && (blocks = (len - rc4_off) / MD5_CBLOCK) - && (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) { + && (blocks = (len - rc4_off) / MD5_CBLOCK) + && (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) { RC4(ks, rc4_off, in, out); MD5_Update(&ctx->md, out, md5_off); rc4_md5_enc(ks, in + rc4_off, out + rc4_off, - &ctx->md, out + md5_off, blocks); + &ctx->md, out + md5_off, blocks); blocks *= MD5_CBLOCK; rc4_off += blocks; md5_off += blocks; @@ -163,7 +163,7 @@ static int cipher_hw_rc4_hmac_md5_cipher(PROV_CIPHER_CTX *bctx, } static int cipher_hw_rc4_hmac_md5_tls_init(PROV_CIPHER_CTX *bctx, - unsigned char *aad, size_t aad_len) + unsigned char *aad, size_t aad_len) { PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)bctx; unsigned int len; @@ -188,8 +188,8 @@ static int cipher_hw_rc4_hmac_md5_tls_init(PROV_CIPHER_CTX *bctx, } static void cipher_hw_rc4_hmac_md5_init_mackey(PROV_CIPHER_CTX *bctx, - const unsigned char *key, - size_t len) + const unsigned char *key, + size_t len) { PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)bctx; unsigned int i; @@ -219,10 +219,8 @@ static void cipher_hw_rc4_hmac_md5_init_mackey(PROV_CIPHER_CTX *bctx, } static const PROV_CIPHER_HW_RC4_HMAC_MD5 rc4_hmac_md5_hw = { - { - cipher_hw_rc4_hmac_md5_initkey, - cipher_hw_rc4_hmac_md5_cipher - }, + { cipher_hw_rc4_hmac_md5_initkey, + cipher_hw_rc4_hmac_md5_cipher }, cipher_hw_rc4_hmac_md5_tls_init, cipher_hw_rc4_hmac_md5_init_mackey }; diff --git a/providers/implementations/ciphers/cipher_rc4_hw.c b/providers/implementations/ciphers/cipher_rc4_hw.c index 09192b5d5e14..9ab18037a271 100644 --- a/providers/implementations/ciphers/cipher_rc4_hw.c +++ b/providers/implementations/ciphers/cipher_rc4_hw.c @@ -16,18 +16,18 @@ #include "cipher_rc4.h" static int cipher_hw_rc4_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_RC4_CTX *rctx = (PROV_RC4_CTX *)ctx; + PROV_RC4_CTX *rctx = (PROV_RC4_CTX *)ctx; RC4_set_key(&rctx->ks.ks, keylen, key); return 1; } static int cipher_hw_rc4_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { - PROV_RC4_CTX *rctx = (PROV_RC4_CTX *)ctx; + PROV_RC4_CTX *rctx = (PROV_RC4_CTX *)ctx; RC4(&rctx->ks.ks, len, in, out); return 1; @@ -41,4 +41,3 @@ const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc4(size_t keybits) { return &rc4_hw; } - diff --git a/providers/implementations/ciphers/cipher_rc5.c b/providers/implementations/ciphers/cipher_rc5.c index 5c7d2b1721c0..255180850eac 100644 --- a/providers/implementations/ciphers/cipher_rc5.c +++ b/providers/implementations/ciphers/cipher_rc5.c @@ -35,7 +35,7 @@ static void rc5_freectx(void *vctx) PROV_RC5_CTX *ctx = (PROV_RC5_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *rc5_dupctx(void *ctx) @@ -57,8 +57,8 @@ static void *rc5_dupctx(void *ctx) } static int rc5_einit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -66,8 +66,8 @@ static int rc5_einit(void *ctx, const unsigned char *key, size_t keylen, } static int rc5_dinit(void *ctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL)) return 0; @@ -105,16 +105,15 @@ static int rc5_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(rc5) - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_ROUNDS, NULL), -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc5) +OSSL_PARAM_uint(OSSL_CIPHER_PARAM_ROUNDS, NULL), + CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc5) -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc5) - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc5) + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), OSSL_PARAM_uint(OSSL_CIPHER_PARAM_ROUNDS, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc5) - + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc5) -static int rc5_get_ctx_params(void *vctx, OSSL_PARAM params[]) + static int rc5_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_RC5_CTX *ctx = (PROV_RC5_CTX *)vctx; OSSL_PARAM *p; @@ -129,54 +128,54 @@ static int rc5_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 1; } -#define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ -static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ -static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ -{ \ - PROV_##UCALG##_CTX *ctx; \ - if (!ossl_prov_is_running()) \ - return NULL; \ - ctx = OPENSSL_zalloc(sizeof(*ctx)); \ - if (ctx != NULL) { \ - ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags, \ - ossl_prov_cipher_hw_##alg##_##lcmode(kbits),\ - NULL); \ - ctx->rounds = RC5_12_ROUNDS; \ - } \ - return ctx; \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc5_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc5_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))rc5_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))rc5_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))rc5_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))rc5_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ + static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ + static void *alg##_##kbits##_##lcmode##_newctx(void *provctx) \ + { \ + PROV_##UCALG##_CTX *ctx; \ + if (!ossl_prov_is_running()) \ + return NULL; \ + ctx = OPENSSL_zalloc(sizeof(*ctx)); \ + if (ctx != NULL) { \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ + ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ + NULL); \ + ctx->rounds = RC5_12_ROUNDS; \ + } \ + return ctx; \ + } \ + const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))alg##_##kbits##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc5_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc5_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))rc5_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))rc5_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))rc5_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))rc5_settable_ctx_params }, \ + { 0, NULL } \ + }; /* ossl_rc5128ecb_functions */ IMPLEMENT_cipher(rc5, RC5, ecb, ECB, RC5_FLAGS, 128, 64, 0, block) @@ -185,4 +184,4 @@ IMPLEMENT_cipher(rc5, RC5, cbc, CBC, RC5_FLAGS, 128, 64, 64, block) /* ossl_rc5128ofb64_functions */ IMPLEMENT_cipher(rc5, RC5, ofb64, OFB, RC5_FLAGS, 128, 8, 64, stream) /* ossl_rc5128cfb64_functions */ -IMPLEMENT_cipher(rc5, RC5, cfb64, CFB, RC5_FLAGS, 128, 8, 64, stream) +IMPLEMENT_cipher(rc5, RC5, cfb64, CFB, RC5_FLAGS, 128, 8, 64, stream) diff --git a/providers/implementations/ciphers/cipher_rc5.h b/providers/implementations/ciphers/cipher_rc5.h index c630e7c87bf9..a388749a73ab 100644 --- a/providers/implementations/ciphers/cipher_rc5.h +++ b/providers/implementations/ciphers/cipher_rc5.h @@ -11,12 +11,12 @@ #include "prov/ciphercommon.h" typedef struct prov_blowfish_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; - RC5_32_KEY ks; /* key schedule */ + RC5_32_KEY ks; /* key schedule */ } ks; - unsigned int rounds; /* number of rounds */ + unsigned int rounds; /* number of rounds */ } PROV_RC5_CTX; const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc5_cbc(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_rc5_hw.c b/providers/implementations/ciphers/cipher_rc5_hw.c index 898bd383f95a..a7884c5eee37 100644 --- a/providers/implementations/ciphers/cipher_rc5_hw.c +++ b/providers/implementations/ciphers/cipher_rc5_hw.c @@ -16,26 +16,26 @@ #include "cipher_rc5.h" static int cipher_hw_rc5_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_RC5_CTX *rctx = (PROV_RC5_CTX *)ctx; return RC5_32_set_key(&rctx->ks.ks, keylen, key, rctx->rounds); } -# define PROV_CIPHER_HW_rc5_mode(mode, UCMODE) \ -IMPLEMENT_CIPHER_HW_##UCMODE(mode, rc5, PROV_RC5_CTX, RC5_32_KEY, \ - RC5_32_##mode) \ -static const PROV_CIPHER_HW rc5_##mode = { \ - cipher_hw_rc5_initkey, \ - cipher_hw_rc5_##mode##_cipher \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc5_##mode(size_t keybits) \ -{ \ - return &rc5_##mode; \ -} +#define PROV_CIPHER_HW_rc5_mode(mode, UCMODE) \ + IMPLEMENT_CIPHER_HW_##UCMODE(mode, rc5, PROV_RC5_CTX, RC5_32_KEY, \ + RC5_32_##mode) static const PROV_CIPHER_HW rc5_##mode \ + = { \ + cipher_hw_rc5_initkey, \ + cipher_hw_rc5_##mode##_cipher \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_rc5_##mode(size_t keybits) \ + { \ + return &rc5_##mode; \ + } PROV_CIPHER_HW_rc5_mode(cbc, CBC) -PROV_CIPHER_HW_rc5_mode(ecb, ECB) -PROV_CIPHER_HW_rc5_mode(ofb64, OFB) -PROV_CIPHER_HW_rc5_mode(cfb64, CFB) + PROV_CIPHER_HW_rc5_mode(ecb, ECB) + PROV_CIPHER_HW_rc5_mode(ofb64, OFB) + PROV_CIPHER_HW_rc5_mode(cfb64, CFB) diff --git a/providers/implementations/ciphers/cipher_seed.c b/providers/implementations/ciphers/cipher_seed.c index bae6a8e530ba..243f3b506308 100644 --- a/providers/implementations/ciphers/cipher_seed.c +++ b/providers/implementations/ciphers/cipher_seed.c @@ -27,7 +27,7 @@ static void seed_freectx(void *vctx) PROV_SEED_CTX *ctx = (PROV_SEED_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *seed_dupctx(void *ctx) @@ -55,4 +55,4 @@ IMPLEMENT_generic_cipher(seed, SEED, cbc, CBC, 0, 128, 128, 128, block) /* ossl_seed128ofb128_functions */ IMPLEMENT_generic_cipher(seed, SEED, ofb128, OFB, 0, 128, 8, 128, stream) /* ossl_seed128cfb128_functions */ -IMPLEMENT_generic_cipher(seed, SEED, cfb128, CFB, 0, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(seed, SEED, cfb128, CFB, 0, 128, 8, 128, stream) diff --git a/providers/implementations/ciphers/cipher_seed.h b/providers/implementations/ciphers/cipher_seed.h index 9006a9183b55..750ab8deac84 100644 --- a/providers/implementations/ciphers/cipher_seed.h +++ b/providers/implementations/ciphers/cipher_seed.h @@ -11,7 +11,7 @@ #include "prov/ciphercommon.h" typedef struct prov_seed_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; SEED_KEY_SCHEDULE ks; diff --git a/providers/implementations/ciphers/cipher_seed_hw.c b/providers/implementations/ciphers/cipher_seed_hw.c index 2d1dba92bc73..d4819acec49f 100644 --- a/providers/implementations/ciphers/cipher_seed_hw.c +++ b/providers/implementations/ciphers/cipher_seed_hw.c @@ -16,27 +16,27 @@ #include "cipher_seed.h" static int cipher_hw_seed_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_SEED_CTX *sctx = (PROV_SEED_CTX *)ctx; + PROV_SEED_CTX *sctx = (PROV_SEED_CTX *)ctx; SEED_set_key(key, &(sctx->ks.ks)); return 1; } -# define PROV_CIPHER_HW_seed_mode(mode, UCMODE) \ -IMPLEMENT_CIPHER_HW_##UCMODE(mode, seed, PROV_SEED_CTX, SEED_KEY_SCHEDULE, \ - SEED_##mode) \ -static const PROV_CIPHER_HW seed_##mode = { \ - cipher_hw_seed_initkey, \ - cipher_hw_seed_##mode##_cipher \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_seed_##mode(size_t keybits) \ -{ \ - return &seed_##mode; \ -} +#define PROV_CIPHER_HW_seed_mode(mode, UCMODE) \ + IMPLEMENT_CIPHER_HW_##UCMODE(mode, seed, PROV_SEED_CTX, SEED_KEY_SCHEDULE, \ + SEED_##mode) static const PROV_CIPHER_HW seed_##mode \ + = { \ + cipher_hw_seed_initkey, \ + cipher_hw_seed_##mode##_cipher \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_seed_##mode(size_t keybits) \ + { \ + return &seed_##mode; \ + } PROV_CIPHER_HW_seed_mode(cbc, CBC) -PROV_CIPHER_HW_seed_mode(ecb, ECB) -PROV_CIPHER_HW_seed_mode(ofb128, OFB) -PROV_CIPHER_HW_seed_mode(cfb128, CFB) + PROV_CIPHER_HW_seed_mode(ecb, ECB) + PROV_CIPHER_HW_seed_mode(ofb128, OFB) + PROV_CIPHER_HW_seed_mode(cfb128, CFB) diff --git a/providers/implementations/ciphers/cipher_sm4.c b/providers/implementations/ciphers/cipher_sm4.c index 6cf2731c6d5d..8ba72137c292 100644 --- a/providers/implementations/ciphers/cipher_sm4.c +++ b/providers/implementations/ciphers/cipher_sm4.c @@ -21,7 +21,7 @@ static void sm4_freectx(void *vctx) PROV_SM4_CTX *ctx = (PROV_SM4_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *sm4_dupctx(void *ctx) @@ -51,4 +51,4 @@ IMPLEMENT_generic_cipher(sm4, SM4, ctr, CTR, 0, 128, 8, 128, stream) /* ossl_sm4128ofb128_functions */ IMPLEMENT_generic_cipher(sm4, SM4, ofb128, OFB, 0, 128, 8, 128, stream) /* ossl_sm4128cfb128_functions */ -IMPLEMENT_generic_cipher(sm4, SM4, cfb128, CFB, 0, 128, 8, 128, stream) +IMPLEMENT_generic_cipher(sm4, SM4, cfb128, CFB, 0, 128, 8, 128, stream) diff --git a/providers/implementations/ciphers/cipher_sm4.h b/providers/implementations/ciphers/cipher_sm4.h index f7f833fcb4cf..18152a89f0be 100644 --- a/providers/implementations/ciphers/cipher_sm4.h +++ b/providers/implementations/ciphers/cipher_sm4.h @@ -11,7 +11,7 @@ #include "crypto/sm4.h" typedef struct prov_cast_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; SM4_KEY ks; diff --git a/providers/implementations/ciphers/cipher_sm4_hw.c b/providers/implementations/ciphers/cipher_sm4_hw.c index 0db04b1a743b..e26c27c28012 100644 --- a/providers/implementations/ciphers/cipher_sm4_hw.c +++ b/providers/implementations/ciphers/cipher_sm4_hw.c @@ -10,16 +10,16 @@ #include "cipher_sm4.h" static int cipher_hw_sm4_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { - PROV_SM4_CTX *sctx = (PROV_SM4_CTX *)ctx; + PROV_SM4_CTX *sctx = (PROV_SM4_CTX *)ctx; SM4_KEY *ks = &sctx->ks.ks; ossl_sm4_set_key(key, ks); ctx->ks = ks; if (ctx->enc - || (ctx->mode != EVP_CIPH_ECB_MODE - && ctx->mode != EVP_CIPH_CBC_MODE)) + || (ctx->mode != EVP_CIPH_ECB_MODE + && ctx->mode != EVP_CIPH_CBC_MODE)) ctx->block = (block128_f)ossl_sm4_encrypt; else ctx->block = (block128_f)ossl_sm4_decrypt; @@ -28,19 +28,19 @@ static int cipher_hw_sm4_initkey(PROV_CIPHER_CTX *ctx, IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_sm4_copyctx, PROV_SM4_CTX) -# define PROV_CIPHER_HW_sm4_mode(mode) \ -static const PROV_CIPHER_HW sm4_##mode = { \ - cipher_hw_sm4_initkey, \ - ossl_cipher_hw_chunked_##mode, \ - cipher_hw_sm4_copyctx \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_sm4_##mode(size_t keybits) \ -{ \ - return &sm4_##mode; \ -} +#define PROV_CIPHER_HW_sm4_mode(mode) \ + static const PROV_CIPHER_HW sm4_##mode = { \ + cipher_hw_sm4_initkey, \ + ossl_cipher_hw_chunked_##mode, \ + cipher_hw_sm4_copyctx \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_sm4_##mode(size_t keybits) \ + { \ + return &sm4_##mode; \ + } PROV_CIPHER_HW_sm4_mode(cbc) -PROV_CIPHER_HW_sm4_mode(ecb) -PROV_CIPHER_HW_sm4_mode(ofb128) -PROV_CIPHER_HW_sm4_mode(cfb128) -PROV_CIPHER_HW_sm4_mode(ctr) + PROV_CIPHER_HW_sm4_mode(ecb) + PROV_CIPHER_HW_sm4_mode(ofb128) + PROV_CIPHER_HW_sm4_mode(cfb128) + PROV_CIPHER_HW_sm4_mode(ctr) diff --git a/providers/implementations/ciphers/cipher_tdes.c b/providers/implementations/ciphers/cipher_tdes.c index 2e5f8c3f05bb..42248ee89b7f 100644 --- a/providers/implementations/ciphers/cipher_tdes.c +++ b/providers/implementations/ciphers/cipher_tdes.c @@ -20,6 +20,6 @@ #include "prov/implementations.h" /* ossl_tdes_ede3_ecb_functions */ -IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 0, block); +IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64 * 3, 64, 0, block); /* ossl_tdes_ede3_cbc_functions */ -IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block); +IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64 * 3, 64, 64, block); diff --git a/providers/implementations/ciphers/cipher_tdes.h b/providers/implementations/ciphers/cipher_tdes.h index 93f9d1744dc9..1c37987c1303 100644 --- a/providers/implementations/ciphers/cipher_tdes.h +++ b/providers/implementations/ciphers/cipher_tdes.h @@ -16,62 +16,62 @@ #define TDES_FLAGS PROV_CIPHER_FLAG_RAND_KEY typedef struct prov_tdes_ctx_st { - PROV_CIPHER_CTX base; /* Must be first */ + PROV_CIPHER_CTX base; /* Must be first */ union { OSSL_UNION_ALIGN; DES_key_schedule ks[3]; } tks; union { - void (*cbc) (const void *, void *, size_t, - const DES_key_schedule *, unsigned char *); + void (*cbc)(const void *, void *, size_t, + const DES_key_schedule *, unsigned char *); } tstream; } PROV_TDES_CTX; -#define IMPLEMENT_tdes_cipher(type, UCTYPE, lcmode, UCMODE, flags, \ - kbits, blkbits, ivbits, block) \ -static OSSL_FUNC_cipher_newctx_fn tdes_##type##_##lcmode##_newctx; \ -static void *tdes_##type##_##lcmode##_newctx(void *provctx) \ -{ \ - return ossl_tdes_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, kbits, blkbits, \ - ivbits, flags, \ - ossl_prov_cipher_hw_tdes_##type##_##lcmode()); \ -} \ -static OSSL_FUNC_cipher_get_params_fn tdes_##type##_##lcmode##_get_params; \ -static int tdes_##type##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -const OSSL_DISPATCH ossl_tdes_##type##_##lcmode##_functions[] = { \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_tdes_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_tdes_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void))ossl_cipher_generic_##block##_update }, \ - { OSSL_FUNC_CIPHER_FINAL, \ - (void (*)(void))ossl_cipher_generic_##block##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void))tdes_##type##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))ossl_tdes_dupctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))ossl_tdes_freectx }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void))tdes_##type##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_tdes_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_tdes_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ - { 0, NULL } \ -} +#define IMPLEMENT_tdes_cipher(type, UCTYPE, lcmode, UCMODE, flags, \ + kbits, blkbits, ivbits, block) \ + static OSSL_FUNC_cipher_newctx_fn tdes_##type##_##lcmode##_newctx; \ + static void *tdes_##type##_##lcmode##_newctx(void *provctx) \ + { \ + return ossl_tdes_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, kbits, blkbits, \ + ivbits, flags, \ + ossl_prov_cipher_hw_tdes_##type##_##lcmode()); \ + } \ + static OSSL_FUNC_cipher_get_params_fn tdes_##type##_##lcmode##_get_params; \ + static int tdes_##type##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + const OSSL_DISPATCH ossl_tdes_##type##_##lcmode##_functions[] = { \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_tdes_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_tdes_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, \ + (void (*)(void))ossl_cipher_generic_##block##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, \ + (void (*)(void))ossl_cipher_generic_##block##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))tdes_##type##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))ossl_tdes_dupctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))ossl_tdes_freectx }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))tdes_##type##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_tdes_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_tdes_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ + { 0, NULL } \ + } void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, - size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw); + size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw); OSSL_FUNC_cipher_dupctx_fn ossl_tdes_dupctx; OSSL_FUNC_cipher_freectx_fn ossl_tdes_freectx; OSSL_FUNC_cipher_encrypt_init_fn ossl_tdes_einit; @@ -79,25 +79,25 @@ OSSL_FUNC_cipher_decrypt_init_fn ossl_tdes_dinit; OSSL_FUNC_cipher_get_ctx_params_fn ossl_tdes_get_ctx_params; OSSL_FUNC_cipher_gettable_ctx_params_fn ossl_tdes_gettable_ctx_params; -#define PROV_CIPHER_HW_tdes_mode(type, mode) \ -static const PROV_CIPHER_HW type##_##mode = { \ - ossl_cipher_hw_tdes_##type##_initkey, \ - ossl_cipher_hw_tdes_##mode, \ - ossl_cipher_hw_tdes_copyctx \ -}; \ -const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_##type##_##mode(void) \ -{ \ - return &type##_##mode; \ -} +#define PROV_CIPHER_HW_tdes_mode(type, mode) \ + static const PROV_CIPHER_HW type##_##mode = { \ + ossl_cipher_hw_tdes_##type##_initkey, \ + ossl_cipher_hw_tdes_##mode, \ + ossl_cipher_hw_tdes_copyctx \ + }; \ + const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_##type##_##mode(void) \ + { \ + return &type##_##mode; \ + } int ossl_cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen); + const unsigned char *key, size_t keylen); void ossl_cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, - const PROV_CIPHER_CTX *src); + const PROV_CIPHER_CTX *src); int ossl_cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); + const unsigned char *in, size_t inl); int ossl_cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); + const unsigned char *in, size_t len); const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_ede3_cbc(void); const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_ede3_ecb(void); diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index cd11f2185d5f..ae437a3b10c2 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -21,7 +21,7 @@ #include "prov/providercommon.h" void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, - size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw) + size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw) { PROV_TDES_CTX *tctx; @@ -31,7 +31,7 @@ void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, tctx = OPENSSL_zalloc(sizeof(*tctx)); if (tctx != NULL) ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags, - hw, provctx); + hw, provctx); return tctx; } @@ -58,12 +58,12 @@ void ossl_tdes_freectx(void *vctx) PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx; ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -78,9 +78,9 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) return 0; } else if (ctx->iv_set - && (ctx->mode == EVP_CIPH_CBC_MODE - || ctx->mode == EVP_CIPH_CFB_MODE - || ctx->mode == EVP_CIPH_OFB_MODE)) { + && (ctx->mode == EVP_CIPH_CBC_MODE + || ctx->mode == EVP_CIPH_CFB_MODE + || ctx->mode == EVP_CIPH_OFB_MODE)) { /* reset IV to keep compatibility with 1.1.1 */ memcpy(ctx->iv, ctx->oiv, ctx->ivlen); } @@ -98,24 +98,24 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, } int ossl_tdes_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return tdes_init(vctx, key, keylen, iv, ivlen, params, 1); } int ossl_tdes_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return tdes_init(vctx, key, keylen, iv, ivlen, params, 0); } CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_tdes) - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0), -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes) +OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0), + CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes) -static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) + static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) { DES_cblock *deskey = ptr; @@ -134,7 +134,7 @@ static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) int ossl_tdes_get_ctx_params(void *vctx, OSSL_PARAM params[]) { - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; + PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; OSSL_PARAM *p; if (!ossl_cipher_generic_get_ctx_params(vctx, params)) diff --git a/providers/implementations/ciphers/cipher_tdes_default.c b/providers/implementations/ciphers/cipher_tdes_default.c index 3b8908ff3988..35bf23fc5f95 100644 --- a/providers/implementations/ciphers/cipher_tdes_default.c +++ b/providers/implementations/ciphers/cipher_tdes_default.c @@ -17,19 +17,19 @@ #include "prov/implementations.h" /* ossl_tdes_ede3_ofb_functions */ -IMPLEMENT_tdes_cipher(ede3, EDE3, ofb, OFB, TDES_FLAGS, 64*3, 8, 64, stream); +IMPLEMENT_tdes_cipher(ede3, EDE3, ofb, OFB, TDES_FLAGS, 64 * 3, 8, 64, stream); /* ossl_tdes_ede3_cfb_functions */ -IMPLEMENT_tdes_cipher(ede3, EDE3, cfb, CFB, TDES_FLAGS, 64*3, 8, 64, stream); +IMPLEMENT_tdes_cipher(ede3, EDE3, cfb, CFB, TDES_FLAGS, 64 * 3, 8, 64, stream); /* ossl_tdes_ede3_cfb1_functions */ -IMPLEMENT_tdes_cipher(ede3, EDE3, cfb1, CFB, TDES_FLAGS, 64*3, 8, 64, stream); +IMPLEMENT_tdes_cipher(ede3, EDE3, cfb1, CFB, TDES_FLAGS, 64 * 3, 8, 64, stream); /* ossl_tdes_ede3_cfb8_functions */ -IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64*3, 8, 64, stream); +IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64 * 3, 8, 64, stream); /* ossl_tdes_ede2_ecb_functions */ -IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 0, block); +IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64 * 2, 64, 0, block); /* ossl_tdes_ede2_cbc_functions */ -IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64*2, 64, 64, block); +IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64 * 2, 64, 64, block); /* ossl_tdes_ede2_ofb_functions */ -IMPLEMENT_tdes_cipher(ede2, EDE2, ofb, OFB, TDES_FLAGS, 64*2, 8, 64, stream); +IMPLEMENT_tdes_cipher(ede2, EDE2, ofb, OFB, TDES_FLAGS, 64 * 2, 8, 64, stream); /* ossl_tdes_ede2_cfb_functions */ -IMPLEMENT_tdes_cipher(ede2, EDE2, cfb, CFB, TDES_FLAGS, 64*2, 8, 64, stream); +IMPLEMENT_tdes_cipher(ede2, EDE2, cfb, CFB, TDES_FLAGS, 64 * 2, 8, 64, stream); diff --git a/providers/implementations/ciphers/cipher_tdes_default_hw.c b/providers/implementations/ciphers/cipher_tdes_default_hw.c index 53cbbad57191..4573223145d0 100644 --- a/providers/implementations/ciphers/cipher_tdes_default_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_default_hw.c @@ -20,25 +20,24 @@ #define ks3 tks.ks[2] static int ossl_cipher_hw_tdes_ede2_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, - size_t keylen) + const unsigned char *key, + size_t keylen) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; DES_cblock *deskey = (DES_cblock *)key; tctx->tstream.cbc = NULL; -# if defined(SPARC_DES_CAPABLE) +#if defined(SPARC_DES_CAPABLE) if (SPARC_DES_CAPABLE) { if (ctx->mode == EVP_CIPH_CBC_MODE) { des_t4_key_expand(&deskey[0], &tctx->ks1); des_t4_key_expand(&deskey[1], &tctx->ks2); memcpy(&tctx->ks3, &tctx->ks1, sizeof(tctx->ks1)); - tctx->tstream.cbc = ctx->enc ? des_t4_ede3_cbc_encrypt : - des_t4_ede3_cbc_decrypt; + tctx->tstream.cbc = ctx->enc ? des_t4_ede3_cbc_encrypt : des_t4_ede3_cbc_decrypt; return 1; } } -# endif +#endif DES_set_key_unchecked(&deskey[0], &tctx->ks1); DES_set_key_unchecked(&deskey[1], &tctx->ks2); memcpy(&tctx->ks3, &tctx->ks1, sizeof(tctx->ks1)); @@ -46,28 +45,28 @@ static int ossl_cipher_hw_tdes_ede2_initkey(PROV_CIPHER_CTX *ctx, } static int ossl_cipher_hw_tdes_ofb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; int num = ctx->num; while (inl >= MAXCHUNK) { DES_ede3_ofb64_encrypt(in, out, (long)MAXCHUNK, &tctx->ks1, &tctx->ks2, - &tctx->ks3, (DES_cblock *)ctx->iv, &num); + &tctx->ks3, (DES_cblock *)ctx->iv, &num); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) { DES_ede3_ofb64_encrypt(in, out, (long)inl, &tctx->ks1, &tctx->ks2, - &tctx->ks3, (DES_cblock *)ctx->iv, &num); + &tctx->ks3, (DES_cblock *)ctx->iv, &num); } ctx->num = num; return 1; } static int ossl_cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; int num = ctx->num; @@ -75,16 +74,16 @@ static int ossl_cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out, while (inl >= MAXCHUNK) { DES_ede3_cfb64_encrypt(in, out, (long)MAXCHUNK, - &tctx->ks1, &tctx->ks2, &tctx->ks3, - (DES_cblock *)ctx->iv, &num, ctx->enc); + &tctx->ks1, &tctx->ks2, &tctx->ks3, + (DES_cblock *)ctx->iv, &num, ctx->enc); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) { DES_ede3_cfb64_encrypt(in, out, (long)inl, - &tctx->ks1, &tctx->ks2, &tctx->ks3, - (DES_cblock *)ctx->iv, &num, ctx->enc); + &tctx->ks1, &tctx->ks2, &tctx->ks3, + (DES_cblock *)ctx->iv, &num, ctx->enc); } ctx->num = num; return 1; @@ -95,7 +94,7 @@ static int ossl_cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out, * right way, so wrap it here */ static int ossl_cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; size_t n; @@ -106,8 +105,8 @@ static int ossl_cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out, for (n = 0; n < inl; ++n) { c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0; DES_ede3_cfb_encrypt(c, d, 1, 1, - &tctx->ks1, &tctx->ks2, &tctx->ks3, - (DES_cblock *)ctx->iv, ctx->enc); + &tctx->ks1, &tctx->ks2, &tctx->ks3, + (DES_cblock *)ctx->iv, ctx->enc); out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | ((d[0] & 0x80) >> (unsigned int)(n % 8)); } @@ -116,32 +115,31 @@ static int ossl_cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out, } static int ossl_cipher_hw_tdes_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; while (inl >= MAXCHUNK) { DES_ede3_cfb_encrypt(in, out, 8, (long)MAXCHUNK, - &tctx->ks1, &tctx->ks2, &tctx->ks3, - (DES_cblock *)ctx->iv, ctx->enc); + &tctx->ks1, &tctx->ks2, &tctx->ks3, + (DES_cblock *)ctx->iv, ctx->enc); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) DES_ede3_cfb_encrypt(in, out, 8, (long)inl, - &tctx->ks1, &tctx->ks2, &tctx->ks3, - (DES_cblock *)ctx->iv, ctx->enc); + &tctx->ks1, &tctx->ks2, &tctx->ks3, + (DES_cblock *)ctx->iv, ctx->enc); return 1; } PROV_CIPHER_HW_tdes_mode(ede3, ofb) -PROV_CIPHER_HW_tdes_mode(ede3, cfb) -PROV_CIPHER_HW_tdes_mode(ede3, cfb1) -PROV_CIPHER_HW_tdes_mode(ede3, cfb8) - -PROV_CIPHER_HW_tdes_mode(ede2, ecb) -PROV_CIPHER_HW_tdes_mode(ede2, cbc) -PROV_CIPHER_HW_tdes_mode(ede2, ofb) -PROV_CIPHER_HW_tdes_mode(ede2, cfb) + PROV_CIPHER_HW_tdes_mode(ede3, cfb) + PROV_CIPHER_HW_tdes_mode(ede3, cfb1) + PROV_CIPHER_HW_tdes_mode(ede3, cfb8) + PROV_CIPHER_HW_tdes_mode(ede2, ecb) + PROV_CIPHER_HW_tdes_mode(ede2, cbc) + PROV_CIPHER_HW_tdes_mode(ede2, ofb) + PROV_CIPHER_HW_tdes_mode(ede2, cfb) diff --git a/providers/implementations/ciphers/cipher_tdes_hw.c b/providers/implementations/ciphers/cipher_tdes_hw.c index 4382969f44bb..06d528d0c532 100644 --- a/providers/implementations/ciphers/cipher_tdes_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_hw.c @@ -21,24 +21,23 @@ #define ks3 tks.ks[2] int ossl_cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; DES_cblock *deskey = (DES_cblock *)key; tctx->tstream.cbc = NULL; -# if defined(SPARC_DES_CAPABLE) +#if defined(SPARC_DES_CAPABLE) if (SPARC_DES_CAPABLE) { if (ctx->mode == EVP_CIPH_CBC_MODE) { des_t4_key_expand(&deskey[0], &tctx->ks1); des_t4_key_expand(&deskey[1], &tctx->ks2); des_t4_key_expand(&deskey[2], &tctx->ks3); - tctx->tstream.cbc = ctx->enc ? des_t4_ede3_cbc_encrypt : - des_t4_ede3_cbc_decrypt; + tctx->tstream.cbc = ctx->enc ? des_t4_ede3_cbc_encrypt : des_t4_ede3_cbc_decrypt; return 1; } } -# endif +#endif DES_set_key_unchecked(&deskey[0], &tctx->ks1); DES_set_key_unchecked(&deskey[1], &tctx->ks2); DES_set_key_unchecked(&deskey[2], &tctx->ks3); @@ -46,7 +45,7 @@ int ossl_cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, } void ossl_cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, - const PROV_CIPHER_CTX *src) + const PROV_CIPHER_CTX *src) { PROV_TDES_CTX *sctx = (PROV_TDES_CTX *)src; PROV_TDES_CTX *dctx = (PROV_TDES_CTX *)dst; @@ -56,30 +55,30 @@ void ossl_cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, } int ossl_cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; if (tctx->tstream.cbc != NULL) { - (*tctx->tstream.cbc) (in, out, inl, tctx->tks.ks, ctx->iv); + (*tctx->tstream.cbc)(in, out, inl, tctx->tks.ks, ctx->iv); return 1; } while (inl >= MAXCHUNK) { DES_ede3_cbc_encrypt(in, out, (long)MAXCHUNK, &tctx->ks1, &tctx->ks2, - &tctx->ks3, (DES_cblock *)ctx->iv, ctx->enc); + &tctx->ks3, (DES_cblock *)ctx->iv, ctx->enc); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) DES_ede3_cbc_encrypt(in, out, (long)inl, &tctx->ks1, &tctx->ks2, - &tctx->ks3, (DES_cblock *)ctx->iv, ctx->enc); + &tctx->ks3, (DES_cblock *)ctx->iv, ctx->enc); return 1; } int ossl_cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { size_t i; PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; @@ -89,10 +88,10 @@ int ossl_cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, for (i = 0, len -= DES_BLOCK_SIZE; i <= len; i += DES_BLOCK_SIZE) { DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i), - &tctx->ks1, &tctx->ks2, &tctx->ks3, ctx->enc); + &tctx->ks1, &tctx->ks2, &tctx->ks3, ctx->enc); } return 1; } PROV_CIPHER_HW_tdes_mode(ede3, ecb) -PROV_CIPHER_HW_tdes_mode(ede3, cbc) + PROV_CIPHER_HW_tdes_mode(ede3, cbc) diff --git a/providers/implementations/ciphers/cipher_tdes_wrap.c b/providers/implementations/ciphers/cipher_tdes_wrap.c index 1b4539a64ce3..3274f1ab23fc 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap.c @@ -27,13 +27,12 @@ static OSSL_FUNC_cipher_update_fn tdes_wrap_update; static OSSL_FUNC_cipher_cipher_fn tdes_wrap_cipher; -static const unsigned char wrap_iv[8] = -{ +static const unsigned char wrap_iv[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; static int des_ede3_unwrap(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { unsigned char icv[8], iv[TDES_IVLEN], sha1tmp[SHA_DIGEST_LENGTH]; int rv = -1; @@ -66,7 +65,7 @@ static int des_ede3_unwrap(PROV_CIPHER_CTX *ctx, unsigned char *out, ctx->hw->cipher(ctx, out, out, inl - 16); ctx->hw->cipher(ctx, icv, icv, 8); if (ossl_sha1(out, inl - 16, sha1tmp) /* Work out hash of first portion */ - && CRYPTO_memcmp(sha1tmp, icv, 8) == 0) + && CRYPTO_memcmp(sha1tmp, icv, 8) == 0) rv = inl - 16; OPENSSL_cleanse(icv, 8); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); @@ -79,7 +78,7 @@ static int des_ede3_unwrap(PROV_CIPHER_CTX *ctx, unsigned char *out, } static int des_ede3_wrap(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { unsigned char sha1tmp[SHA_DIGEST_LENGTH]; size_t ivlen = TDES_IVLEN; @@ -109,7 +108,7 @@ static int des_ede3_wrap(PROV_CIPHER_CTX *ctx, unsigned char *out, } static int tdes_wrap_cipher_internal(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { /* * Sanity check input length: we typically only wrap keys so EVP_MAXCHUNK @@ -125,8 +124,8 @@ static int tdes_wrap_cipher_internal(PROV_CIPHER_CTX *ctx, unsigned char *out, } static int tdes_wrap_cipher(void *vctx, - unsigned char *out, size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + unsigned char *out, size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; int ret; @@ -149,8 +148,8 @@ static int tdes_wrap_cipher(void *vctx, } static int tdes_wrap_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) + size_t outsize, const unsigned char *in, + size_t inl) { *outl = 0; if (inl == 0) @@ -167,44 +166,42 @@ static int tdes_wrap_update(void *vctx, unsigned char *out, size_t *outl, return 1; } - -# define IMPLEMENT_WRAP_CIPHER(flags, kbits, blkbits, ivbits) \ -static OSSL_FUNC_cipher_newctx_fn tdes_wrap_newctx; \ -static void *tdes_wrap_newctx(void *provctx) \ -{ \ - return ossl_tdes_newctx(provctx, EVP_CIPH_WRAP_MODE, kbits, blkbits, \ - ivbits, flags, \ - ossl_prov_cipher_hw_tdes_wrap_cbc()); \ -} \ -static OSSL_FUNC_cipher_get_params_fn tdes_wrap_get_params; \ -static int tdes_wrap_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_WRAP_MODE, flags, \ - kbits, blkbits, ivbits); \ -} \ -const OSSL_DISPATCH ossl_tdes_wrap_cbc_functions[] = \ -{ \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) ossl_tdes_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) ossl_tdes_dinit }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))tdes_wrap_cipher }, \ - { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))tdes_wrap_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))ossl_tdes_freectx }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))tdes_wrap_update }, \ - { OSSL_FUNC_CIPHER_FINAL, \ - (void (*)(void))ossl_cipher_generic_stream_final }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))tdes_wrap_get_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_tdes_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_tdes_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ - { 0, NULL } \ -} +#define IMPLEMENT_WRAP_CIPHER(flags, kbits, blkbits, ivbits) \ + static OSSL_FUNC_cipher_newctx_fn tdes_wrap_newctx; \ + static void *tdes_wrap_newctx(void *provctx) \ + { \ + return ossl_tdes_newctx(provctx, EVP_CIPH_WRAP_MODE, kbits, blkbits, \ + ivbits, flags, \ + ossl_prov_cipher_hw_tdes_wrap_cbc()); \ + } \ + static OSSL_FUNC_cipher_get_params_fn tdes_wrap_get_params; \ + static int tdes_wrap_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_WRAP_MODE, flags, \ + kbits, blkbits, ivbits); \ + } \ + const OSSL_DISPATCH ossl_tdes_wrap_cbc_functions[] = { \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_tdes_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_tdes_dinit }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))tdes_wrap_cipher }, \ + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))tdes_wrap_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))ossl_tdes_freectx }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))tdes_wrap_update }, \ + { OSSL_FUNC_CIPHER_FINAL, \ + (void (*)(void))ossl_cipher_generic_stream_final }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))tdes_wrap_get_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_tdes_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_tdes_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ + { 0, NULL } \ + } /* ossl_tdes_wrap_cbc_functions */ -IMPLEMENT_WRAP_CIPHER(TDES_WRAP_FLAGS, 64*3, 64, 0); +IMPLEMENT_WRAP_CIPHER(TDES_WRAP_FLAGS, 64 * 3, 64, 0); diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index 7ad3eb0a1f52..4757bed67f01 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -39,8 +39,8 @@ const OSSL_PARAM *ossl_cipher_generic_gettable_params(ossl_unused void *provctx) } int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, - uint64_t flags, - size_t kbits, size_t blkbits, size_t ivbits) + uint64_t flags, + size_t kbits, size_t blkbits, size_t ivbits) { OSSL_PARAM *p; @@ -97,20 +97,19 @@ int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, return 1; } -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic) -{ OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED }, -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic) +CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic) { OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED }, + CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic) -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic) -OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL), -OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL), -OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic) + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic) + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_USE_BITS, NULL), + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL), + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic) -/* - * Variable key length cipher functions for OSSL_PARAM settables - */ -int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) + /* + * Variable key length cipher functions for OSSL_PARAM settables + */ + int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; const OSSL_PARAM *p; @@ -138,25 +137,25 @@ int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen) OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen) + CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen) -/*- - * AEAD cipher functions for OSSL_PARAM gettables and settables - */ -static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0), - OSSL_PARAM_END -}; + /*- + * AEAD cipher functions for OSSL_PARAM gettables and settables + */ + static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] + = { + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL), + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0), + OSSL_PARAM_END + }; const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params( - ossl_unused void *cctx, ossl_unused void *provctx - ) + ossl_unused void *cctx, ossl_unused void *provctx) { return cipher_aead_known_gettable_ctx_params; } @@ -170,8 +169,7 @@ static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = { OSSL_PARAM_END }; const OSSL_PARAM *ossl_cipher_aead_settable_ctx_params( - ossl_unused void *cctx, ossl_unused void *provctx - ) + ossl_unused void *cctx, ossl_unused void *provctx) { return cipher_aead_known_settable_ctx_params; } @@ -186,9 +184,9 @@ void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) } static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *key, size_t keylen, + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { ctx->num = 0; ctx->bufsz = 0; @@ -226,27 +224,27 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, } int ossl_cipher_generic_einit(void *vctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[]) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[]) { return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, - iv, ivlen, params, 1); + iv, ivlen, params, 1); } int ossl_cipher_generic_dinit(void *vctx, const unsigned char *key, - size_t keylen, const unsigned char *iv, - size_t ivlen, const OSSL_PARAM params[]) + size_t keylen, const unsigned char *iv, + size_t ivlen, const OSSL_PARAM params[]) { return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, - iv, ivlen, params, 0); + iv, ivlen, params, 0); } /* Max padding including padding length byte */ #define MAX_PADDING 256 int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, - size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { size_t outlint = 0; PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -266,9 +264,9 @@ int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, /* Sanity check inputs */ if (in == NULL - || in != out - || outsize < inl - || !ctx->pad) { + || in != out + || outsize < inl + || !ctx->pad) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; } @@ -308,7 +306,6 @@ int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, return 0; } - /* Shouldn't normally fail */ if (!ctx->hw->cipher(ctx, out, in, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); @@ -325,9 +322,9 @@ int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, *outl = inl; if (!ctx->enc && !ossl_cipher_tlsunpadblock(ctx->libctx, ctx->tlsversion, - out, outl, - blksz, &ctx->tlsmac, &ctx->alloced, - ctx->tlsmacsize, 0)) { + out, outl, + blksz, &ctx->tlsmac, &ctx->alloced, + ctx->tlsmacsize, 0)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; } @@ -336,9 +333,9 @@ int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, if (ctx->bufsz != 0) nextblocks = ossl_cipher_fillblock(ctx->buf, &ctx->bufsz, blksz, - &in, &inl); + &in, &inl); else - nextblocks = inl & ~(blksz-1); + nextblocks = inl & ~(blksz - 1); /* * If we're decrypting and we end an update on a block boundary we hold @@ -391,7 +388,7 @@ int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, } int ossl_cipher_generic_block_final(void *vctx, unsigned char *out, - size_t *outl, size_t outsize) + size_t *outl, size_t outsize) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; size_t blksz = ctx->blocksize; @@ -465,8 +462,8 @@ int ossl_cipher_generic_block_final(void *vctx, unsigned char *out, } int ossl_cipher_generic_stream_update(void *vctx, unsigned char *out, - size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -493,9 +490,9 @@ int ossl_cipher_generic_stream_update(void *vctx, unsigned char *out, *outl = inl; if (!ctx->enc && ctx->tlsversion > 0) { /* - * Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and - * cipher_aes_cbc_hmac_sha256_hw.c - */ + * Remove any TLS padding. Only used by cipher_aes_cbc_hmac_sha1_hw.c and + * cipher_aes_cbc_hmac_sha256_hw.c + */ if (ctx->removetlspad) { /* * We should have already failed in the cipher() call above if this @@ -527,7 +524,7 @@ int ossl_cipher_generic_stream_update(void *vctx, unsigned char *out, return 1; } int ossl_cipher_generic_stream_final(void *vctx, unsigned char *out, - size_t *outl, size_t outsize) + size_t *outl, size_t outsize) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -544,8 +541,8 @@ int ossl_cipher_generic_stream_final(void *vctx, unsigned char *out, } int ossl_cipher_generic_cipher(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) + size_t outsize, const unsigned char *in, + size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -675,7 +672,7 @@ int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, - size_t ivlen) + size_t ivlen) { if (ivlen != ctx->ivlen || ivlen > sizeof(ctx->iv)) { @@ -689,9 +686,9 @@ int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, } void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, - uint64_t flags, const PROV_CIPHER_HW *hw, - void *provctx) + size_t ivbits, unsigned int mode, + uint64_t flags, const PROV_CIPHER_HW *hw, + void *provctx) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; diff --git a/providers/implementations/ciphers/ciphercommon_block.c b/providers/implementations/ciphers/ciphercommon_block.c index 6e6bb091e76b..577952bfbdcf 100644 --- a/providers/implementations/ciphers/ciphercommon_block.c +++ b/providers/implementations/ciphers/ciphercommon_block.c @@ -17,21 +17,21 @@ /* Functions defined in ssl/tls_pad.c */ int ssl3_cbc_remove_padding_and_mac(size_t *reclen, - size_t origreclen, - unsigned char *recdata, - unsigned char **mac, - int *alloced, - size_t block_size, size_t mac_size, - OSSL_LIB_CTX *libctx); + size_t origreclen, + unsigned char *recdata, + unsigned char **mac, + int *alloced, + size_t block_size, size_t mac_size, + OSSL_LIB_CTX *libctx); int tls1_cbc_remove_padding_and_mac(size_t *reclen, - size_t origreclen, - unsigned char *recdata, - unsigned char **mac, - int *alloced, - size_t block_size, size_t mac_size, - int aead, - OSSL_LIB_CTX *libctx); + size_t origreclen, + unsigned char *recdata, + unsigned char **mac, + int *alloced, + size_t block_size, size_t mac_size, + int aead, + OSSL_LIB_CTX *libctx); /* * Fills a single block of buffered data from the input, and returns the amount @@ -54,8 +54,8 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, * which is a multiple of the blocksize. */ size_t ossl_cipher_fillblock(unsigned char *buf, size_t *buflen, - size_t blocksize, - const unsigned char **in, size_t *inlen) + size_t blocksize, + const unsigned char **in, size_t *inlen) { size_t blockmask = ~(blocksize - 1); size_t bufremain = blocksize - *buflen; @@ -78,7 +78,7 @@ size_t ossl_cipher_fillblock(unsigned char *buf, size_t *buflen, * fit into a full block. */ int ossl_cipher_trailingdata(unsigned char *buf, size_t *buflen, size_t blocksize, - const unsigned char **in, size_t *inlen) + const unsigned char **in, size_t *inlen) { if (*inlen == 0) return 1; @@ -110,7 +110,7 @@ int ossl_cipher_unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize) size_t pad, i; size_t len = *buflen; - if(len != blocksize) { + if (len != blocksize) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return 0; } @@ -156,18 +156,18 @@ int ossl_cipher_unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize) * the mac is random */ int ossl_cipher_tlsunpadblock(OSSL_LIB_CTX *libctx, unsigned int tlsversion, - unsigned char *buf, size_t *buflen, - size_t blocksize, - unsigned char **mac, int *alloced, size_t macsize, - int aead) + unsigned char *buf, size_t *buflen, + size_t blocksize, + unsigned char **mac, int *alloced, size_t macsize, + int aead) { int ret; switch (tlsversion) { case SSL3_VERSION: return ssl3_cbc_remove_padding_and_mac(buflen, *buflen, buf, mac, - alloced, blocksize, macsize, - libctx); + alloced, blocksize, macsize, + libctx); case TLS1_2_VERSION: case DTLS1_2_VERSION: @@ -180,8 +180,8 @@ int ossl_cipher_tlsunpadblock(OSSL_LIB_CTX *libctx, unsigned int tlsversion, /* Fall through */ case TLS1_VERSION: ret = tls1_cbc_remove_padding_and_mac(buflen, *buflen, buf, mac, - alloced, blocksize, macsize, - aead, libctx); + alloced, blocksize, macsize, + aead, libctx); return ret; default: diff --git a/providers/implementations/ciphers/ciphercommon_ccm.c b/providers/implementations/ciphers/ciphercommon_ccm.c index 33105911e366..4ed16e96520f 100644 --- a/providers/implementations/ciphers/ciphercommon_ccm.c +++ b/providers/implementations/ciphers/ciphercommon_ccm.c @@ -15,8 +15,8 @@ #include "prov/providercommon.h" static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out, - size_t *padlen, const unsigned char *in, - size_t len); + size_t *padlen, const unsigned char *in, + size_t len); static int ccm_tls_init(PROV_CCM_CTX *ctx, unsigned char *aad, size_t alen) { @@ -50,7 +50,7 @@ static int ccm_tls_init(PROV_CCM_CTX *ctx, unsigned char *aad, size_t alen) } static int ccm_tls_iv_set_fixed(PROV_CCM_CTX *ctx, unsigned char *fixed, - size_t flen) + size_t flen) { if (flen != EVP_CCM_TLS_FIXED_IV_LEN) return 0; @@ -223,8 +223,8 @@ int ossl_ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_CCM_CTX *ctx = (PROV_CCM_CTX *)vctx; @@ -253,22 +253,22 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, } int ossl_ccm_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return ccm_init(vctx, key, keylen, iv, ivlen, params, 1); } int ossl_ccm_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return ccm_init(vctx, key, keylen, iv, ivlen, params, 0); } int ossl_ccm_stream_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) + size_t outsize, const unsigned char *in, + size_t inl) { PROV_CCM_CTX *ctx = (PROV_CCM_CTX *)vctx; @@ -285,7 +285,7 @@ int ossl_ccm_stream_update(void *vctx, unsigned char *out, size_t *outl, } int ossl_ccm_stream_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { PROV_CCM_CTX *ctx = (PROV_CCM_CTX *)vctx; int i; @@ -302,7 +302,7 @@ int ossl_ccm_stream_final(void *vctx, unsigned char *out, size_t *outl, } int ossl_ccm_cipher(void *vctx, unsigned char *out, size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { PROV_CCM_CTX *ctx = (PROV_CCM_CTX *)vctx; @@ -333,8 +333,8 @@ static int ccm_set_iv(PROV_CCM_CTX *ctx, size_t mlen) } static int ccm_tls_cipher(PROV_CCM_CTX *ctx, - unsigned char *out, size_t *padlen, - const unsigned char *in, size_t len) + unsigned char *out, size_t *padlen, + const unsigned char *in, size_t len) { int rv = 0; size_t olen = 0; @@ -364,12 +364,12 @@ static int ccm_tls_cipher(PROV_CCM_CTX *ctx, in += EVP_CCM_TLS_EXPLICIT_IV_LEN; out += EVP_CCM_TLS_EXPLICIT_IV_LEN; if (ctx->enc) { - if (!ctx->hw->auth_encrypt(ctx, in, out, len, out + len, ctx->m)) + if (!ctx->hw->auth_encrypt(ctx, in, out, len, out + len, ctx->m)) goto err; olen = len + EVP_CCM_TLS_EXPLICIT_IV_LEN + ctx->m; } else { if (!ctx->hw->auth_decrypt(ctx, in, out, len, - (unsigned char *)in + len, ctx->m)) + (unsigned char *)in + len, ctx->m)) goto err; olen = len; } @@ -380,8 +380,8 @@ err: } static int ccm_cipher_internal(PROV_CCM_CTX *ctx, unsigned char *out, - size_t *padlen, const unsigned char *in, - size_t len) + size_t *padlen, const unsigned char *in, + size_t len) { int rv = 0; size_t olen = 0; diff --git a/providers/implementations/ciphers/ciphercommon_ccm_hw.c b/providers/implementations/ciphers/ciphercommon_ccm_hw.c index ad3fbc59e4fc..21160fbe6120 100644 --- a/providers/implementations/ciphers/ciphercommon_ccm_hw.c +++ b/providers/implementations/ciphers/ciphercommon_ccm_hw.c @@ -11,13 +11,13 @@ #include "prov/ciphercommon_ccm.h" int ossl_ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce, - size_t nlen, size_t mlen) + size_t nlen, size_t mlen) { return CRYPTO_ccm128_setiv(&ctx->ccm_ctx, nonce, nlen, mlen) == 0; } int ossl_ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad, - size_t alen) + size_t alen) { CRYPTO_ccm128_aad(&ctx->ccm_ctx, aad, alen); return 1; @@ -29,14 +29,15 @@ int ossl_ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag, size_t tlen) } int ossl_ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len, - unsigned char *tag, size_t taglen) + unsigned char *out, size_t len, + unsigned char *tag, size_t taglen) { int rv; if (ctx->str != NULL) rv = CRYPTO_ccm128_encrypt_ccm64(&ctx->ccm_ctx, in, - out, len, ctx->str) == 0; + out, len, ctx->str) + == 0; else rv = CRYPTO_ccm128_encrypt(&ctx->ccm_ctx, in, out, len) == 0; @@ -46,14 +47,15 @@ int ossl_ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in, } int ossl_ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len, - unsigned char *expected_tag, size_t taglen) + unsigned char *out, size_t len, + unsigned char *expected_tag, size_t taglen) { int rv = 0; if (ctx->str != NULL) rv = CRYPTO_ccm128_decrypt_ccm64(&ctx->ccm_ctx, in, out, len, - ctx->str) == 0; + ctx->str) + == 0; else rv = CRYPTO_ccm128_decrypt(&ctx->ccm_ctx, in, out, len) == 0; if (rv) { diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c index 4ec73d5a6dba..6bace05f823f 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm.c +++ b/providers/implementations/ciphers/ciphercommon_gcm.c @@ -18,19 +18,19 @@ static int gcm_tls_init(PROV_GCM_CTX *dat, unsigned char *aad, size_t aad_len); static int gcm_tls_iv_set_fixed(PROV_GCM_CTX *ctx, unsigned char *iv, - size_t len); + size_t len); static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, - const unsigned char *in, size_t len); + const unsigned char *in, size_t len); static int gcm_cipher_internal(PROV_GCM_CTX *ctx, unsigned char *out, - size_t *padlen, const unsigned char *in, - size_t len); + size_t *padlen, const unsigned char *in, + size_t len); /* * Called from EVP_CipherInit when there is currently no context via * the new_ctx() function */ void ossl_gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits, - const PROV_GCM_HW *hw) + const PROV_GCM_HW *hw) { ctx->pad = 1; ctx->mode = EVP_CIPH_GCM_MODE; @@ -46,8 +46,8 @@ void ossl_gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits, * Called by EVP_CipherInit via the _einit and _dinit functions */ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[], int enc) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[], int enc) { PROV_GCM_CTX *ctx = (PROV_GCM_CTX *)vctx; @@ -79,15 +79,15 @@ static int gcm_init(void *vctx, const unsigned char *key, size_t keylen, } int ossl_gcm_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return gcm_init(vctx, key, keylen, iv, ivlen, params, 1); } int ossl_gcm_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) + const unsigned char *iv, size_t ivlen, + const OSSL_PARAM params[]) { return gcm_init(vctx, key, keylen, iv, ivlen, params, 0); } @@ -158,8 +158,7 @@ int ossl_gcm_get_ctx_params(void *vctx, OSSL_PARAM params[]) } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); if (p != NULL) { - size_t taglen = (ctx->taglen != UNINITIALISED_SIZET) ? ctx->taglen : - GCM_TAG_MAX_SIZE; + size_t taglen = (ctx->taglen != UNINITIALISED_SIZET) ? ctx->taglen : GCM_TAG_MAX_SIZE; if (!OSSL_PARAM_set_size_t(p, taglen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); @@ -302,12 +301,11 @@ int ossl_gcm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } - return 1; } int ossl_gcm_stream_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, size_t inl) + size_t outsize, const unsigned char *in, size_t inl) { PROV_GCM_CTX *ctx = (PROV_GCM_CTX *)vctx; @@ -329,7 +327,7 @@ int ossl_gcm_stream_update(void *vctx, unsigned char *out, size_t *outl, } int ossl_gcm_stream_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { PROV_GCM_CTX *ctx = (PROV_GCM_CTX *)vctx; int i; @@ -346,8 +344,8 @@ int ossl_gcm_stream_final(void *vctx, unsigned char *out, size_t *outl, } int ossl_gcm_cipher(void *vctx, - unsigned char *out, size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) + unsigned char *out, size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { PROV_GCM_CTX *ctx = (PROV_GCM_CTX *)vctx; @@ -391,8 +389,8 @@ static int gcm_iv_generate(PROV_GCM_CTX *ctx, int offset) } static int gcm_cipher_internal(PROV_GCM_CTX *ctx, unsigned char *out, - size_t *padlen, const unsigned char *in, - size_t len) + size_t *padlen, const unsigned char *in, + size_t len) { size_t olen = 0; int rv = 0; @@ -454,7 +452,7 @@ static int gcm_tls_init(PROV_GCM_CTX *dat, unsigned char *aad, size_t aad_len) size_t len; if (!ossl_prov_is_running() || aad_len != EVP_AEAD_TLS1_AAD_LEN) - return 0; + return 0; /* Save the aad for later use. */ buf = dat->buf; @@ -480,7 +478,7 @@ static int gcm_tls_init(PROV_GCM_CTX *dat, unsigned char *aad, size_t aad_len) } static int gcm_tls_iv_set_fixed(PROV_GCM_CTX *ctx, unsigned char *iv, - size_t len) + size_t len) { /* Special case: -1 length restores whole IV */ if (len == (size_t)-1) { @@ -492,12 +490,12 @@ static int gcm_tls_iv_set_fixed(PROV_GCM_CTX *ctx, unsigned char *iv, /* Fixed field must be at least 4 bytes and invocation field at least 8 */ if ((len < EVP_GCM_TLS_FIXED_IV_LEN) || (ctx->ivlen - (int)len) < EVP_GCM_TLS_EXPLICIT_IV_LEN) - return 0; + return 0; if (len > 0) memcpy(ctx->iv, iv, len); if (ctx->enc && RAND_bytes_ex(ctx->libctx, ctx->iv + len, ctx->ivlen - len, 0) <= 0) - return 0; + return 0; ctx->iv_gen = 1; ctx->iv_state = IV_STATE_BUFFERED; return 1; @@ -510,7 +508,7 @@ static int gcm_tls_iv_set_fixed(PROV_GCM_CTX *ctx, unsigned char *iv, * and verify tag. */ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { int rv = 0; size_t arg = EVP_GCM_TLS_EXPLICIT_IV_LEN; @@ -554,13 +552,13 @@ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, tag = ctx->enc ? out + len : (unsigned char *)in + len; if (!ctx->hw->oneshot(ctx, ctx->buf, ctx->tls_aad_len, in, len, out, tag, - EVP_GCM_TLS_TAG_LEN)) { + EVP_GCM_TLS_TAG_LEN)) { if (!ctx->enc) OPENSSL_cleanse(out, len); goto err; } if (ctx->enc) - plen = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; + plen = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN; else plen = len; diff --git a/providers/implementations/ciphers/ciphercommon_gcm_hw.c b/providers/implementations/ciphers/ciphercommon_gcm_hw.c index c0a7399640fd..807834da8719 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm_hw.c +++ b/providers/implementations/ciphers/ciphercommon_gcm_hw.c @@ -10,7 +10,6 @@ #include "prov/ciphercommon.h" #include "prov/ciphercommon_gcm.h" - int ossl_gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen) { CRYPTO_gcm128_setiv(&ctx->gcm, iv, ivlen); @@ -18,13 +17,13 @@ int ossl_gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen) } int ossl_gcm_aad_update(PROV_GCM_CTX *ctx, const unsigned char *aad, - size_t aad_len) + size_t aad_len) { return CRYPTO_gcm128_aad(&ctx->gcm, aad, aad_len) == 0; } int ossl_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in, - size_t len, unsigned char *out) + size_t len, unsigned char *out) { if (ctx->enc) { if (CRYPTO_gcm128_encrypt(&ctx->gcm, in, out, len)) @@ -49,8 +48,8 @@ int ossl_gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag) } int ossl_gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len, - const unsigned char *in, size_t in_len, - unsigned char *out, unsigned char *tag, size_t tag_len) + const unsigned char *in, size_t in_len, + unsigned char *out, unsigned char *tag, size_t tag_len) { int ret = 0; diff --git a/providers/implementations/ciphers/ciphercommon_hw.c b/providers/implementations/ciphers/ciphercommon_hw.c index e73416a1c5c8..a1e5d4a64ae0 100644 --- a/providers/implementations/ciphers/ciphercommon_hw.c +++ b/providers/implementations/ciphers/ciphercommon_hw.c @@ -14,10 +14,10 @@ * Used if there is no special hardware implementations. */ int ossl_cipher_hw_generic_cbc(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { if (dat->stream.cbc) - (*dat->stream.cbc) (in, out, len, dat->ks, dat->iv, dat->enc); + (*dat->stream.cbc)(in, out, len, dat->ks, dat->iv, dat->enc); else if (dat->enc) CRYPTO_cbc128_encrypt(in, out, len, dat->ks, dat->iv, dat->block); else @@ -27,7 +27,7 @@ int ossl_cipher_hw_generic_cbc(PROV_CIPHER_CTX *dat, unsigned char *out, } int ossl_cipher_hw_generic_ecb(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { size_t i, bl = dat->blocksize; @@ -35,18 +35,17 @@ int ossl_cipher_hw_generic_ecb(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; if (dat->stream.ecb) { - (*dat->stream.ecb) (in, out, len, dat->ks, dat->enc); - } - else { + (*dat->stream.ecb)(in, out, len, dat->ks, dat->enc); + } else { for (i = 0, len -= bl; i <= len; i += bl) - (*dat->block) (in + i, out + i, dat->ks); + (*dat->block)(in + i, out + i, dat->ks); } return 1; } int ossl_cipher_hw_generic_ofb128(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { int num = dat->num; @@ -57,51 +56,51 @@ int ossl_cipher_hw_generic_ofb128(PROV_CIPHER_CTX *dat, unsigned char *out, } int ossl_cipher_hw_generic_cfb128(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { int num = dat->num; CRYPTO_cfb128_encrypt(in, out, len, dat->ks, dat->iv, &num, dat->enc, - dat->block); + dat->block); dat->num = num; return 1; } int ossl_cipher_hw_generic_cfb8(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { int num = dat->num; CRYPTO_cfb128_8_encrypt(in, out, len, dat->ks, dat->iv, &num, dat->enc, - dat->block); + dat->block); dat->num = num; return 1; } int ossl_cipher_hw_generic_cfb1(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { int num = dat->num; if (dat->use_bits) { CRYPTO_cfb128_1_encrypt(in, out, len, dat->ks, dat->iv, &num, - dat->enc, dat->block); + dat->enc, dat->block); dat->num = num; return 1; } while (len >= MAXBITCHUNK) { CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, dat->ks, - dat->iv, &num, dat->enc, dat->block); + dat->iv, &num, dat->enc, dat->block); len -= MAXBITCHUNK; out += MAXBITCHUNK; - in += MAXBITCHUNK; + in += MAXBITCHUNK; } if (len) CRYPTO_cfb128_1_encrypt(in, out, len * 8, dat->ks, dat->iv, &num, - dat->enc, dat->block); + dat->enc, dat->block); dat->num = num; @@ -109,16 +108,16 @@ int ossl_cipher_hw_generic_cfb1(PROV_CIPHER_CTX *dat, unsigned char *out, } int ossl_cipher_hw_generic_ctr(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) + const unsigned char *in, size_t len) { unsigned int num = dat->num; if (dat->stream.ctr) CRYPTO_ctr128_encrypt_ctr32(in, out, len, dat->ks, dat->iv, dat->buf, - &num, dat->stream.ctr); + &num, dat->stream.ctr); else CRYPTO_ctr128_encrypt(in, out, len, dat->ks, dat->iv, dat->buf, - &num, dat->block); + &num, dat->block); dat->num = num; return 1; @@ -130,12 +129,12 @@ int ossl_cipher_hw_generic_ctr(PROV_CIPHER_CTX *dat, unsigned char *out, */ int ossl_cipher_hw_chunked_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { while (inl >= MAXCHUNK) { ossl_cipher_hw_generic_cbc(ctx, out, in, MAXCHUNK); inl -= MAXCHUNK; - in += MAXCHUNK; + in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) @@ -144,7 +143,7 @@ int ossl_cipher_hw_chunked_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, } int ossl_cipher_hw_chunked_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { size_t chunk = MAXCHUNK; @@ -162,7 +161,7 @@ int ossl_cipher_hw_chunked_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, } int ossl_cipher_hw_chunked_cfb128(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { size_t chunk = MAXCHUNK; @@ -180,12 +179,12 @@ int ossl_cipher_hw_chunked_cfb128(PROV_CIPHER_CTX *ctx, unsigned char *out, } int ossl_cipher_hw_chunked_ofb128(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) + const unsigned char *in, size_t inl) { while (inl >= MAXCHUNK) { ossl_cipher_hw_generic_ofb128(ctx, out, in, MAXCHUNK); inl -= MAXCHUNK; - in += MAXCHUNK; + in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) diff --git a/providers/implementations/ciphers/ciphercommon_local.h b/providers/implementations/ciphers/ciphercommon_local.h index 11cb6116a815..f142722f28b0 100644 --- a/providers/implementations/ciphers/ciphercommon_local.h +++ b/providers/implementations/ciphers/ciphercommon_local.h @@ -12,5 +12,5 @@ void ossl_cipher_padblock(unsigned char *buf, size_t *buflen, size_t blocksize); int ossl_cipher_unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize); int ossl_cipher_tlsunpadblock(OSSL_LIB_CTX *libctx, unsigned int tlsversion, - unsigned char *buf, size_t *buflen, size_t blocksize, - unsigned char **mac, int *alloced, size_t macsize, int aead); + unsigned char *buf, size_t *buflen, size_t blocksize, + unsigned char **mac, int *alloced, size_t macsize, int aead); diff --git a/providers/implementations/digests/blake2_impl.h b/providers/implementations/digests/blake2_impl.h index e7c31474a364..dd10beae4058 100644 --- a/providers/implementations/digests/blake2_impl.h +++ b/providers/implementations/digests/blake2_impl.h @@ -27,9 +27,9 @@ static ossl_inline uint32_t load32(const uint8_t *src) return w; } else { uint32_t w = ((uint32_t)src[0]) - | ((uint32_t)src[1] << 8) - | ((uint32_t)src[2] << 16) - | ((uint32_t)src[3] << 24); + | ((uint32_t)src[1] << 8) + | ((uint32_t)src[2] << 16) + | ((uint32_t)src[3] << 24); return w; } } @@ -44,13 +44,13 @@ static ossl_inline uint64_t load64(const uint8_t *src) return w; } else { uint64_t w = ((uint64_t)src[0]) - | ((uint64_t)src[1] << 8) - | ((uint64_t)src[2] << 16) - | ((uint64_t)src[3] << 24) - | ((uint64_t)src[4] << 32) - | ((uint64_t)src[5] << 40) - | ((uint64_t)src[6] << 48) - | ((uint64_t)src[7] << 56); + | ((uint64_t)src[1] << 8) + | ((uint64_t)src[2] << 16) + | ((uint64_t)src[3] << 24) + | ((uint64_t)src[4] << 32) + | ((uint64_t)src[5] << 40) + | ((uint64_t)src[6] << 48) + | ((uint64_t)src[7] << 56); return w; } } @@ -88,11 +88,11 @@ static ossl_inline void store64(uint8_t *dst, uint64_t w) static ossl_inline uint64_t load48(const uint8_t *src) { uint64_t w = ((uint64_t)src[0]) - | ((uint64_t)src[1] << 8) - | ((uint64_t)src[2] << 16) - | ((uint64_t)src[3] << 24) - | ((uint64_t)src[4] << 32) - | ((uint64_t)src[5] << 40); + | ((uint64_t)src[1] << 8) + | ((uint64_t)src[2] << 16) + | ((uint64_t)src[3] << 24) + | ((uint64_t)src[4] << 32) + | ((uint64_t)src[5] << 40); return w; } @@ -100,11 +100,11 @@ static ossl_inline void store48(uint8_t *dst, uint64_t w) { uint8_t *p = (uint8_t *)dst; p[0] = (uint8_t)w; - p[1] = (uint8_t)(w>>8); - p[2] = (uint8_t)(w>>16); - p[3] = (uint8_t)(w>>24); - p[4] = (uint8_t)(w>>32); - p[5] = (uint8_t)(w>>40); + p[1] = (uint8_t)(w >> 8); + p[2] = (uint8_t)(w >> 16); + p[3] = (uint8_t)(w >> 24); + p[4] = (uint8_t)(w >> 32); + p[5] = (uint8_t)(w >> 40); } static ossl_inline uint32_t rotr32(const uint32_t w, const unsigned int c) diff --git a/providers/implementations/digests/blake2_prov.c b/providers/implementations/digests/blake2_prov.c index 25342eedb832..019ffd6eefdb 100644 --- a/providers/implementations/digests/blake2_prov.c +++ b/providers/implementations/digests/blake2_prov.c @@ -30,12 +30,12 @@ int ossl_blake2b512_init(void *ctx) /* ossl_blake2s256_functions */ IMPLEMENT_digest_functions(blake2s256, BLAKE2S_CTX, - BLAKE2S_BLOCKBYTES, BLAKE2S_DIGEST_LENGTH, 0, - ossl_blake2s256_init, ossl_blake2s_update, - ossl_blake2s_final) + BLAKE2S_BLOCKBYTES, BLAKE2S_DIGEST_LENGTH, 0, + ossl_blake2s256_init, ossl_blake2s_update, + ossl_blake2s_final) /* ossl_blake2b512_functions */ IMPLEMENT_digest_functions(blake2b512, BLAKE2B_CTX, - BLAKE2B_BLOCKBYTES, BLAKE2B_DIGEST_LENGTH, 0, - ossl_blake2b512_init, ossl_blake2b_update, - ossl_blake2b_final) + BLAKE2B_BLOCKBYTES, BLAKE2B_DIGEST_LENGTH, 0, + ossl_blake2b512_init, ossl_blake2b_update, + ossl_blake2b_final) diff --git a/providers/implementations/digests/blake2b_prov.c b/providers/implementations/digests/blake2b_prov.c index 44e0740745e8..520189057c23 100644 --- a/providers/implementations/digests/blake2b_prov.c +++ b/providers/implementations/digests/blake2b_prov.c @@ -20,28 +20,26 @@ #include "blake2_impl.h" #include "prov/blake2.h" -static const uint64_t blake2b_IV[8] = -{ +static const uint64_t blake2b_IV[8] = { 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL }; -static const uint8_t blake2b_sigma[12][16] = -{ - { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , - { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , - { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , - { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , - { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , - { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , - { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , - { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , - { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , - { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , - { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , - { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } +static const uint8_t blake2b_sigma[12][16] = { + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, + { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, + { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, + { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, + { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, + { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, + { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, + { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, + { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 }, + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } }; /* Set that it's the last block we'll compress */ @@ -83,15 +81,15 @@ static void blake2b_init_param(BLAKE2B_CTX *S, const BLAKE2B_PARAM *P) void ossl_blake2b_param_init(BLAKE2B_PARAM *P) { P->digest_length = BLAKE2B_DIGEST_LENGTH; - P->key_length = 0; - P->fanout = 1; - P->depth = 1; + P->key_length = 0; + P->fanout = 1; + P->depth = 1; store32(P->leaf_length, 0); store64(P->node_offset, 0); - P->node_depth = 0; - P->inner_length = 0; + P->node_depth = 0; + P->inner_length = 0; memset(P->reserved, 0, sizeof(P->reserved)); - memset(P->salt, 0, sizeof(P->salt)); + memset(P->salt, 0, sizeof(P->salt)); memset(P->personal, 0, sizeof(P->personal)); } @@ -106,14 +104,14 @@ void ossl_blake2b_param_set_key_length(BLAKE2B_PARAM *P, uint8_t keylen) } void ossl_blake2b_param_set_personal(BLAKE2B_PARAM *P, const uint8_t *personal, - size_t len) + size_t len) { memcpy(P->personal, personal, len); memset(P->personal + len, 0, BLAKE2B_PERSONALBYTES - len); } void ossl_blake2b_param_set_salt(BLAKE2B_PARAM *P, const uint8_t *salt, - size_t len) + size_t len) { memcpy(P->salt, salt, len); memset(P->salt + len, 0, BLAKE2B_SALTBYTES - len); @@ -134,13 +132,13 @@ int ossl_blake2b_init(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P) * Always returns 1. */ int ossl_blake2b_init_key(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P, - const void *key) + const void *key) { blake2b_init_param(c, P); /* Pad the key to form first data block */ { - uint8_t block[BLAKE2B_BLOCKBYTES] = {0}; + uint8_t block[BLAKE2B_BLOCKBYTES] = { 0 }; memcpy(block, key, P->key_length); ossl_blake2b_update(c, block, BLAKE2B_BLOCKBYTES); @@ -152,8 +150,8 @@ int ossl_blake2b_init_key(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P, /* Permute the state while xoring in the block of data. */ static void blake2b_compress(BLAKE2B_CTX *S, - const uint8_t *blocks, - size_t len) + const uint8_t *blocks, + size_t len) { uint64_t m[16]; uint64_t v[16]; @@ -194,36 +192,36 @@ static void blake2b_compress(BLAKE2B_CTX *S, S->t[0] += increment; S->t[1] += (S->t[0] < increment); - v[8] = blake2b_IV[0]; - v[9] = blake2b_IV[1]; + v[8] = blake2b_IV[0]; + v[9] = blake2b_IV[1]; v[10] = blake2b_IV[2]; v[11] = blake2b_IV[3]; v[12] = S->t[0] ^ blake2b_IV[4]; v[13] = S->t[1] ^ blake2b_IV[5]; v[14] = S->f[0] ^ blake2b_IV[6]; v[15] = S->f[1] ^ blake2b_IV[7]; -#define G(r,i,a,b,c,d) \ - do { \ - a = a + b + m[blake2b_sigma[r][2*i+0]]; \ - d = rotr64(d ^ a, 32); \ - c = c + d; \ - b = rotr64(b ^ c, 24); \ - a = a + b + m[blake2b_sigma[r][2*i+1]]; \ - d = rotr64(d ^ a, 16); \ - c = c + d; \ - b = rotr64(b ^ c, 63); \ - } while (0) -#define ROUND(r) \ - do { \ - G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ - G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ - G(r,2,v[ 2],v[ 6],v[10],v[14]); \ - G(r,3,v[ 3],v[ 7],v[11],v[15]); \ - G(r,4,v[ 0],v[ 5],v[10],v[15]); \ - G(r,5,v[ 1],v[ 6],v[11],v[12]); \ - G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ - G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ - } while (0) +#define G(r, i, a, b, c, d) \ + do { \ + a = a + b + m[blake2b_sigma[r][2 * i + 0]]; \ + d = rotr64(d ^ a, 32); \ + c = c + d; \ + b = rotr64(b ^ c, 24); \ + a = a + b + m[blake2b_sigma[r][2 * i + 1]]; \ + d = rotr64(d ^ a, 16); \ + c = c + d; \ + b = rotr64(b ^ c, 63); \ + } while (0) +#define ROUND(r) \ + do { \ + G(r, 0, v[0], v[4], v[8], v[12]); \ + G(r, 1, v[1], v[5], v[9], v[13]); \ + G(r, 2, v[2], v[6], v[10], v[14]); \ + G(r, 3, v[3], v[7], v[11], v[15]); \ + G(r, 4, v[0], v[5], v[10], v[15]); \ + G(r, 5, v[1], v[6], v[11], v[12]); \ + G(r, 6, v[2], v[7], v[8], v[13]); \ + G(r, 7, v[3], v[4], v[9], v[14]); \ + } while (0) #if defined(OPENSSL_SMALL_FOOTPRINT) /* 3x size reduction on x86_64, almost 7x on ARMv8, 9x on ARMv4 */ for (i = 0; i < 12; i++) { @@ -305,7 +303,7 @@ int ossl_blake2b_update(BLAKE2B_CTX *c, const void *data, size_t datalen) */ int ossl_blake2b_final(unsigned char *md, BLAKE2B_CTX *c) { - uint8_t outbuffer[BLAKE2B_OUTBYTES] = {0}; + uint8_t outbuffer[BLAKE2B_OUTBYTES] = { 0 }; uint8_t *target = outbuffer; int iter = (c->outlen + 7) / 8; int i; diff --git a/providers/implementations/digests/blake2s_prov.c b/providers/implementations/digests/blake2s_prov.c index 72cab1e9a12e..9190c3eb2ab5 100644 --- a/providers/implementations/digests/blake2s_prov.c +++ b/providers/implementations/digests/blake2s_prov.c @@ -20,24 +20,22 @@ #include "blake2_impl.h" #include "prov/blake2.h" -static const uint32_t blake2s_IV[8] = -{ +static const uint32_t blake2s_IV[8] = { 0x6A09E667U, 0xBB67AE85U, 0x3C6EF372U, 0xA54FF53AU, 0x510E527FU, 0x9B05688CU, 0x1F83D9ABU, 0x5BE0CD19U }; -static const uint8_t blake2s_sigma[10][16] = -{ - { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , - { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , - { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , - { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , - { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , - { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , - { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , - { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , - { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , - { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , +static const uint8_t blake2s_sigma[10][16] = { + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, + { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, + { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, + { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, + { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, + { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, + { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, + { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, + { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 }, }; /* Set that it's the last block we'll compress */ @@ -71,21 +69,21 @@ static void blake2s_init_param(BLAKE2S_CTX *S, const BLAKE2S_PARAM *P) assert(sizeof(BLAKE2S_PARAM) == 32); /* IV XOR ParamBlock */ for (i = 0; i < 8; ++i) { - S->h[i] ^= load32(&p[i*4]); + S->h[i] ^= load32(&p[i * 4]); } } void ossl_blake2s_param_init(BLAKE2S_PARAM *P) { P->digest_length = BLAKE2S_DIGEST_LENGTH; - P->key_length = 0; - P->fanout = 1; - P->depth = 1; + P->key_length = 0; + P->fanout = 1; + P->depth = 1; store32(P->leaf_length, 0); store48(P->node_offset, 0); - P->node_depth = 0; - P->inner_length = 0; - memset(P->salt, 0, sizeof(P->salt)); + P->node_depth = 0; + P->inner_length = 0; + memset(P->salt, 0, sizeof(P->salt)); memset(P->personal, 0, sizeof(P->personal)); } @@ -100,17 +98,18 @@ void ossl_blake2s_param_set_key_length(BLAKE2S_PARAM *P, uint8_t keylen) } void ossl_blake2s_param_set_personal(BLAKE2S_PARAM *P, const uint8_t *personal, - size_t len) + size_t len) { memcpy(P->personal, personal, len); memset(P->personal + len, 0, BLAKE2S_PERSONALBYTES - len); } void ossl_blake2s_param_set_salt(BLAKE2S_PARAM *P, const uint8_t *salt, - size_t len) + size_t len) { memcpy(P->salt, salt, len); - memset(P->salt + len, 0, BLAKE2S_SALTBYTES - len);} + memset(P->salt + len, 0, BLAKE2S_SALTBYTES - len); +} /* * Initialize the hashing context with the given parameter block. @@ -127,13 +126,13 @@ int ossl_blake2s_init(BLAKE2S_CTX *c, const BLAKE2S_PARAM *P) * Always returns 1. */ int ossl_blake2s_init_key(BLAKE2S_CTX *c, const BLAKE2S_PARAM *P, - const void *key) + const void *key) { blake2s_init_param(c, P); /* Pad the key to form first data block */ { - uint8_t block[BLAKE2S_BLOCKBYTES] = {0}; + uint8_t block[BLAKE2S_BLOCKBYTES] = { 0 }; memcpy(block, key, P->key_length); ossl_blake2s_update(c, block, BLAKE2S_BLOCKBYTES); @@ -145,8 +144,8 @@ int ossl_blake2s_init_key(BLAKE2S_CTX *c, const BLAKE2S_PARAM *P, /* Permute the state while xoring in the block of data. */ static void blake2s_compress(BLAKE2S_CTX *S, - const uint8_t *blocks, - size_t len) + const uint8_t *blocks, + size_t len) { uint32_t m[16]; uint32_t v[16]; @@ -187,36 +186,36 @@ static void blake2s_compress(BLAKE2S_CTX *S, S->t[0] += increment; S->t[1] += (S->t[0] < increment); - v[ 8] = blake2s_IV[0]; - v[ 9] = blake2s_IV[1]; + v[8] = blake2s_IV[0]; + v[9] = blake2s_IV[1]; v[10] = blake2s_IV[2]; v[11] = blake2s_IV[3]; v[12] = S->t[0] ^ blake2s_IV[4]; v[13] = S->t[1] ^ blake2s_IV[5]; v[14] = S->f[0] ^ blake2s_IV[6]; v[15] = S->f[1] ^ blake2s_IV[7]; -#define G(r,i,a,b,c,d) \ - do { \ - a = a + b + m[blake2s_sigma[r][2*i+0]]; \ - d = rotr32(d ^ a, 16); \ - c = c + d; \ - b = rotr32(b ^ c, 12); \ - a = a + b + m[blake2s_sigma[r][2*i+1]]; \ - d = rotr32(d ^ a, 8); \ - c = c + d; \ - b = rotr32(b ^ c, 7); \ - } while (0) -#define ROUND(r) \ - do { \ - G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ - G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ - G(r,2,v[ 2],v[ 6],v[10],v[14]); \ - G(r,3,v[ 3],v[ 7],v[11],v[15]); \ - G(r,4,v[ 0],v[ 5],v[10],v[15]); \ - G(r,5,v[ 1],v[ 6],v[11],v[12]); \ - G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ - G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ - } while (0) +#define G(r, i, a, b, c, d) \ + do { \ + a = a + b + m[blake2s_sigma[r][2 * i + 0]]; \ + d = rotr32(d ^ a, 16); \ + c = c + d; \ + b = rotr32(b ^ c, 12); \ + a = a + b + m[blake2s_sigma[r][2 * i + 1]]; \ + d = rotr32(d ^ a, 8); \ + c = c + d; \ + b = rotr32(b ^ c, 7); \ + } while (0) +#define ROUND(r) \ + do { \ + G(r, 0, v[0], v[4], v[8], v[12]); \ + G(r, 1, v[1], v[5], v[9], v[13]); \ + G(r, 2, v[2], v[6], v[10], v[14]); \ + G(r, 3, v[3], v[7], v[11], v[15]); \ + G(r, 4, v[0], v[5], v[10], v[15]); \ + G(r, 5, v[1], v[6], v[11], v[12]); \ + G(r, 6, v[2], v[7], v[8], v[13]); \ + G(r, 7, v[3], v[4], v[9], v[14]); \ + } while (0) #if defined(OPENSSL_SMALL_FOOTPRINT) /* almost 3x reduction on x86_64, 4.5x on ARMv8, 4x on ARMv4 */ for (i = 0; i < 10; i++) { @@ -296,7 +295,7 @@ int ossl_blake2s_update(BLAKE2S_CTX *c, const void *data, size_t datalen) */ int ossl_blake2s_final(unsigned char *md, BLAKE2S_CTX *c) { - uint8_t outbuffer[BLAKE2S_OUTBYTES] = {0}; + uint8_t outbuffer[BLAKE2S_OUTBYTES] = { 0 }; uint8_t *target = outbuffer; int iter = (c->outlen + 3) / 4; int i; diff --git a/providers/implementations/digests/digestcommon.c b/providers/implementations/digests/digestcommon.c index 5cd1d1620062..f385dc4931ff 100644 --- a/providers/implementations/digests/digestcommon.c +++ b/providers/implementations/digests/digestcommon.c @@ -12,7 +12,7 @@ #include "prov/digestcommon.h" int ossl_digest_default_get_params(OSSL_PARAM params[], size_t blksz, - size_t paramsz, unsigned long flags) + size_t paramsz, unsigned long flags) { OSSL_PARAM *p = NULL; diff --git a/providers/implementations/digests/md2_prov.c b/providers/implementations/digests/md2_prov.c index a41a02c19890..a2ac9db2a641 100644 --- a/providers/implementations/digests/md2_prov.c +++ b/providers/implementations/digests/md2_prov.c @@ -20,5 +20,5 @@ /* ossl_md2_functions */ IMPLEMENT_digest_functions(md2, MD2_CTX, - MD2_BLOCK, MD2_DIGEST_LENGTH, 0, - MD2_Init, MD2_Update, MD2_Final) + MD2_BLOCK, MD2_DIGEST_LENGTH, 0, + MD2_Init, MD2_Update, MD2_Final) diff --git a/providers/implementations/digests/md4_prov.c b/providers/implementations/digests/md4_prov.c index 97f73018c275..eb9201a1165e 100644 --- a/providers/implementations/digests/md4_prov.c +++ b/providers/implementations/digests/md4_prov.c @@ -20,5 +20,5 @@ /* ossl_md4_functions */ IMPLEMENT_digest_functions(md4, MD4_CTX, - MD4_CBLOCK, MD4_DIGEST_LENGTH, 0, - MD4_Init, MD4_Update, MD4_Final) + MD4_CBLOCK, MD4_DIGEST_LENGTH, 0, + MD4_Init, MD4_Update, MD4_Final) diff --git a/providers/implementations/digests/md5_prov.c b/providers/implementations/digests/md5_prov.c index a330e057f547..82eb842d4724 100644 --- a/providers/implementations/digests/md5_prov.c +++ b/providers/implementations/digests/md5_prov.c @@ -20,5 +20,5 @@ /* ossl_md5_functions */ IMPLEMENT_digest_functions(md5, MD5_CTX, - MD5_CBLOCK, MD5_DIGEST_LENGTH, 0, - MD5_Init, MD5_Update, MD5_Final) + MD5_CBLOCK, MD5_DIGEST_LENGTH, 0, + MD5_Init, MD5_Update, MD5_Final) diff --git a/providers/implementations/digests/md5_sha1_prov.c b/providers/implementations/digests/md5_sha1_prov.c index e7b8389b2b5c..716401449db1 100644 --- a/providers/implementations/digests/md5_sha1_prov.c +++ b/providers/implementations/digests/md5_sha1_prov.c @@ -26,12 +26,12 @@ static OSSL_FUNC_digest_set_ctx_params_fn md5_sha1_set_ctx_params; static OSSL_FUNC_digest_settable_ctx_params_fn md5_sha1_settable_ctx_params; static const OSSL_PARAM known_md5_sha1_settable_ctx_params[] = { - {OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0}, + { OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0 }, OSSL_PARAM_END }; static const OSSL_PARAM *md5_sha1_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_md5_sha1_settable_ctx_params; } @@ -50,7 +50,7 @@ static int md5_sha1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_DIGEST_PARAM_SSL3_MS); if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) return ossl_md5_sha1_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, - p->data_size, p->data); + p->data_size, p->data); return 1; } diff --git a/providers/implementations/digests/mdc2_prov.c b/providers/implementations/digests/mdc2_prov.c index de39f8a10482..e71fcc753b14 100644 --- a/providers/implementations/digests/mdc2_prov.c +++ b/providers/implementations/digests/mdc2_prov.c @@ -31,7 +31,7 @@ static const OSSL_PARAM known_mdc2_settable_ctx_params[] = { }; static const OSSL_PARAM *mdc2_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_mdc2_settable_ctx_params; } diff --git a/providers/implementations/digests/null_prov.c b/providers/implementations/digests/null_prov.c index b220a1966ff7..801ec76c0d71 100644 --- a/providers/implementations/digests/null_prov.c +++ b/providers/implementations/digests/null_prov.c @@ -35,18 +35,18 @@ static int null_final(unsigned char *md, NULLMD_CTX *ctx) * and that would cause compilation warnings with the default implementation. */ #undef PROV_FUNC_DIGEST_FINAL -#define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ -static OSSL_FUNC_digest_final_fn name##_internal_final; \ -static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ - size_t outsz) \ -{ \ - if (ossl_prov_is_running() && fin(out, ctx)) { \ - *outl = dgstsize; \ - return 1; \ - } \ - return 0; \ -} +#define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ + static OSSL_FUNC_digest_final_fn name##_internal_final; \ + static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ + size_t outsz) \ + { \ + if (ossl_prov_is_running() && fin(out, ctx)) { \ + *outl = dgstsize; \ + return 1; \ + } \ + return 0; \ + } IMPLEMENT_digest_functions(nullmd, NULLMD_CTX, - 0, 0, 0, - null_init, null_update, null_final) + 0, 0, 0, + null_init, null_update, null_final) diff --git a/providers/implementations/digests/ripemd_prov.c b/providers/implementations/digests/ripemd_prov.c index 526706c06dcc..3787010bddae 100644 --- a/providers/implementations/digests/ripemd_prov.c +++ b/providers/implementations/digests/ripemd_prov.c @@ -20,5 +20,5 @@ /* ossl_ripemd160_functions */ IMPLEMENT_digest_functions(ripemd160, RIPEMD160_CTX, - RIPEMD160_CBLOCK, RIPEMD160_DIGEST_LENGTH, 0, - RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final) + RIPEMD160_CBLOCK, RIPEMD160_DIGEST_LENGTH, 0, + RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final) diff --git a/providers/implementations/digests/sha2_prov.c b/providers/implementations/digests/sha2_prov.c index 3b731796bdc4..b682a90caa2b 100644 --- a/providers/implementations/digests/sha2_prov.c +++ b/providers/implementations/digests/sha2_prov.c @@ -30,11 +30,11 @@ static OSSL_FUNC_digest_set_ctx_params_fn sha1_set_ctx_params; static OSSL_FUNC_digest_settable_ctx_params_fn sha1_settable_ctx_params; static const OSSL_PARAM known_sha1_settable_ctx_params[] = { - {OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0}, + { OSSL_DIGEST_PARAM_SSL3_MS, OSSL_PARAM_OCTET_STRING, NULL, 0, 0 }, OSSL_PARAM_END }; static const OSSL_PARAM *sha1_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_sha1_settable_ctx_params; } @@ -53,7 +53,7 @@ static int sha1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_DIGEST_PARAM_SSL3_MS); if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) return ossl_sha1_ctrl(ctx, EVP_CTRL_SSL3_MASTER_SECRET, - p->data_size, p->data); + p->data_size, p->data); return 1; } @@ -65,31 +65,30 @@ IMPLEMENT_digest_functions_with_settable_ctx( /* ossl_sha224_functions */ IMPLEMENT_digest_functions(sha224, SHA256_CTX, - SHA256_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS, - SHA224_Init, SHA224_Update, SHA224_Final) + SHA256_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS, + SHA224_Init, SHA224_Update, SHA224_Final) /* ossl_sha256_functions */ IMPLEMENT_digest_functions(sha256, SHA256_CTX, - SHA256_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS, - SHA256_Init, SHA256_Update, SHA256_Final) + SHA256_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS, + SHA256_Init, SHA256_Update, SHA256_Final) /* ossl_sha384_functions */ IMPLEMENT_digest_functions(sha384, SHA512_CTX, - SHA512_CBLOCK, SHA384_DIGEST_LENGTH, SHA2_FLAGS, - SHA384_Init, SHA384_Update, SHA384_Final) + SHA512_CBLOCK, SHA384_DIGEST_LENGTH, SHA2_FLAGS, + SHA384_Init, SHA384_Update, SHA384_Final) /* ossl_sha512_functions */ IMPLEMENT_digest_functions(sha512, SHA512_CTX, - SHA512_CBLOCK, SHA512_DIGEST_LENGTH, SHA2_FLAGS, - SHA512_Init, SHA512_Update, SHA512_Final) + SHA512_CBLOCK, SHA512_DIGEST_LENGTH, SHA2_FLAGS, + SHA512_Init, SHA512_Update, SHA512_Final) /* ossl_sha512_224_functions */ IMPLEMENT_digest_functions(sha512_224, SHA512_CTX, - SHA512_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS, - sha512_224_init, SHA512_Update, SHA512_Final) + SHA512_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS, + sha512_224_init, SHA512_Update, SHA512_Final) /* ossl_sha512_256_functions */ IMPLEMENT_digest_functions(sha512_256, SHA512_CTX, - SHA512_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS, - sha512_256_init, SHA512_Update, SHA512_Final) - + SHA512_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS, + sha512_256_init, SHA512_Update, SHA512_Final) diff --git a/providers/implementations/digests/sha3_prov.c b/providers/implementations/digests/sha3_prov.c index f6358e62562e..fddee11ecc54 100644 --- a/providers/implementations/digests/sha3_prov.c +++ b/providers/implementations/digests/sha3_prov.c @@ -42,11 +42,10 @@ static sha3_final_fn generic_sha3_final; /* * IBM S390X support */ -# include "s390x_arch.h" -# define S390_SHA3 1 -# define S390_SHA3_CAPABLE(name) \ - ((OPENSSL_s390xcap_P.kimd[0] & S390X_CAPBIT(S390X_##name)) && \ - (OPENSSL_s390xcap_P.klmd[0] & S390X_CAPBIT(S390X_##name))) +#include "s390x_arch.h" +#define S390_SHA3 1 +#define S390_SHA3_CAPABLE(name) \ + ((OPENSSL_s390xcap_P.kimd[0] & S390X_CAPBIT(S390X_##name)) && (OPENSSL_s390xcap_P.klmd[0] & S390X_CAPBIT(S390X_##name))) #endif @@ -62,7 +61,7 @@ static int keccak_init(void *vctx, ossl_unused const OSSL_PARAM params[]) static int keccak_init_params(void *vctx, const OSSL_PARAM params[]) { return keccak_init(vctx, NULL) - && shake_set_ctx_params(vctx, params); + && shake_set_ctx_params(vctx, params); } static int keccak_update(void *vctx, const unsigned char *inp, size_t len) @@ -103,7 +102,7 @@ static int keccak_update(void *vctx, const unsigned char *inp, size_t len) } static int keccak_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsz) + size_t outsz) { int ret = 1; KECCAK1600_CTX *ctx = vctx; @@ -132,8 +131,7 @@ static int generic_sha3_final(unsigned char *md, void *vctx) return ossl_sha3_final(md, (KECCAK1600_CTX *)vctx); } -static PROV_SHA3_METHOD sha3_generic_md = -{ +static PROV_SHA3_METHOD sha3_generic_md = { generic_sha3_absorb, generic_sha3_final }; @@ -177,92 +175,90 @@ static int s390x_shake_final(unsigned char *md, void *vctx) return 1; } -static PROV_SHA3_METHOD sha3_s390x_md = -{ +static PROV_SHA3_METHOD sha3_s390x_md = { s390x_sha3_absorb, s390x_sha3_final }; -static PROV_SHA3_METHOD shake_s390x_md = -{ +static PROV_SHA3_METHOD shake_s390x_md = { s390x_sha3_absorb, s390x_shake_final }; -# define SHA3_SET_MD(uname, typ) \ - if (S390_SHA3_CAPABLE(uname)) { \ - ctx->pad = S390X_##uname; \ - ctx->meth = typ##_s390x_md; \ - } else { \ - ctx->meth = sha3_generic_md; \ +#define SHA3_SET_MD(uname, typ) \ + if (S390_SHA3_CAPABLE(uname)) { \ + ctx->pad = S390X_##uname; \ + ctx->meth = typ##_s390x_md; \ + } else { \ + ctx->meth = sha3_generic_md; \ } #else -# define SHA3_SET_MD(uname, typ) ctx->meth = sha3_generic_md; +#define SHA3_SET_MD(uname, typ) ctx->meth = sha3_generic_md; #endif /* S390_SHA3 */ -#define SHA3_newctx(typ, uname, name, bitlen, pad) \ -static OSSL_FUNC_digest_newctx_fn name##_newctx; \ -static void *name##_newctx(void *provctx) \ -{ \ - KECCAK1600_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) \ - : NULL; \ - \ - if (ctx == NULL) \ - return NULL; \ - ossl_sha3_init(ctx, pad, bitlen); \ - SHA3_SET_MD(uname, typ) \ - return ctx; \ -} +#define SHA3_newctx(typ, uname, name, bitlen, pad) \ + static OSSL_FUNC_digest_newctx_fn name##_newctx; \ + static void *name##_newctx(void *provctx) \ + { \ + KECCAK1600_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) \ + : NULL; \ + \ + if (ctx == NULL) \ + return NULL; \ + ossl_sha3_init(ctx, pad, bitlen); \ + SHA3_SET_MD(uname, typ) \ + return ctx; \ + } -#define KMAC_newctx(uname, bitlen, pad) \ -static OSSL_FUNC_digest_newctx_fn uname##_newctx; \ -static void *uname##_newctx(void *provctx) \ -{ \ - KECCAK1600_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) \ - : NULL; \ - \ - if (ctx == NULL) \ - return NULL; \ - ossl_keccak_kmac_init(ctx, pad, bitlen); \ - ctx->meth = sha3_generic_md; \ - return ctx; \ -} +#define KMAC_newctx(uname, bitlen, pad) \ + static OSSL_FUNC_digest_newctx_fn uname##_newctx; \ + static void *uname##_newctx(void *provctx) \ + { \ + KECCAK1600_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) \ + : NULL; \ + \ + if (ctx == NULL) \ + return NULL; \ + ossl_keccak_kmac_init(ctx, pad, bitlen); \ + ctx->meth = sha3_generic_md; \ + return ctx; \ + } -#define PROV_FUNC_SHA3_DIGEST_COMMON(name, bitlen, blksize, dgstsize, flags) \ -PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ -const OSSL_DISPATCH ossl_##name##_functions[] = { \ - { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \ - { OSSL_FUNC_DIGEST_UPDATE, (void (*)(void))keccak_update }, \ - { OSSL_FUNC_DIGEST_FINAL, (void (*)(void))keccak_final }, \ - { OSSL_FUNC_DIGEST_FREECTX, (void (*)(void))keccak_freectx }, \ - { OSSL_FUNC_DIGEST_DUPCTX, (void (*)(void))keccak_dupctx }, \ - PROV_DISPATCH_FUNC_DIGEST_GET_PARAMS(name) +#define PROV_FUNC_SHA3_DIGEST_COMMON(name, bitlen, blksize, dgstsize, flags) \ + PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ + const OSSL_DISPATCH ossl_##name##_functions[] = { \ + { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \ + { OSSL_FUNC_DIGEST_UPDATE, (void (*)(void))keccak_update }, \ + { OSSL_FUNC_DIGEST_FINAL, (void (*)(void))keccak_final }, \ + { OSSL_FUNC_DIGEST_FREECTX, (void (*)(void))keccak_freectx }, \ + { OSSL_FUNC_DIGEST_DUPCTX, (void (*)(void))keccak_dupctx }, \ + PROV_DISPATCH_FUNC_DIGEST_GET_PARAMS(name) -#define PROV_FUNC_SHA3_DIGEST(name, bitlen, blksize, dgstsize, flags) \ - PROV_FUNC_SHA3_DIGEST_COMMON(name, bitlen, blksize, dgstsize, flags), \ - { OSSL_FUNC_DIGEST_INIT, (void (*)(void))keccak_init }, \ - PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END +#define PROV_FUNC_SHA3_DIGEST(name, bitlen, blksize, dgstsize, flags) \ + PROV_FUNC_SHA3_DIGEST_COMMON(name, bitlen, blksize, dgstsize, flags), \ + { OSSL_FUNC_DIGEST_INIT, (void (*)(void))keccak_init }, \ + PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END -#define PROV_FUNC_SHAKE_DIGEST(name, bitlen, blksize, dgstsize, flags) \ - PROV_FUNC_SHA3_DIGEST_COMMON(name, bitlen, blksize, dgstsize, flags), \ - { OSSL_FUNC_DIGEST_INIT, (void (*)(void))keccak_init_params }, \ - { OSSL_FUNC_DIGEST_SET_CTX_PARAMS, (void (*)(void))shake_set_ctx_params }, \ - { OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS, \ - (void (*)(void))shake_settable_ctx_params }, \ - PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END +#define PROV_FUNC_SHAKE_DIGEST(name, bitlen, blksize, dgstsize, flags) \ + PROV_FUNC_SHA3_DIGEST_COMMON(name, bitlen, blksize, dgstsize, flags), \ + { OSSL_FUNC_DIGEST_INIT, (void (*)(void))keccak_init_params }, \ + { OSSL_FUNC_DIGEST_SET_CTX_PARAMS, (void (*)(void))shake_set_ctx_params }, \ + { OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS, \ + (void (*)(void))shake_settable_ctx_params }, \ + PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END static void keccak_freectx(void *vctx) { KECCAK1600_CTX *ctx = (KECCAK1600_CTX *)vctx; - OPENSSL_clear_free(ctx, sizeof(*ctx)); + OPENSSL_clear_free(ctx, sizeof(*ctx)); } static void *keccak_dupctx(void *ctx) { KECCAK1600_CTX *in = (KECCAK1600_CTX *)ctx; KECCAK1600_CTX *ret = ossl_prov_is_running() ? OPENSSL_malloc(sizeof(*ret)) - : NULL; + : NULL; if (ret != NULL) *ret = *in; @@ -270,11 +266,11 @@ static void *keccak_dupctx(void *ctx) } static const OSSL_PARAM known_shake_settable_ctx_params[] = { - {OSSL_DIGEST_PARAM_XOFLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0, 0}, + { OSSL_DIGEST_PARAM_XOFLEN, OSSL_PARAM_UNSIGNED_INTEGER, NULL, 0, 0 }, OSSL_PARAM_END }; static const OSSL_PARAM *shake_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_shake_settable_ctx_params; } @@ -297,22 +293,22 @@ static int shake_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -#define IMPLEMENT_SHA3_functions(bitlen) \ - SHA3_newctx(sha3, SHA3_##bitlen, sha3_##bitlen, bitlen, '\x06') \ - PROV_FUNC_SHA3_DIGEST(sha3_##bitlen, bitlen, \ - SHA3_BLOCKSIZE(bitlen), SHA3_MDSIZE(bitlen), \ - SHA3_FLAGS) +#define IMPLEMENT_SHA3_functions(bitlen) \ + SHA3_newctx(sha3, SHA3_##bitlen, sha3_##bitlen, bitlen, '\x06') \ + PROV_FUNC_SHA3_DIGEST(sha3_##bitlen, bitlen, \ + SHA3_BLOCKSIZE(bitlen), SHA3_MDSIZE(bitlen), \ + SHA3_FLAGS) -#define IMPLEMENT_SHAKE_functions(bitlen) \ - SHA3_newctx(shake, SHAKE_##bitlen, shake_##bitlen, bitlen, '\x1f') \ - PROV_FUNC_SHAKE_DIGEST(shake_##bitlen, bitlen, \ - SHA3_BLOCKSIZE(bitlen), SHA3_MDSIZE(bitlen), \ - SHAKE_FLAGS) -#define IMPLEMENT_KMAC_functions(bitlen) \ - KMAC_newctx(keccak_kmac_##bitlen, bitlen, '\x04') \ - PROV_FUNC_SHAKE_DIGEST(keccak_kmac_##bitlen, bitlen, \ - SHA3_BLOCKSIZE(bitlen), KMAC_MDSIZE(bitlen), \ - KMAC_FLAGS) +#define IMPLEMENT_SHAKE_functions(bitlen) \ + SHA3_newctx(shake, SHAKE_##bitlen, shake_##bitlen, bitlen, '\x1f') \ + PROV_FUNC_SHAKE_DIGEST(shake_##bitlen, bitlen, \ + SHA3_BLOCKSIZE(bitlen), SHA3_MDSIZE(bitlen), \ + SHAKE_FLAGS) +#define IMPLEMENT_KMAC_functions(bitlen) \ + KMAC_newctx(keccak_kmac_##bitlen, bitlen, '\x04') \ + PROV_FUNC_SHAKE_DIGEST(keccak_kmac_##bitlen, bitlen, \ + SHA3_BLOCKSIZE(bitlen), KMAC_MDSIZE(bitlen), \ + KMAC_FLAGS) /* ossl_sha3_224_functions */ IMPLEMENT_SHA3_functions(224) diff --git a/providers/implementations/digests/sm3_prov.c b/providers/implementations/digests/sm3_prov.c index 9d6de5b6ac19..dfc6960dd302 100644 --- a/providers/implementations/digests/sm3_prov.c +++ b/providers/implementations/digests/sm3_prov.c @@ -14,5 +14,5 @@ /* ossl_sm3_functions */ IMPLEMENT_digest_functions(sm3, SM3_CTX, - SM3_CBLOCK, SM3_DIGEST_LENGTH, 0, - ossl_sm3_init, ossl_sm3_update, ossl_sm3_final) + SM3_CBLOCK, SM3_DIGEST_LENGTH, 0, + ossl_sm3_init, ossl_sm3_update, ossl_sm3_final) diff --git a/providers/implementations/digests/wp_prov.c b/providers/implementations/digests/wp_prov.c index 2af70b337281..93167f171aa8 100644 --- a/providers/implementations/digests/wp_prov.c +++ b/providers/implementations/digests/wp_prov.c @@ -20,5 +20,5 @@ /* ossl_wp_functions */ IMPLEMENT_digest_functions(wp, WHIRLPOOL_CTX, - WHIRLPOOL_BBLOCK / 8, WHIRLPOOL_DIGEST_LENGTH, 0, - WHIRLPOOL_Init, WHIRLPOOL_Update, WHIRLPOOL_Final) + WHIRLPOOL_BBLOCK / 8, WHIRLPOOL_DIGEST_LENGTH, 0, + WHIRLPOOL_Init, WHIRLPOOL_Update, WHIRLPOOL_Final) diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index 075f90153607..40ba65405676 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -19,11 +19,11 @@ #include <openssl/crypto.h> #include <openssl/err.h> #include <openssl/params.h> -#include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ +#include <openssl/pem.h> /* PEM_BUFSIZE and public PEM functions */ #include <openssl/pkcs12.h> #include <openssl/x509.h> #include <openssl/proverr.h> -#include "internal/cryptlib.h" /* ossl_assert() */ +#include "internal/cryptlib.h" /* ossl_assert() */ #include "internal/asn1.h" #include "crypto/dh.h" #include "crypto/dsa.h" @@ -37,12 +37,12 @@ #include "prov/implementations.h" #include "endecoder_local.h" -struct der2key_ctx_st; /* Forward declaration */ +struct der2key_ctx_st; /* Forward declaration */ typedef int check_key_fn(void *, struct der2key_ctx_st *ctx); typedef void adjust_key_fn(void *, struct der2key_ctx_st *ctx); typedef void free_key_fn(void *); typedef void *d2i_PKCS8_fn(void **, const unsigned char **, long, - struct der2key_ctx_st *); + struct der2key_ctx_st *); struct keytype_desc_st { const char *keytype_name; const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ @@ -63,10 +63,10 @@ struct keytype_desc_st { /* For type specific decoders, we use the corresponding d2i */ d2i_of_void *d2i_private_key; /* From type-specific DER */ - d2i_of_void *d2i_public_key; /* From type-specific DER */ - d2i_of_void *d2i_key_params; /* From type-specific DER */ - d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */ - d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ + d2i_of_void *d2i_public_key; /* From type-specific DER */ + d2i_of_void *d2i_key_params; /* From type-specific DER */ + d2i_PKCS8_fn *d2i_PKCS8; /* Wrapped in a PrivateKeyInfo */ + d2i_of_void *d2i_PUBKEY; /* Wrapped in a SubjectPublicKeyInfo */ /* * For any key, we may need to check that the key meets expectations. @@ -97,10 +97,10 @@ struct der2key_ctx_st { }; typedef void *key_from_pkcs8_t(const PKCS8_PRIV_KEY_INFO *p8inf, - OSSL_LIB_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); static void *der2key_decode_p8(const unsigned char **input_der, - long input_der_len, struct der2key_ctx_st *ctx, - key_from_pkcs8_t *key_from_pkcs8) + long input_der_len, struct der2key_ctx_st *ctx, + key_from_pkcs8_t *key_from_pkcs8) { PKCS8_PRIV_KEY_INFO *p8inf = NULL; const X509_ALGOR *alg = NULL; @@ -144,7 +144,7 @@ static void der2key_freectx(void *vctx) } static int der2key_check_selection(int selection, - const struct keytype_desc_st *desc) + const struct keytype_desc_st *desc) { /* * The selections are kinda sorta "levels", i.e. each selection given @@ -178,8 +178,8 @@ static int der2key_check_selection(int selection, } static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct der2key_ctx_st *ctx = vctx; unsigned char *der = NULL; @@ -269,7 +269,7 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, if (key != NULL && ctx->desc->adjust_key != NULL) ctx->desc->adjust_key(key, ctx); - next: +next: /* * Indicated that we successfully decoded something, or not at all. * Ending up "empty handed" is not an error. @@ -288,31 +288,27 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, OSSL_PARAM params[4]; int object_type = OSSL_OBJECT_PKEY; - params[0] = - OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); + params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); #ifndef OPENSSL_NO_SM2 if (strcmp(ctx->desc->keytype_name, "EC") == 0 && (EC_KEY_get_flags(key) & EC_FLAG_SM2_RANGE) != 0) - params[1] = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - "SM2", 0); + params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + "SM2", 0); else #endif - params[1] = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - (char *)ctx->desc->keytype_name, - 0); + params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + (char *)ctx->desc->keytype_name, + 0); /* The address of the key becomes the octet string */ - params[2] = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, - &key, sizeof(key)); + params[2] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, + &key, sizeof(key)); params[3] = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); } - end: +end: ctx->desc->free_key(key); OPENSSL_free(der); @@ -320,12 +316,11 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, } static int der2key_export_object(void *vctx, - const void *reference, size_t reference_sz, - OSSL_CALLBACK *export_cb, void *export_cbarg) + const void *reference, size_t reference_sz, + OSSL_CALLBACK *export_cb, void *export_cbarg) { struct der2key_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_export_fn *export = - ossl_prov_get_keymgmt_export(ctx->desc->fns); + OSSL_FUNC_keymgmt_export_fn *export = ossl_prov_get_keymgmt_export(ctx->desc->fns); void *keydata; if (reference_sz == sizeof(keydata) && export != NULL) { @@ -344,56 +339,56 @@ static int der2key_export_object(void *vctx, /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_DH -# define dh_evp_type EVP_PKEY_DH -# define dh_d2i_private_key NULL -# define dh_d2i_public_key NULL -# define dh_d2i_key_params (d2i_of_void *)d2i_DHparams +#define dh_evp_type EVP_PKEY_DH +#define dh_d2i_private_key NULL +#define dh_d2i_public_key NULL +#define dh_d2i_key_params (d2i_of_void *)d2i_DHparams static void *dh_d2i_PKCS8(void **key, const unsigned char **der, long der_len, - struct der2key_ctx_st *ctx) + struct der2key_ctx_st *ctx) { return der2key_decode_p8(der, der_len, ctx, - (key_from_pkcs8_t *)ossl_dh_key_from_pkcs8); + (key_from_pkcs8_t *)ossl_dh_key_from_pkcs8); } -# define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY -# define dh_free (free_key_fn *)DH_free -# define dh_check NULL +#define dh_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DH_PUBKEY +#define dh_free (free_key_fn *)DH_free +#define dh_check NULL static void dh_adjust(void *key, struct der2key_ctx_st *ctx) { ossl_dh_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); } -# define dhx_evp_type EVP_PKEY_DHX -# define dhx_d2i_private_key NULL -# define dhx_d2i_public_key NULL -# define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams -# define dhx_d2i_PKCS8 dh_d2i_PKCS8 -# define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY -# define dhx_free (free_key_fn *)DH_free -# define dhx_check NULL -# define dhx_adjust dh_adjust +#define dhx_evp_type EVP_PKEY_DHX +#define dhx_d2i_private_key NULL +#define dhx_d2i_public_key NULL +#define dhx_d2i_key_params (d2i_of_void *)d2i_DHxparams +#define dhx_d2i_PKCS8 dh_d2i_PKCS8 +#define dhx_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DHx_PUBKEY +#define dhx_free (free_key_fn *)DH_free +#define dhx_check NULL +#define dhx_adjust dh_adjust #endif /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_DSA -# define dsa_evp_type EVP_PKEY_DSA -# define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey -# define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey -# define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams +#define dsa_evp_type EVP_PKEY_DSA +#define dsa_d2i_private_key (d2i_of_void *)d2i_DSAPrivateKey +#define dsa_d2i_public_key (d2i_of_void *)d2i_DSAPublicKey +#define dsa_d2i_key_params (d2i_of_void *)d2i_DSAparams static void *dsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, - struct der2key_ctx_st *ctx) + struct der2key_ctx_st *ctx) { return der2key_decode_p8(der, der_len, ctx, - (key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8); + (key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8); } -# define dsa_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DSA_PUBKEY -# define dsa_free (free_key_fn *)DSA_free -# define dsa_check NULL +#define dsa_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DSA_PUBKEY +#define dsa_free (free_key_fn *)DSA_free +#define dsa_check NULL static void dsa_adjust(void *key, struct der2key_ctx_st *ctx) { @@ -404,20 +399,20 @@ static void dsa_adjust(void *key, struct der2key_ctx_st *ctx) /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_EC -# define ec_evp_type EVP_PKEY_EC -# define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey -# define ec_d2i_public_key NULL -# define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters +#define ec_evp_type EVP_PKEY_EC +#define ec_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey +#define ec_d2i_public_key NULL +#define ec_d2i_key_params (d2i_of_void *)d2i_ECParameters static void *ec_d2i_PKCS8(void **key, const unsigned char **der, long der_len, - struct der2key_ctx_st *ctx) + struct der2key_ctx_st *ctx) { return der2key_decode_p8(der, der_len, ctx, - (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); + (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); } -# define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY -# define ec_free (free_key_fn *)EC_KEY_free +#define ec_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY +#define ec_free (free_key_fn *)EC_KEY_free static int ec_check(void *key, struct der2key_ctx_st *ctx) { @@ -445,10 +440,10 @@ static void ec_adjust(void *key, struct der2key_ctx_st *ctx) */ static void *ecx_d2i_PKCS8(void **key, const unsigned char **der, long der_len, - struct der2key_ctx_st *ctx) + struct der2key_ctx_st *ctx) { return der2key_decode_p8(der, der_len, ctx, - (key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8); + (key_from_pkcs8_t *)ossl_ecx_key_from_pkcs8); } static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) @@ -456,82 +451,82 @@ static void ecx_key_adjust(void *key, struct der2key_ctx_st *ctx) ossl_ecx_key_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); } -# define ed25519_evp_type EVP_PKEY_ED25519 -# define ed25519_d2i_private_key NULL -# define ed25519_d2i_public_key NULL -# define ed25519_d2i_key_params NULL -# define ed25519_d2i_PKCS8 ecx_d2i_PKCS8 -# define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY -# define ed25519_free (free_key_fn *)ossl_ecx_key_free -# define ed25519_check NULL -# define ed25519_adjust ecx_key_adjust +#define ed25519_evp_type EVP_PKEY_ED25519 +#define ed25519_d2i_private_key NULL +#define ed25519_d2i_public_key NULL +#define ed25519_d2i_key_params NULL +#define ed25519_d2i_PKCS8 ecx_d2i_PKCS8 +#define ed25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED25519_PUBKEY +#define ed25519_free (free_key_fn *)ossl_ecx_key_free +#define ed25519_check NULL +#define ed25519_adjust ecx_key_adjust -# define ed448_evp_type EVP_PKEY_ED448 -# define ed448_d2i_private_key NULL -# define ed448_d2i_public_key NULL -# define ed448_d2i_key_params NULL -# define ed448_d2i_PKCS8 ecx_d2i_PKCS8 -# define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY -# define ed448_free (free_key_fn *)ossl_ecx_key_free -# define ed448_check NULL -# define ed448_adjust ecx_key_adjust +#define ed448_evp_type EVP_PKEY_ED448 +#define ed448_d2i_private_key NULL +#define ed448_d2i_public_key NULL +#define ed448_d2i_key_params NULL +#define ed448_d2i_PKCS8 ecx_d2i_PKCS8 +#define ed448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_ED448_PUBKEY +#define ed448_free (free_key_fn *)ossl_ecx_key_free +#define ed448_check NULL +#define ed448_adjust ecx_key_adjust -# define x25519_evp_type EVP_PKEY_X25519 -# define x25519_d2i_private_key NULL -# define x25519_d2i_public_key NULL -# define x25519_d2i_key_params NULL -# define x25519_d2i_PKCS8 ecx_d2i_PKCS8 -# define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY -# define x25519_free (free_key_fn *)ossl_ecx_key_free -# define x25519_check NULL -# define x25519_adjust ecx_key_adjust +#define x25519_evp_type EVP_PKEY_X25519 +#define x25519_d2i_private_key NULL +#define x25519_d2i_public_key NULL +#define x25519_d2i_key_params NULL +#define x25519_d2i_PKCS8 ecx_d2i_PKCS8 +#define x25519_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X25519_PUBKEY +#define x25519_free (free_key_fn *)ossl_ecx_key_free +#define x25519_check NULL +#define x25519_adjust ecx_key_adjust -# define x448_evp_type EVP_PKEY_X448 -# define x448_d2i_private_key NULL -# define x448_d2i_public_key NULL -# define x448_d2i_key_params NULL -# define x448_d2i_PKCS8 ecx_d2i_PKCS8 -# define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY -# define x448_free (free_key_fn *)ossl_ecx_key_free -# define x448_check NULL -# define x448_adjust ecx_key_adjust +#define x448_evp_type EVP_PKEY_X448 +#define x448_d2i_private_key NULL +#define x448_d2i_public_key NULL +#define x448_d2i_key_params NULL +#define x448_d2i_PKCS8 ecx_d2i_PKCS8 +#define x448_d2i_PUBKEY (d2i_of_void *)ossl_d2i_X448_PUBKEY +#define x448_free (free_key_fn *)ossl_ecx_key_free +#define x448_check NULL +#define x448_adjust ecx_key_adjust -# ifndef OPENSSL_NO_SM2 -# define sm2_evp_type EVP_PKEY_SM2 -# define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey -# define sm2_d2i_public_key NULL -# define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters +#ifndef OPENSSL_NO_SM2 +#define sm2_evp_type EVP_PKEY_SM2 +#define sm2_d2i_private_key (d2i_of_void *)d2i_ECPrivateKey +#define sm2_d2i_public_key NULL +#define sm2_d2i_key_params (d2i_of_void *)d2i_ECParameters static void *sm2_d2i_PKCS8(void **key, const unsigned char **der, long der_len, - struct der2key_ctx_st *ctx) + struct der2key_ctx_st *ctx) { return der2key_decode_p8(der, der_len, ctx, - (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); + (key_from_pkcs8_t *)ossl_ec_key_from_pkcs8); } -# define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY -# define sm2_free (free_key_fn *)EC_KEY_free -# define sm2_check ec_check -# define sm2_adjust ec_adjust -# endif +#define sm2_d2i_PUBKEY (d2i_of_void *)d2i_EC_PUBKEY +#define sm2_free (free_key_fn *)EC_KEY_free +#define sm2_check ec_check +#define sm2_adjust ec_adjust +#endif #endif /* ---------------------------------------------------------------------- */ -#define rsa_evp_type EVP_PKEY_RSA -#define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey -#define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey -#define rsa_d2i_key_params NULL +#define rsa_evp_type EVP_PKEY_RSA +#define rsa_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey +#define rsa_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey +#define rsa_d2i_key_params NULL static void *rsa_d2i_PKCS8(void **key, const unsigned char **der, long der_len, - struct der2key_ctx_st *ctx) + struct der2key_ctx_st *ctx) { return der2key_decode_p8(der, der_len, ctx, - (key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8); + (key_from_pkcs8_t *)ossl_rsa_key_from_pkcs8); } -#define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY -#define rsa_free (free_key_fn *)RSA_free +#define rsa_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY +#define rsa_free (free_key_fn *)RSA_free static int rsa_check(void *key, struct der2key_ctx_st *ctx) { @@ -551,15 +546,15 @@ static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); } -#define rsapss_evp_type EVP_PKEY_RSA_PSS -#define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey -#define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey -#define rsapss_d2i_key_params NULL -#define rsapss_d2i_PKCS8 rsa_d2i_PKCS8 -#define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY -#define rsapss_free (free_key_fn *)RSA_free -#define rsapss_check rsa_check -#define rsapss_adjust rsa_adjust +#define rsapss_evp_type EVP_PKEY_RSA_PSS +#define rsapss_d2i_private_key (d2i_of_void *)d2i_RSAPrivateKey +#define rsapss_d2i_public_key (d2i_of_void *)d2i_RSAPublicKey +#define rsapss_d2i_key_params NULL +#define rsapss_d2i_PKCS8 rsa_d2i_PKCS8 +#define rsapss_d2i_PUBKEY (d2i_of_void *)d2i_RSA_PUBKEY +#define rsapss_free (free_key_fn *)RSA_free +#define rsapss_check rsa_check +#define rsapss_adjust rsa_adjust /* ---------------------------------------------------------------------- */ @@ -567,162 +562,162 @@ static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) * The DO_ macros help define the selection mask and the method functions * for each kind of object we want to decode. */ -#define DO_type_specific_keypair(keytype) \ - "type-specific", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ - keytype##_d2i_private_key, \ - keytype##_d2i_public_key, \ - NULL, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_type_specific_keypair(keytype) \ + "type-specific", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_KEYPAIR), \ + keytype##_d2i_private_key, \ + keytype##_d2i_public_key, \ + NULL, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_type_specific_pub(keytype) \ - "type-specific", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ - NULL, \ - keytype##_d2i_public_key, \ - NULL, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_type_specific_pub(keytype) \ + "type-specific", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \ + NULL, \ + keytype##_d2i_public_key, \ + NULL, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_type_specific_priv(keytype) \ - "type-specific", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ - keytype##_d2i_private_key, \ - NULL, \ - NULL, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_type_specific_priv(keytype) \ + "type-specific", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \ + keytype##_d2i_private_key, \ + NULL, \ + NULL, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_type_specific_params(keytype) \ - "type-specific", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ - NULL, \ - NULL, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_type_specific_params(keytype) \ + "type-specific", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \ + NULL, \ + NULL, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_type_specific(keytype) \ - "type-specific", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_ALL ), \ - keytype##_d2i_private_key, \ - keytype##_d2i_public_key, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_type_specific(keytype) \ + "type-specific", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_ALL), \ + keytype##_d2i_private_key, \ + keytype##_d2i_public_key, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_type_specific_no_pub(keytype) \ - "type-specific", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ - | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ - keytype##_d2i_private_key, \ - NULL, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_type_specific_no_pub(keytype) \ + "type-specific", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ + | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \ + keytype##_d2i_private_key, \ + NULL, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_PrivateKeyInfo(keytype) \ - "PrivateKeyInfo", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY ), \ - NULL, \ - NULL, \ - NULL, \ - keytype##_d2i_PKCS8, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_PrivateKeyInfo(keytype) \ + "PrivateKeyInfo", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_PRIVATE_KEY), \ + NULL, \ + NULL, \ + NULL, \ + keytype##_d2i_PKCS8, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_SubjectPublicKeyInfo(keytype) \ - "SubjectPublicKeyInfo", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_PUBLIC_KEY ), \ - NULL, \ - NULL, \ - NULL, \ - NULL, \ - keytype##_d2i_PUBKEY, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_SubjectPublicKeyInfo(keytype) \ + "SubjectPublicKeyInfo", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_PUBLIC_KEY), \ + NULL, \ + NULL, \ + NULL, \ + NULL, \ + keytype##_d2i_PUBKEY, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_DH(keytype) \ - "DH", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ - NULL, \ - NULL, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_DH(keytype) \ + "DH", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \ + NULL, \ + NULL, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_DHX(keytype) \ - "DHX", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ - NULL, \ - NULL, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_DHX(keytype) \ + "DHX", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \ + NULL, \ + NULL, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_DSA(keytype) \ - "DSA", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_ALL ), \ - keytype##_d2i_private_key, \ - keytype##_d2i_public_key, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_DSA(keytype) \ + "DSA", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_ALL), \ + keytype##_d2i_private_key, \ + keytype##_d2i_public_key, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_EC(keytype) \ - "EC", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ - | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ), \ - keytype##_d2i_private_key, \ - NULL, \ - keytype##_d2i_key_params, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_EC(keytype) \ + "EC", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_PRIVATE_KEY \ + | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS), \ + keytype##_d2i_private_key, \ + NULL, \ + keytype##_d2i_key_params, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free -#define DO_RSA(keytype) \ - "RSA", keytype##_evp_type, \ - ( OSSL_KEYMGMT_SELECT_KEYPAIR ), \ - keytype##_d2i_private_key, \ - keytype##_d2i_public_key, \ - NULL, \ - NULL, \ - NULL, \ - keytype##_check, \ - keytype##_adjust, \ +#define DO_RSA(keytype) \ + "RSA", keytype##_evp_type, \ + (OSSL_KEYMGMT_SELECT_KEYPAIR), \ + keytype##_d2i_private_key, \ + keytype##_d2i_public_key, \ + NULL, \ + NULL, \ + NULL, \ + keytype##_check, \ + keytype##_adjust, \ keytype##_free /* @@ -742,37 +737,37 @@ static void rsa_adjust(void *key, struct der2key_ctx_st *ctx) * the DO_##kind macros above, to populate the keytype_desc_st * structure. */ -#define MAKE_DECODER(keytype_name, keytype, type, kind) \ - static const struct keytype_desc_st kind##_##keytype##_desc = \ - { keytype_name, ossl_##keytype##_keymgmt_functions, \ - DO_##kind(keytype) }; \ - \ - static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ - \ - static void *kind##_der2##keytype##_newctx(void *provctx) \ - { \ - return der2key_newctx(provctx, &kind##_##keytype##_desc); \ - } \ - static int kind##_der2##keytype##_does_selection(void *provctx, \ - int selection) \ - { \ - return der2key_check_selection(selection, \ - &kind##_##keytype##_desc); \ - } \ - const OSSL_DISPATCH \ - ossl_##kind##_der_to_##keytype##_decoder_functions[] = { \ - { OSSL_FUNC_DECODER_NEWCTX, \ - (void (*)(void))kind##_der2##keytype##_newctx }, \ - { OSSL_FUNC_DECODER_FREECTX, \ - (void (*)(void))der2key_freectx }, \ - { OSSL_FUNC_DECODER_DOES_SELECTION, \ - (void (*)(void))kind##_der2##keytype##_does_selection }, \ - { OSSL_FUNC_DECODER_DECODE, \ - (void (*)(void))der2key_decode }, \ - { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ - (void (*)(void))der2key_export_object }, \ - { 0, NULL } \ - } +#define MAKE_DECODER(keytype_name, keytype, type, kind) \ + static const struct keytype_desc_st kind##_##keytype##_desc = { keytype_name, ossl_##keytype##_keymgmt_functions, \ + DO_##kind(keytype) }; \ + \ + static OSSL_FUNC_decoder_newctx_fn kind##_der2##keytype##_newctx; \ + \ + static void *kind##_der2##keytype##_newctx(void *provctx) \ + { \ + return der2key_newctx(provctx, &kind##_##keytype##_desc); \ + } \ + static int kind##_der2##keytype##_does_selection(void *provctx, \ + int selection) \ + { \ + return der2key_check_selection(selection, \ + &kind##_##keytype##_desc); \ + } \ + const OSSL_DISPATCH \ + ossl_##kind##_der_to_##keytype##_decoder_functions[] \ + = { \ + { OSSL_FUNC_DECODER_NEWCTX, \ + (void (*)(void))kind##_der2##keytype##_newctx }, \ + { OSSL_FUNC_DECODER_FREECTX, \ + (void (*)(void))der2key_freectx }, \ + { OSSL_FUNC_DECODER_DOES_SELECTION, \ + (void (*)(void))kind##_der2##keytype##_does_selection }, \ + { OSSL_FUNC_DECODER_DECODE, \ + (void (*)(void))der2key_decode }, \ + { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ + (void (*)(void))der2key_export_object }, \ + { 0, NULL } \ + } #ifndef OPENSSL_NO_DH MAKE_DECODER("DH", dh, dh, PrivateKeyInfo); @@ -803,11 +798,11 @@ MAKE_DECODER("ED25519", ed25519, ecx, PrivateKeyInfo); MAKE_DECODER("ED25519", ed25519, ecx, SubjectPublicKeyInfo); MAKE_DECODER("ED448", ed448, ecx, PrivateKeyInfo); MAKE_DECODER("ED448", ed448, ecx, SubjectPublicKeyInfo); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_DECODER("SM2", sm2, ec, PrivateKeyInfo); MAKE_DECODER("SM2", sm2, ec, SubjectPublicKeyInfo); MAKE_DECODER("SM2", sm2, sm2, type_specific_no_pub); -# endif +#endif #endif MAKE_DECODER("RSA", rsa, rsa, PrivateKeyInfo); MAKE_DECODER("RSA", rsa, rsa, SubjectPublicKeyInfo); diff --git a/providers/implementations/encode_decode/decode_epki2pki.c b/providers/implementations/encode_decode/decode_epki2pki.c index 9cea80b616d6..eaf078b92705 100644 --- a/providers/implementations/encode_decode/decode_epki2pki.c +++ b/providers/implementations/encode_decode/decode_epki2pki.c @@ -56,8 +56,8 @@ static void epki2pki_freectx(void *vctx) * PrivateKeyInfo. */ static int epki2pki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct epki2pki_ctx_st *ctx = vctx; BUF_MEM *mem = NULL; @@ -84,7 +84,7 @@ static int epki2pki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, der_len = (long)mem->length; OPENSSL_free(mem); - ok = 1; /* Assume good */ + ok = 1; /* Assume good */ ERR_set_mark(); if ((p8 = d2i_X509_SIG(NULL, &pder, der_len)) != NULL) { char pbuf[1024]; @@ -102,9 +102,9 @@ static int epki2pki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, X509_SIG_get0(p8, &alg, &oct); if (!PKCS12_pbe_crypt_ex(alg, pbuf, plen, - oct->data, oct->length, - &new_der, &new_der_len, 0, - PROV_LIBCTX_OF(ctx->provctx), NULL)) { + oct->data, oct->length, + &new_der, &new_der_len, 0, + PROV_LIBCTX_OF(ctx->provctx), NULL)) { ok = 0; } else { OPENSSL_free(der); @@ -135,11 +135,11 @@ static int epki2pki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, OBJ_obj2txt(keytype, sizeof(keytype), alg->algorithm, 0); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - keytype, 0); + keytype, 0); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE, - "PrivateKeyInfo", 0); + "PrivateKeyInfo", 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, - der, der_len); + der, der_len); *p++ = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); *p = OSSL_PARAM_construct_end(); diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c index b9d0cabadae2..b3eec691404e 100644 --- a/providers/implementations/encode_decode/decode_msblob2key.c +++ b/providers/implementations/encode_decode/decode_msblob2key.c @@ -20,24 +20,24 @@ #include <openssl/core_object.h> #include <openssl/crypto.h> #include <openssl/params.h> -#include <openssl/pem.h> /* For public PVK functions */ +#include <openssl/pem.h> /* For public PVK functions */ #include <openssl/x509.h> #include <openssl/err.h> #include "internal/passphrase.h" -#include "crypto/pem.h" /* For internal PVK and "blob" headers */ +#include "crypto/pem.h" /* For internal PVK and "blob" headers */ #include "crypto/rsa.h" #include "prov/bio.h" #include "prov/implementations.h" #include "endecoder_local.h" -struct msblob2key_ctx_st; /* Forward declaration */ +struct msblob2key_ctx_st; /* Forward declaration */ typedef void *b2i_of_void_fn(const unsigned char **in, unsigned int bitlen, - int ispub); + int ispub); typedef void adjust_key_fn(void *, struct msblob2key_ctx_st *ctx); typedef void free_key_fn(void *); struct keytype_desc_st { - int type; /* EVP key type */ - const char *name; /* Keytype */ + int type; /* EVP key type */ + const char *name; /* Keytype */ const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ b2i_of_void_fn *read_private_key; @@ -84,16 +84,15 @@ static int msblob2key_does_selection(void *provctx, int selection) if (selection == 0) return 1; - if ((selection & (OSSL_KEYMGMT_SELECT_PRIVATE_KEY - | OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) != 0) + if ((selection & (OSSL_KEYMGMT_SELECT_PRIVATE_KEY | OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) != 0) return 1; return 0; } static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct msblob2key_ctx_st *ctx = vctx; BIO *in = ossl_bio_new_from_core_bio(ctx->provctx, cin); @@ -120,7 +119,7 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, goto next; ctx->selection = selection; - ok = 0; /* Assume that we fail */ + ok = 0; /* Assume that we fail */ if ((isdss && ctx->desc->type != EVP_PKEY_DSA) || (!isdss && ctx->desc->type != EVP_PKEY_RSA)) @@ -143,7 +142,7 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, } if ((selection == 0 - || (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) + || (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) && !ispub && ctx->desc->read_private_key != NULL) { struct ossl_passphrase_data_st pwdata; @@ -156,8 +155,7 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, if (selection != 0 && key == NULL) goto next; } - if (key == NULL && (selection == 0 - || (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) + if (key == NULL && (selection == 0 || (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) && ispub && ctx->desc->read_public_key != NULL) { p = buf; @@ -169,7 +167,7 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, if (key != NULL && ctx->desc->adjust_key != NULL) ctx->desc->adjust_key(key, ctx); - next: +next: /* * Indicated that we successfully decoded something, or not at all. * Ending up "empty handed" is not an error. @@ -190,21 +188,18 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, OSSL_PARAM params[4]; int object_type = OSSL_OBJECT_PKEY; - params[0] = - OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); - params[1] = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - (char *)ctx->desc->name, 0); + params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); + params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + (char *)ctx->desc->name, 0); /* The address of the key becomes the octet string */ - params[2] = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, - &key, sizeof(key)); + params[2] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, + &key, sizeof(key)); params[3] = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); } - end: +end: BIO_free(in); OPENSSL_free(buf); ctx->desc->free_key(key); @@ -214,12 +209,11 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, static int msblob2key_export_object(void *vctx, - const void *reference, size_t reference_sz, - OSSL_CALLBACK *export_cb, void *export_cbarg) + const void *reference, size_t reference_sz, + OSSL_CALLBACK *export_cb, void *export_cbarg) { struct msblob2key_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_export_fn *export = - ossl_prov_get_keymgmt_export(ctx->desc->fns); + OSSL_FUNC_keymgmt_export_fn *export = ossl_prov_get_keymgmt_export(ctx->desc->fns); void *keydata; if (reference_sz == sizeof(keydata) && export != NULL) { @@ -237,53 +231,54 @@ msblob2key_export_object(void *vctx, /* ---------------------------------------------------------------------- */ -#define dsa_decode_private_key (b2i_of_void_fn *)ossl_b2i_DSA_after_header -#define dsa_decode_public_key (b2i_of_void_fn *)ossl_b2i_DSA_after_header -#define dsa_adjust NULL -#define dsa_free (void (*)(void *))DSA_free +#define dsa_decode_private_key (b2i_of_void_fn *)ossl_b2i_DSA_after_header +#define dsa_decode_public_key (b2i_of_void_fn *)ossl_b2i_DSA_after_header +#define dsa_adjust NULL +#define dsa_free (void (*)(void *)) DSA_free /* ---------------------------------------------------------------------- */ -#define rsa_decode_private_key (b2i_of_void_fn *)ossl_b2i_RSA_after_header -#define rsa_decode_public_key (b2i_of_void_fn *)ossl_b2i_RSA_after_header +#define rsa_decode_private_key (b2i_of_void_fn *)ossl_b2i_RSA_after_header +#define rsa_decode_public_key (b2i_of_void_fn *)ossl_b2i_RSA_after_header static void rsa_adjust(void *key, struct msblob2key_ctx_st *ctx) { ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); } -#define rsa_free (void (*)(void *))RSA_free +#define rsa_free (void (*)(void *)) RSA_free /* ---------------------------------------------------------------------- */ -#define IMPLEMENT_MSBLOB(KEYTYPE, keytype) \ - static const struct keytype_desc_st mstype##2##keytype##_desc = { \ - EVP_PKEY_##KEYTYPE, #KEYTYPE, \ - ossl_##keytype##_keymgmt_functions, \ - keytype##_decode_private_key, \ - keytype##_decode_public_key, \ - keytype##_adjust, \ - keytype##_free \ - }; \ - static OSSL_FUNC_decoder_newctx_fn msblob2##keytype##_newctx; \ - static void *msblob2##keytype##_newctx(void *provctx) \ - { \ - return msblob2key_newctx(provctx, &mstype##2##keytype##_desc); \ - } \ - const OSSL_DISPATCH \ - ossl_msblob_to_##keytype##_decoder_functions[] = { \ - { OSSL_FUNC_DECODER_NEWCTX, \ - (void (*)(void))msblob2##keytype##_newctx }, \ - { OSSL_FUNC_DECODER_FREECTX, \ - (void (*)(void))msblob2key_freectx }, \ - { OSSL_FUNC_DECODER_DOES_SELECTION, \ - (void (*)(void))msblob2key_does_selection }, \ - { OSSL_FUNC_DECODER_DECODE, \ - (void (*)(void))msblob2key_decode }, \ - { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ - (void (*)(void))msblob2key_export_object }, \ - { 0, NULL } \ - } +#define IMPLEMENT_MSBLOB(KEYTYPE, keytype) \ + static const struct keytype_desc_st mstype##2##keytype##_desc = { \ + EVP_PKEY_##KEYTYPE, #KEYTYPE, \ + ossl_##keytype##_keymgmt_functions, \ + keytype##_decode_private_key, \ + keytype##_decode_public_key, \ + keytype##_adjust, \ + keytype##_free \ + }; \ + static OSSL_FUNC_decoder_newctx_fn msblob2##keytype##_newctx; \ + static void *msblob2##keytype##_newctx(void *provctx) \ + { \ + return msblob2key_newctx(provctx, &mstype##2##keytype##_desc); \ + } \ + const OSSL_DISPATCH \ + ossl_msblob_to_##keytype##_decoder_functions[] \ + = { \ + { OSSL_FUNC_DECODER_NEWCTX, \ + (void (*)(void))msblob2##keytype##_newctx }, \ + { OSSL_FUNC_DECODER_FREECTX, \ + (void (*)(void))msblob2key_freectx }, \ + { OSSL_FUNC_DECODER_DOES_SELECTION, \ + (void (*)(void))msblob2key_does_selection }, \ + { OSSL_FUNC_DECODER_DECODE, \ + (void (*)(void))msblob2key_decode }, \ + { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ + (void (*)(void))msblob2key_export_object }, \ + { 0, NULL } \ + } #ifndef OPENSSL_NO_DSA IMPLEMENT_MSBLOB(DSA, dsa); diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c index ce21b6b80388..3bc3954b7957 100644 --- a/providers/implementations/encode_decode/decode_pem2der.c +++ b/providers/implementations/encode_decode/decode_pem2der.c @@ -29,8 +29,8 @@ #include "endecoder_local.h" static int read_pem(PROV_CTX *provctx, OSSL_CORE_BIO *cin, - char **pem_name, char **pem_header, - unsigned char **data, long *len) + char **pem_name, char **pem_header, + unsigned char **data, long *len) { BIO *in = ossl_bio_new_from_core_bio(provctx, cin); int ok; @@ -93,8 +93,8 @@ static int pem2der_pass_helper(char *buf, int num, int w, void *data) * because it's not relevant just to decode PEM to DER. */ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { /* * PEM names we recognise. Other PEM names should be recognised by @@ -143,7 +143,8 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, int objtype = OSSL_OBJECT_UNKNOWN; ok = read_pem(ctx->provctx, cin, &pem_name, &pem_header, - &der, &der_len) > 0; + &der, &der_len) + > 0; /* We return "empty handed". This is not an error. */ if (!ok) return 1; @@ -158,12 +159,12 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, EVP_CIPHER_INFO cipher; struct pem2der_pass_data_st pass_data; - ok = 0; /* Assume that we fail */ + ok = 0; /* Assume that we fail */ pass_data.cb = pw_cb; pass_data.cbarg = pw_cbarg; if (!PEM_get_EVP_CIPHER_INFO(pem_header, &cipher) || !PEM_do_header(&cipher, der, &der_len, - pem2der_pass_helper, &pass_data)) + pem2der_pass_helper, &pass_data)) goto end; } @@ -186,27 +187,23 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, objtype = pem_name_map[i].object_type; if (data_type != NULL) - *p++ = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - data_type, 0); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + data_type, 0); /* We expect this to be read only so casting away the const is ok */ if (data_structure != NULL) - *p++ = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE, - data_structure, 0); - *p++ = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, - der, der_len); - *p++ = - OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE, + data_structure, 0); + *p++ = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, + der, der_len); + *p++ = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); *p = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); } - end: +end: OPENSSL_free(pem_name); OPENSSL_free(pem_header); OPENSSL_free(der); diff --git a/providers/implementations/encode_decode/decode_pvk2key.c b/providers/implementations/encode_decode/decode_pvk2key.c index 2d7cb15e53e0..fe616ceffabc 100644 --- a/providers/implementations/encode_decode/decode_pvk2key.c +++ b/providers/implementations/encode_decode/decode_pvk2key.c @@ -21,24 +21,24 @@ #include <openssl/crypto.h> #include <openssl/params.h> #include <openssl/err.h> -#include <openssl/pem.h> /* For public PVK functions */ +#include <openssl/pem.h> /* For public PVK functions */ #include <openssl/x509.h> #include "internal/passphrase.h" -#include "crypto/pem.h" /* For internal PVK and "blob" headers */ +#include "crypto/pem.h" /* For internal PVK and "blob" headers */ #include "crypto/rsa.h" #include "prov/bio.h" #include "prov/implementations.h" #include "endecoder_local.h" -struct pvk2key_ctx_st; /* Forward declaration */ +struct pvk2key_ctx_st; /* Forward declaration */ typedef int check_key_fn(void *, struct pvk2key_ctx_st *ctx); typedef void adjust_key_fn(void *, struct pvk2key_ctx_st *ctx); typedef void *b2i_PVK_of_bio_pw_fn(BIO *in, pem_password_cb *cb, void *u, - OSSL_LIB_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); typedef void free_key_fn(void *); struct keytype_desc_st { - int type; /* EVP key type */ - const char *name; /* Keytype */ + int type; /* EVP key type */ + const char *name; /* Keytype */ const OSSL_DISPATCH *fns; /* Keymgmt (to pilfer functions from) */ b2i_PVK_of_bio_pw_fn *read_private_key; @@ -84,15 +84,15 @@ static int pvk2key_does_selection(void *provctx, int selection) if (selection == 0) return 1; - if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) + if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) return 1; return 0; } static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct pvk2key_ctx_st *ctx = vctx; BIO *in = ossl_bio_new_from_core_bio(ctx->provctx, cin); @@ -105,7 +105,7 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, ctx->selection = selection; if ((selection == 0 - || (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) + || (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) && ctx->desc->read_private_key != NULL) { struct ossl_passphrase_data_st pwdata; int err, lib, reason; @@ -115,7 +115,7 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, goto end; key = ctx->desc->read_private_key(in, ossl_pw_pvk_password, &pwdata, - PROV_LIBCTX_OF(ctx->provctx), NULL); + PROV_LIBCTX_OF(ctx->provctx), NULL); /* * Because the PVK API doesn't have a separate decrypt call, we need @@ -140,7 +140,7 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, if (key != NULL && ctx->desc->adjust_key != NULL) ctx->desc->adjust_key(key, ctx); - next: +next: /* * Indicated that we successfully decoded something, or not at all. * Ending up "empty handed" is not an error. @@ -159,21 +159,18 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, OSSL_PARAM params[4]; int object_type = OSSL_OBJECT_PKEY; - params[0] = - OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); - params[1] = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - (char *)ctx->desc->name, 0); + params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &object_type); + params[1] = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + (char *)ctx->desc->name, 0); /* The address of the key becomes the octet string */ - params[2] = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, - &key, sizeof(key)); + params[2] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, + &key, sizeof(key)); params[3] = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); } - end: +end: BIO_free(in); ctx->desc->free_key(key); @@ -181,12 +178,11 @@ static int pvk2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, } static int pvk2key_export_object(void *vctx, - const void *reference, size_t reference_sz, - OSSL_CALLBACK *export_cb, void *export_cbarg) + const void *reference, size_t reference_sz, + OSSL_CALLBACK *export_cb, void *export_cbarg) { struct pvk2key_ctx_st *ctx = vctx; - OSSL_FUNC_keymgmt_export_fn *export = - ossl_prov_get_keymgmt_export(ctx->desc->fns); + OSSL_FUNC_keymgmt_export_fn *export = ossl_prov_get_keymgmt_export(ctx->desc->fns); void *keydata; if (reference_sz == sizeof(keydata) && export != NULL) { @@ -204,51 +200,53 @@ static int pvk2key_export_object(void *vctx, /* ---------------------------------------------------------------------- */ -#define dsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_DSA_PVK_bio_ex -#define dsa_adjust NULL -#define dsa_free (void (*)(void *))DSA_free +#define dsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_DSA_PVK_bio_ex +#define dsa_adjust NULL +#define dsa_free (void (*)(void *)) DSA_free /* ---------------------------------------------------------------------- */ -#define rsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_RSA_PVK_bio_ex +#define rsa_private_key_bio (b2i_PVK_of_bio_pw_fn *)b2i_RSA_PVK_bio_ex static void rsa_adjust(void *key, struct pvk2key_ctx_st *ctx) { ossl_rsa_set0_libctx(key, PROV_LIBCTX_OF(ctx->provctx)); } -#define rsa_free (void (*)(void *))RSA_free +#define rsa_free (void (*)(void *)) RSA_free /* ---------------------------------------------------------------------- */ -#define IMPLEMENT_MS(KEYTYPE, keytype) \ - static const struct keytype_desc_st \ - pvk2##keytype##_desc = { \ - EVP_PKEY_##KEYTYPE, #KEYTYPE, \ - ossl_##keytype##_keymgmt_functions, \ - keytype##_private_key_bio, \ - keytype##_adjust, \ - keytype##_free \ - }; \ - static OSSL_FUNC_decoder_newctx_fn pvk2##keytype##_newctx; \ - static void *pvk2##keytype##_newctx(void *provctx) \ - { \ - return pvk2key_newctx(provctx, &pvk2##keytype##_desc); \ - } \ - const OSSL_DISPATCH \ - ossl_##pvk_to_##keytype##_decoder_functions[] = { \ - { OSSL_FUNC_DECODER_NEWCTX, \ - (void (*)(void))pvk2##keytype##_newctx }, \ - { OSSL_FUNC_DECODER_FREECTX, \ - (void (*)(void))pvk2key_freectx }, \ - { OSSL_FUNC_DECODER_DOES_SELECTION, \ - (void (*)(void))pvk2key_does_selection }, \ - { OSSL_FUNC_DECODER_DECODE, \ - (void (*)(void))pvk2key_decode }, \ - { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ - (void (*)(void))pvk2key_export_object }, \ - { 0, NULL } \ - } +#define IMPLEMENT_MS(KEYTYPE, keytype) \ + static const struct keytype_desc_st \ + pvk2##keytype##_desc \ + = { \ + EVP_PKEY_##KEYTYPE, #KEYTYPE, \ + ossl_##keytype##_keymgmt_functions, \ + keytype##_private_key_bio, \ + keytype##_adjust, \ + keytype##_free \ + }; \ + static OSSL_FUNC_decoder_newctx_fn pvk2##keytype##_newctx; \ + static void *pvk2##keytype##_newctx(void *provctx) \ + { \ + return pvk2key_newctx(provctx, &pvk2##keytype##_desc); \ + } \ + const OSSL_DISPATCH \ + ossl_##pvk_to_##keytype##_decoder_functions[] \ + = { \ + { OSSL_FUNC_DECODER_NEWCTX, \ + (void (*)(void))pvk2##keytype##_newctx }, \ + { OSSL_FUNC_DECODER_FREECTX, \ + (void (*)(void))pvk2key_freectx }, \ + { OSSL_FUNC_DECODER_DOES_SELECTION, \ + (void (*)(void))pvk2key_does_selection }, \ + { OSSL_FUNC_DECODER_DECODE, \ + (void (*)(void))pvk2key_decode }, \ + { OSSL_FUNC_DECODER_EXPORT_OBJECT, \ + (void (*)(void))pvk2key_export_object }, \ + { 0, NULL } \ + } #ifndef OPENSSL_NO_DSA IMPLEMENT_MS(DSA, dsa); diff --git a/providers/implementations/encode_decode/decode_spki2typespki.c b/providers/implementations/encode_decode/decode_spki2typespki.c index a5dbbb31adf8..a65eb74402ca 100644 --- a/providers/implementations/encode_decode/decode_spki2typespki.c +++ b/providers/implementations/encode_decode/decode_spki2typespki.c @@ -49,8 +49,8 @@ static void spki2typespki_freectx(void *vctx) } static int spki2typespki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct spki2typespki_ctx_st *ctx = vctx; unsigned char *der, *derp; @@ -67,8 +67,7 @@ static int spki2typespki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, return 1; derp = der; xpub = ossl_d2i_X509_PUBKEY_INTERNAL((const unsigned char **)&derp, len, - PROV_LIBCTX_OF(ctx->provctx)); - + PROV_LIBCTX_OF(ctx->provctx)); if (xpub == NULL) { /* We return "empty handed". This is not an error. */ @@ -83,34 +82,30 @@ static int spki2typespki_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, #ifndef OPENSSL_NO_EC /* SM2 abuses the EC oid, so this could actually be SM2 */ if (OBJ_obj2nid(oid) == NID_X9_62_id_ecPublicKey - && ossl_x509_algor_is_sm2(algor)) + && ossl_x509_algor_is_sm2(algor)) strcpy(dataname, "SM2"); else #endif - if (OBJ_obj2txt(dataname, sizeof(dataname), oid, 0) <= 0) + if (OBJ_obj2txt(dataname, sizeof(dataname), oid, 0) <= 0) goto end; ossl_X509_PUBKEY_INTERNAL_free(xpub); xpub = NULL; - *p++ = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - dataname, 0); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + dataname, 0); - *p++ = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE, - "SubjectPublicKeyInfo", - 0); - *p++ = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, der, len); - *p++ = - OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_STRUCTURE, + "SubjectPublicKeyInfo", + 0); + *p++ = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, der, len); + *p++ = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); *p = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); - end: +end: ossl_X509_PUBKEY_INTERNAL_free(xpub); OPENSSL_free(der); return ok; diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index 1430c330cf0b..8752b2a24513 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -21,7 +21,7 @@ #include <openssl/err.h> #include <openssl/pem.h> #include <openssl/x509.h> -#include <openssl/pkcs12.h> /* PKCS8_encrypt() */ +#include <openssl/pkcs12.h> /* PKCS8_encrypt() */ #include <openssl/dh.h> #include <openssl/dsa.h> #include <openssl/ec.h> @@ -37,7 +37,7 @@ #include "endecoder_local.h" #if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC) -# define OPENSSL_NO_KEYPARAMS +#define OPENSSL_NO_KEYPARAMS #endif struct key2any_ctx_st { @@ -56,18 +56,17 @@ struct key2any_ctx_st { typedef int check_key_type_fn(const void *key, int nid); typedef int key_to_paramstring_fn(const void *key, int nid, int save, - void **str, int *strtype); + void **str, int *strtype); typedef int key_to_der_fn(BIO *out, const void *key, - int key_nid, const char *pemname, - key_to_paramstring_fn *p2s, i2d_of_void *k2d, - struct key2any_ctx_st *ctx); + int key_nid, const char *pemname, + key_to_paramstring_fn *p2s, i2d_of_void *k2d, + struct key2any_ctx_st *ctx); typedef int write_bio_of_void_fn(BIO *bp, const void *x); - /* Free the blob allocated during key_to_paramstring_fn */ static void free_asn1_data(int type, void *data) { - switch(type) { + switch (type) { case V_ASN1_OBJECT: ASN1_OBJECT_free(data); break; @@ -78,8 +77,8 @@ static void free_asn1_data(int type, void *data) } static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, - void *params, int params_type, - i2d_of_void *k2d) + void *params, int params_type, + i2d_of_void *k2d) { /* der, derlen store the key DER output and its length */ unsigned char *der = NULL; @@ -90,7 +89,7 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, if ((p8info = PKCS8_PRIV_KEY_INFO_new()) == NULL || (derlen = k2d(key, &der)) <= 0 || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(key_nid), 0, - params_type, params, der, derlen)) { + params_type, params, der, derlen)) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); PKCS8_PRIV_KEY_INFO_free(p8info); OPENSSL_free(der); @@ -101,7 +100,7 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, } static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, - struct key2any_ctx_st *ctx) + struct key2any_ctx_st *ctx) { X509_SIG *p8 = NULL; char kstr[PEM_BUFSIZE]; @@ -112,7 +111,7 @@ static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, return NULL; if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1, - &ctx->pwdata)) { + &ctx->pwdata)) { ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); return NULL; } @@ -123,11 +122,10 @@ static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, } static X509_SIG *key_to_encp8(const void *key, int key_nid, - void *params, int params_type, - i2d_of_void *k2d, struct key2any_ctx_st *ctx) + void *params, int params_type, + i2d_of_void *k2d, struct key2any_ctx_st *ctx) { - PKCS8_PRIV_KEY_INFO *p8info = - key_to_p8info(key, key_nid, params, params_type, k2d); + PKCS8_PRIV_KEY_INFO *p8info = key_to_p8info(key, key_nid, params, params_type, k2d); X509_SIG *p8 = NULL; if (p8info == NULL) { @@ -140,8 +138,8 @@ static X509_SIG *key_to_encp8(const void *key, int key_nid, } static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, - void *params, int params_type, - i2d_of_void k2d) + void *params, int params_type, + i2d_of_void k2d) { /* der, derlen store the key DER output and its length */ unsigned char *der = NULL; @@ -149,11 +147,10 @@ static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, /* The final X509_PUBKEY */ X509_PUBKEY *xpk = NULL; - if ((xpk = X509_PUBKEY_new()) == NULL || (derlen = k2d(key, &der)) <= 0 || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(key_nid), - params_type, params, der, derlen)) { + params_type, params, der, derlen)) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); X509_PUBKEY_free(xpk); OPENSSL_free(der); @@ -168,7 +165,7 @@ static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, * EncryptedPrivateKeyInfo structure (defined by PKCS#8). They require * that there's an intent to encrypt, anything else is an error. * - * key_to_pki_* primarly produce encoded output with the private key data + * key_to_pki_* primarily produce encoded output with the private key data * in a PrivateKeyInfo structure (also defined by PKCS#8). However, if * there is an intent to encrypt the data, the corresponding key_to_epki_* * function is used instead. @@ -183,11 +180,11 @@ static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, */ static int key_to_epki_der_priv_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { int ret = 0; void *str = NULL; @@ -197,8 +194,7 @@ static int key_to_epki_der_priv_bio(BIO *out, const void *key, if (!ctx->cipher_intent) return 0; - if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, - &str, &strtype)) + if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx); @@ -211,11 +207,11 @@ static int key_to_epki_der_priv_bio(BIO *out, const void *key, } static int key_to_epki_pem_priv_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { int ret = 0; void *str = NULL; @@ -225,8 +221,7 @@ static int key_to_epki_pem_priv_bio(BIO *out, const void *key, if (!ctx->cipher_intent) return 0; - if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, - &str, &strtype)) + if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; p8 = key_to_encp8(key, key_nid, str, strtype, k2d, ctx); @@ -239,11 +234,11 @@ static int key_to_epki_pem_priv_bio(BIO *out, const void *key, } static int key_to_pki_der_priv_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { int ret = 0; void *str = NULL; @@ -252,10 +247,9 @@ static int key_to_pki_der_priv_bio(BIO *out, const void *key, if (ctx->cipher_intent) return key_to_epki_der_priv_bio(out, key, key_nid, pemname, - p2s, k2d, ctx); + p2s, k2d, ctx); - if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, - &str, &strtype)) + if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; p8info = key_to_p8info(key, key_nid, str, strtype, k2d); @@ -271,11 +265,11 @@ static int key_to_pki_der_priv_bio(BIO *out, const void *key, } static int key_to_pki_pem_priv_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { int ret = 0; void *str = NULL; @@ -284,10 +278,9 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, if (ctx->cipher_intent) return key_to_epki_pem_priv_bio(out, key, key_nid, pemname, - p2s, k2d, ctx); + p2s, k2d, ctx); - if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, - &str, &strtype)) + if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; p8info = key_to_p8info(key, key_nid, str, strtype, k2d); @@ -303,19 +296,18 @@ static int key_to_pki_pem_priv_bio(BIO *out, const void *key, } static int key_to_spki_der_pub_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; X509_PUBKEY *xpk = NULL; - if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, - &str, &strtype)) + if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; xpk = key_to_pubkey(key, key_nid, str, strtype, k2d); @@ -329,19 +321,18 @@ static int key_to_spki_der_pub_bio(BIO *out, const void *key, } static int key_to_spki_pem_pub_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { int ret = 0; void *str = NULL; int strtype = V_ASN1_UNDEF; X509_PUBKEY *xpk = NULL; - if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, - &str, &strtype)) + if (p2s != NULL && !p2s(key, key_nid, ctx->save_parameters, &str, &strtype)) return 0; xpk = key_to_pubkey(key, key_nid, str, strtype, k2d); @@ -369,11 +360,11 @@ static int key_to_spki_pem_pub_bio(BIO *out, const void *key, * on k2d to do the complete work. */ static int key_to_type_specific_der_bio(BIO *out, const void *key, - int key_nid, - ossl_unused const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, + ossl_unused const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { unsigned char *der = NULL; int derlen; @@ -393,47 +384,47 @@ static int key_to_type_specific_der_bio(BIO *out, const void *key, #define key_to_type_specific_der_param_bio key_to_type_specific_der_bio static int key_to_type_specific_pem_bio_cb(BIO *out, const void *key, - int key_nid, const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx, - pem_password_cb *cb, void *cbarg) + int key_nid, const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx, + pem_password_cb *cb, void *cbarg) { - return - PEM_ASN1_write_bio(k2d, pemname, out, key, ctx->cipher, - NULL, 0, cb, cbarg) > 0; + return PEM_ASN1_write_bio(k2d, pemname, out, key, ctx->cipher, + NULL, 0, cb, cbarg) + > 0; } static int key_to_type_specific_pem_priv_bio(BIO *out, const void *key, - int key_nid, const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname, - p2s, k2d, ctx, - ossl_pw_pem_password, &ctx->pwdata); + p2s, k2d, ctx, + ossl_pw_pem_password, &ctx->pwdata); } static int key_to_type_specific_pem_pub_bio(BIO *out, const void *key, - int key_nid, const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname, - p2s, k2d, ctx, NULL, NULL); + p2s, k2d, ctx, NULL, NULL); } #ifndef OPENSSL_NO_KEYPARAMS static int key_to_type_specific_pem_param_bio(BIO *out, const void *key, - int key_nid, const char *pemname, - key_to_paramstring_fn *p2s, - i2d_of_void *k2d, - struct key2any_ctx_st *ctx) + int key_nid, const char *pemname, + key_to_paramstring_fn *p2s, + i2d_of_void *k2d, + struct key2any_ctx_st *ctx) { return key_to_type_specific_pem_bio_cb(out, key, key_nid, pemname, - p2s, k2d, ctx, NULL, NULL); + p2s, k2d, ctx, NULL, NULL); } #endif @@ -441,7 +432,7 @@ static int key_to_type_specific_pem_param_bio(BIO *out, const void *key, #ifndef OPENSSL_NO_DH static int prepare_dh_params(const void *dh, int nid, int save, - void **pstr, int *pstrtype) + void **pstr, int *pstrtype) { ASN1_STRING *params = ASN1_STRING_new(); @@ -509,7 +500,7 @@ static int dh_pki_priv_to_der(const void *dh, unsigned char **pder) return ret; } -# define dh_epki_priv_to_der dh_pki_priv_to_der +#define dh_epki_priv_to_der dh_pki_priv_to_der static int dh_type_specific_params_to_der(const void *dh, unsigned char **pder) { @@ -522,30 +513,29 @@ static int dh_type_specific_params_to_der(const void *dh, unsigned char **pder) * DH doesn't have i2d_DHPrivateKey or i2d_DHPublicKey, so we can't make * corresponding functions here. */ -# define dh_type_specific_priv_to_der NULL -# define dh_type_specific_pub_to_der NULL +#define dh_type_specific_priv_to_der NULL +#define dh_type_specific_pub_to_der NULL static int dh_check_key_type(const void *dh, int expected_type) { - int type = - DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; + int type = DH_test_flags(dh, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; return type == expected_type; } -# define dh_evp_type EVP_PKEY_DH -# define dhx_evp_type EVP_PKEY_DHX -# define dh_input_type "DH" -# define dhx_input_type "DHX" -# define dh_pem_type "DH" -# define dhx_pem_type "X9.42 DH" +#define dh_evp_type EVP_PKEY_DH +#define dhx_evp_type EVP_PKEY_DHX +#define dh_input_type "DH" +#define dhx_input_type "DHX" +#define dh_pem_type "DH" +#define dhx_pem_type "X9.42 DH" #endif /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_DSA static int encode_dsa_params(const void *dsa, int nid, - void **pstr, int *pstrtype) + void **pstr, int *pstrtype) { ASN1_STRING *params = ASN1_STRING_new(); @@ -568,7 +558,7 @@ static int encode_dsa_params(const void *dsa, int nid, } static int prepare_dsa_params(const void *dsa, int nid, int save, - void **pstr, int *pstrtype) + void **pstr, int *pstrtype) { const BIGNUM *p = DSA_get0_p(dsa); const BIGNUM *q = DSA_get0_q(dsa); @@ -624,23 +614,23 @@ static int dsa_pki_priv_to_der(const void *dsa, unsigned char **pder) return ret; } -# define dsa_epki_priv_to_der dsa_pki_priv_to_der +#define dsa_epki_priv_to_der dsa_pki_priv_to_der -# define dsa_type_specific_priv_to_der (i2d_of_void *)i2d_DSAPrivateKey -# define dsa_type_specific_pub_to_der (i2d_of_void *)i2d_DSAPublicKey -# define dsa_type_specific_params_to_der (i2d_of_void *)i2d_DSAparams +#define dsa_type_specific_priv_to_der (i2d_of_void *)i2d_DSAPrivateKey +#define dsa_type_specific_pub_to_der (i2d_of_void *)i2d_DSAPublicKey +#define dsa_type_specific_params_to_der (i2d_of_void *)i2d_DSAparams -# define dsa_check_key_type NULL -# define dsa_evp_type EVP_PKEY_DSA -# define dsa_input_type "DSA" -# define dsa_pem_type "DSA" +#define dsa_check_key_type NULL +#define dsa_evp_type EVP_PKEY_DSA +#define dsa_input_type "DSA" +#define dsa_pem_type "DSA" #endif /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_EC static int prepare_ec_explicit_params(const void *eckey, - void **pstr, int *pstrtype) + void **pstr, int *pstrtype) { ASN1_STRING *params = ASN1_STRING_new(); @@ -666,7 +656,7 @@ static int prepare_ec_explicit_params(const void *eckey, * is a curve name (curve nid) to be found or not. See RFC 3279 for details. */ static int prepare_ec_params(const void *eckey, int nid, int save, - void **pstr, int *pstrtype) + void **pstr, int *pstrtype) { int curve_nid; const EC_GROUP *group = EC_KEY_get0_group(eckey); @@ -728,18 +718,18 @@ static int ec_pki_priv_to_der(const void *veckey, unsigned char **pder) return ret; /* return the length of the der encoded data */ } -# define ec_epki_priv_to_der ec_pki_priv_to_der +#define ec_epki_priv_to_der ec_pki_priv_to_der -# define ec_type_specific_params_to_der (i2d_of_void *)i2d_ECParameters +#define ec_type_specific_params_to_der (i2d_of_void *)i2d_ECParameters /* No ec_type_specific_pub_to_der, there simply is no such thing */ -# define ec_type_specific_priv_to_der (i2d_of_void *)i2d_ECPrivateKey +#define ec_type_specific_priv_to_der (i2d_of_void *)i2d_ECPrivateKey -# define ec_check_key_type NULL -# define ec_evp_type EVP_PKEY_EC -# define ec_input_type "EC" -# define ec_pem_type "EC" +#define ec_check_key_type NULL +#define ec_evp_type EVP_PKEY_EC +#define ec_input_type "EC" +#define ec_pem_type "EC" -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 /* * Albeit SM2 is a slightly different algorithm than ECDSA, the key type * encoding (in all places where an AlgorithmIdentifier is produced, such @@ -748,16 +738,16 @@ static int ec_pki_priv_to_der(const void *veckey, unsigned char **pder) * This leaves the distinction of SM2 keys to the EC group (which is found * in AlgorithmIdentified.params). */ -# define sm2_evp_type ec_evp_type -# define sm2_input_type "SM2" -# define sm2_pem_type "SM2" -# endif +#define sm2_evp_type ec_evp_type +#define sm2_input_type "SM2" +#define sm2_pem_type "SM2" +#endif #endif /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_EC -# define prepare_ecx_params NULL +#define prepare_ecx_params NULL static int ecx_spki_pub_to_der(const void *vecxkey, unsigned char **pder) { @@ -803,27 +793,27 @@ static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder) return keybloblen; } -# define ecx_epki_priv_to_der ecx_pki_priv_to_der +#define ecx_epki_priv_to_der ecx_pki_priv_to_der /* * ED25519, ED448, X25519 and X448 only has PKCS#8 / SubjectPublicKeyInfo * representation, so we don't define ecx_type_specific_[priv,pub,params]_to_der. */ -# define ecx_check_key_type NULL +#define ecx_check_key_type NULL -# define ed25519_evp_type EVP_PKEY_ED25519 -# define ed448_evp_type EVP_PKEY_ED448 -# define x25519_evp_type EVP_PKEY_X25519 -# define x448_evp_type EVP_PKEY_X448 -# define ed25519_input_type "ED25519" -# define ed448_input_type "ED448" -# define x25519_input_type "X25519" -# define x448_input_type "X448" -# define ed25519_pem_type "ED25519" -# define ed448_pem_type "ED448" -# define x25519_pem_type "X25519" -# define x448_pem_type "X448" +#define ed25519_evp_type EVP_PKEY_ED25519 +#define ed448_evp_type EVP_PKEY_ED448 +#define x25519_evp_type EVP_PKEY_X25519 +#define x448_evp_type EVP_PKEY_X448 +#define ed25519_input_type "ED25519" +#define ed448_input_type "ED448" +#define x25519_input_type "X25519" +#define x448_input_type "X448" +#define ed25519_pem_type "ED25519" +#define ed448_pem_type "ED448" +#define x25519_pem_type "X25519" +#define x448_pem_type "X448" #endif /* ---------------------------------------------------------------------- */ @@ -835,7 +825,7 @@ static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder) */ static int prepare_rsa_params(const void *rsa, int nid, int save, - void **pstr, int *pstrtype) + void **pstr, int *pstrtype) { const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30((RSA *)rsa); @@ -896,7 +886,7 @@ static int prepare_rsa_params(const void *rsa, int nid, int save, *pstr = astr; return 1; - err: + err: OPENSSL_free(str); return 0; } @@ -910,11 +900,11 @@ static int prepare_rsa_params(const void *rsa, int nid, int save, * RSA is extremely simple, as PKCS#1 is used for the PKCS#8 |privateKey| * field as well as the SubjectPublicKeyInfo |subjectPublicKey| field. */ -#define rsa_pki_priv_to_der rsa_type_specific_priv_to_der -#define rsa_epki_priv_to_der rsa_type_specific_priv_to_der -#define rsa_spki_pub_to_der rsa_type_specific_pub_to_der -#define rsa_type_specific_priv_to_der (i2d_of_void *)i2d_RSAPrivateKey -#define rsa_type_specific_pub_to_der (i2d_of_void *)i2d_RSAPublicKey +#define rsa_pki_priv_to_der rsa_type_specific_priv_to_der +#define rsa_epki_priv_to_der rsa_type_specific_priv_to_der +#define rsa_spki_pub_to_der rsa_type_specific_pub_to_der +#define rsa_type_specific_priv_to_der (i2d_of_void *)i2d_RSAPrivateKey +#define rsa_type_specific_pub_to_der (i2d_of_void *)i2d_RSAPublicKey #define rsa_type_specific_params_to_der NULL static int rsa_check_key_type(const void *rsa, int expected_type) @@ -930,12 +920,12 @@ static int rsa_check_key_type(const void *rsa, int expected_type) return EVP_PKEY_NONE; } -#define rsa_evp_type EVP_PKEY_RSA -#define rsapss_evp_type EVP_PKEY_RSA_PSS -#define rsa_input_type "RSA" -#define rsapss_input_type "RSA-PSS" -#define rsa_pem_type "RSA" -#define rsapss_pem_type "RSA-PSS" +#define rsa_evp_type EVP_PKEY_RSA +#define rsapss_evp_type EVP_PKEY_RSA_PSS +#define rsa_input_type "RSA" +#define rsapss_input_type "RSA-PSS" +#define rsa_pem_type "RSA" +#define rsapss_pem_type "RSA-PSS" /* ---------------------------------------------------------------------- */ @@ -978,12 +968,9 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { struct key2any_ctx_st *ctx = vctx; OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx); - const OSSL_PARAM *cipherp = - OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER); - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES); - const OSSL_PARAM *save_paramsp = - OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_SAVE_PARAMETERS); + const OSSL_PARAM *cipherp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER); + const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_PROPERTIES); + const OSSL_PARAM *save_paramsp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_SAVE_PARAMETERS); if (cipherp != NULL) { const char *ciphername = NULL; @@ -998,8 +985,7 @@ static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ctx->cipher = NULL; ctx->cipher_intent = ciphername != NULL; if (ciphername != NULL - && ((ctx->cipher = - EVP_CIPHER_fetch(libctx, ciphername, props)) == NULL)) + && ((ctx->cipher = EVP_CIPHER_fetch(libctx, ciphername, props)) == NULL)) return 0; } @@ -1044,26 +1030,25 @@ static int key2any_check_selection(int selection, int selection_mask) } static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, - const void *key, int type, const char *pemname, - check_key_type_fn *checker, - key_to_der_fn *writer, - OSSL_PASSPHRASE_CALLBACK *pwcb, void *pwcbarg, - key_to_paramstring_fn *key2paramstring, - i2d_of_void *key2der) + const void *key, int type, const char *pemname, + check_key_type_fn *checker, + key_to_der_fn *writer, + OSSL_PASSPHRASE_CALLBACK *pwcb, void *pwcbarg, + key_to_paramstring_fn *key2paramstring, + i2d_of_void *key2der) { int ret = 0; if (key == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER); } else if (writer != NULL - && (checker == NULL || checker(key, type))) { + && (checker == NULL || checker(key, type))) { BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout); if (out != NULL && (pwcb == NULL || ossl_pw_set_ossl_passphrase_cb(&ctx->pwdata, pwcb, pwcbarg))) - ret = - writer(out, key, type, pemname, key2paramstring, key2der, ctx); + ret = writer(out, key, type, pemname, key2paramstring, key2der, ctx); BIO_free(out); } else { @@ -1073,34 +1058,34 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, } #define DO_PRIVATE_KEY_selection_mask OSSL_KEYMGMT_SELECT_PRIVATE_KEY -#define DO_PRIVATE_KEY(impl, type, kind, output) \ - if ((selection & DO_PRIVATE_KEY_selection_mask) != 0) \ - return key2any_encode(ctx, cout, key, impl##_evp_type, \ - impl##_pem_type " PRIVATE KEY", \ - type##_check_key_type, \ - key_to_##kind##_##output##_priv_bio, \ - cb, cbarg, prepare_##type##_params, \ - type##_##kind##_priv_to_der); +#define DO_PRIVATE_KEY(impl, type, kind, output) \ + if ((selection & DO_PRIVATE_KEY_selection_mask) != 0) \ + return key2any_encode(ctx, cout, key, impl##_evp_type, \ + impl##_pem_type " PRIVATE KEY", \ + type##_check_key_type, \ + key_to_##kind##_##output##_priv_bio, \ + cb, cbarg, prepare_##type##_params, \ + type##_##kind##_priv_to_der); #define DO_PUBLIC_KEY_selection_mask OSSL_KEYMGMT_SELECT_PUBLIC_KEY -#define DO_PUBLIC_KEY(impl, type, kind, output) \ - if ((selection & DO_PUBLIC_KEY_selection_mask) != 0) \ - return key2any_encode(ctx, cout, key, impl##_evp_type, \ - impl##_pem_type " PUBLIC KEY", \ - type##_check_key_type, \ - key_to_##kind##_##output##_pub_bio, \ - cb, cbarg, prepare_##type##_params, \ - type##_##kind##_pub_to_der); +#define DO_PUBLIC_KEY(impl, type, kind, output) \ + if ((selection & DO_PUBLIC_KEY_selection_mask) != 0) \ + return key2any_encode(ctx, cout, key, impl##_evp_type, \ + impl##_pem_type " PUBLIC KEY", \ + type##_check_key_type, \ + key_to_##kind##_##output##_pub_bio, \ + cb, cbarg, prepare_##type##_params, \ + type##_##kind##_pub_to_der); #define DO_PARAMETERS_selection_mask OSSL_KEYMGMT_SELECT_ALL_PARAMETERS -#define DO_PARAMETERS(impl, type, kind, output) \ - if ((selection & DO_PARAMETERS_selection_mask) != 0) \ - return key2any_encode(ctx, cout, key, impl##_evp_type, \ - impl##_pem_type " PARAMETERS", \ - type##_check_key_type, \ - key_to_##kind##_##output##_param_bio, \ - NULL, NULL, NULL, \ - type##_##kind##_params_to_der); +#define DO_PARAMETERS(impl, type, kind, output) \ + if ((selection & DO_PARAMETERS_selection_mask) != 0) \ + return key2any_encode(ctx, cout, key, impl##_evp_type, \ + impl##_pem_type " PARAMETERS", \ + type##_check_key_type, \ + key_to_##kind##_##output##_param_bio, \ + NULL, NULL, NULL, \ + type##_##kind##_params_to_der); /*- * Implement the kinds of output structure that can be produced. They are @@ -1136,16 +1121,16 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, * passphrase callback has been passed to them. */ #define DO_PrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask -#define DO_PrivateKeyInfo(impl, type, output) \ +#define DO_PrivateKeyInfo(impl, type, output) \ DO_PRIVATE_KEY(impl, type, pki, output) #define DO_EncryptedPrivateKeyInfo_selection_mask DO_PRIVATE_KEY_selection_mask -#define DO_EncryptedPrivateKeyInfo(impl, type, output) \ +#define DO_EncryptedPrivateKeyInfo(impl, type, output) \ DO_PRIVATE_KEY(impl, type, epki, output) /* SubjectPublicKeyInfo is a structure for public keys only */ #define DO_SubjectPublicKeyInfo_selection_mask DO_PUBLIC_KEY_selection_mask -#define DO_SubjectPublicKeyInfo(impl, type, output) \ +#define DO_SubjectPublicKeyInfo(impl, type, output) \ DO_PUBLIC_KEY(impl, type, spki, output) /* @@ -1164,23 +1149,23 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, * except public key */ #define DO_type_specific_params_selection_mask DO_PARAMETERS_selection_mask -#define DO_type_specific_params(impl, type, output) \ +#define DO_type_specific_params(impl, type, output) \ DO_PARAMETERS(impl, type, type_specific, output) -#define DO_type_specific_keypair_selection_mask \ - ( DO_PRIVATE_KEY_selection_mask | DO_PUBLIC_KEY_selection_mask ) -#define DO_type_specific_keypair(impl, type, output) \ - DO_PRIVATE_KEY(impl, type, type_specific, output) \ +#define DO_type_specific_keypair_selection_mask \ + (DO_PRIVATE_KEY_selection_mask | DO_PUBLIC_KEY_selection_mask) +#define DO_type_specific_keypair(impl, type, output) \ + DO_PRIVATE_KEY(impl, type, type_specific, output) \ DO_PUBLIC_KEY(impl, type, type_specific, output) -#define DO_type_specific_selection_mask \ - ( DO_type_specific_keypair_selection_mask \ - | DO_type_specific_params_selection_mask ) -#define DO_type_specific(impl, type, output) \ - DO_type_specific_keypair(impl, type, output) \ - DO_type_specific_params(impl, type, output) +#define DO_type_specific_selection_mask \ + (DO_type_specific_keypair_selection_mask \ + | DO_type_specific_params_selection_mask) +#define DO_type_specific(impl, type, output) \ + DO_type_specific_keypair(impl, type, output) \ + DO_type_specific_params(impl, type, output) #define DO_type_specific_no_pub_selection_mask \ - ( DO_PRIVATE_KEY_selection_mask | DO_PARAMETERS_selection_mask) -#define DO_type_specific_no_pub(impl, type, output) \ - DO_PRIVATE_KEY(impl, type, type_specific, output) \ + (DO_PRIVATE_KEY_selection_mask | DO_PARAMETERS_selection_mask) +#define DO_type_specific_no_pub(impl, type, output) \ + DO_PRIVATE_KEY(impl, type, type_specific, output) \ DO_type_specific_params(impl, type, output) /* @@ -1243,71 +1228,72 @@ static int key2any_encode(struct key2any_ctx_st *ctx, OSSL_CORE_BIO *cout, * * ossl_##impl##_to_##kind##_##output##_encoder_functions */ -#define MAKE_ENCODER(impl, type, evp_type, kind, output) \ - static OSSL_FUNC_encoder_import_object_fn \ - impl##_to_##kind##_##output##_import_object; \ - static OSSL_FUNC_encoder_free_object_fn \ - impl##_to_##kind##_##output##_free_object; \ - static OSSL_FUNC_encoder_encode_fn \ - impl##_to_##kind##_##output##_encode; \ - \ - static void * \ - impl##_to_##kind##_##output##_import_object(void *vctx, int selection, \ - const OSSL_PARAM params[]) \ - { \ - struct key2any_ctx_st *ctx = vctx; \ - \ - return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ - ctx->provctx, selection, params); \ - } \ - static void impl##_to_##kind##_##output##_free_object(void *key) \ - { \ - ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ - } \ - static int impl##_to_##kind##_##output##_does_selection(void *ctx, \ - int selection) \ - { \ - return key2any_check_selection(selection, \ - DO_##kind##_selection_mask); \ - } \ - static int \ - impl##_to_##kind##_##output##_encode(void *ctx, OSSL_CORE_BIO *cout, \ - const void *key, \ - const OSSL_PARAM key_abstract[], \ - int selection, \ - OSSL_PASSPHRASE_CALLBACK *cb, \ - void *cbarg) \ - { \ - /* We don't deal with abstract objects */ \ - if (key_abstract != NULL) { \ - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ - return 0; \ - } \ - DO_##kind(impl, type, output) \ - \ - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ - return 0; \ - } \ - const OSSL_DISPATCH \ - ossl_##impl##_to_##kind##_##output##_encoder_functions[] = { \ - { OSSL_FUNC_ENCODER_NEWCTX, \ - (void (*)(void))key2any_newctx }, \ - { OSSL_FUNC_ENCODER_FREECTX, \ - (void (*)(void))key2any_freectx }, \ - { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))key2any_settable_ctx_params }, \ - { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \ - (void (*)(void))key2any_set_ctx_params }, \ - { OSSL_FUNC_ENCODER_DOES_SELECTION, \ - (void (*)(void))impl##_to_##kind##_##output##_does_selection }, \ - { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ - (void (*)(void))impl##_to_##kind##_##output##_import_object }, \ - { OSSL_FUNC_ENCODER_FREE_OBJECT, \ - (void (*)(void))impl##_to_##kind##_##output##_free_object }, \ - { OSSL_FUNC_ENCODER_ENCODE, \ - (void (*)(void))impl##_to_##kind##_##output##_encode }, \ - { 0, NULL } \ - } +#define MAKE_ENCODER(impl, type, evp_type, kind, output) \ + static OSSL_FUNC_encoder_import_object_fn \ + impl##_to_##kind##_##output##_import_object; \ + static OSSL_FUNC_encoder_free_object_fn \ + impl##_to_##kind##_##output##_free_object; \ + static OSSL_FUNC_encoder_encode_fn \ + impl##_to_##kind##_##output##_encode; \ + \ + static void * \ + impl##_to_##kind##_##output##_import_object(void *vctx, int selection, \ + const OSSL_PARAM params[]) \ + { \ + struct key2any_ctx_st *ctx = vctx; \ + \ + return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ + ctx->provctx, selection, params); \ + } \ + static void impl##_to_##kind##_##output##_free_object(void *key) \ + { \ + ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ + } \ + static int impl##_to_##kind##_##output##_does_selection(void *ctx, \ + int selection) \ + { \ + return key2any_check_selection(selection, \ + DO_##kind##_selection_mask); \ + } \ + static int \ + impl##_to_##kind##_##output##_encode(void *ctx, OSSL_CORE_BIO *cout, \ + const void *key, \ + const OSSL_PARAM key_abstract[], \ + int selection, \ + OSSL_PASSPHRASE_CALLBACK *cb, \ + void *cbarg) \ + { \ + /* We don't deal with abstract objects */ \ + if (key_abstract != NULL) { \ + ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ + return 0; \ + } \ + DO_##kind(impl, type, output) \ + \ + ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ + return 0; \ + } \ + const OSSL_DISPATCH \ + ossl_##impl##_to_##kind##_##output##_encoder_functions[] \ + = { \ + { OSSL_FUNC_ENCODER_NEWCTX, \ + (void (*)(void))key2any_newctx }, \ + { OSSL_FUNC_ENCODER_FREECTX, \ + (void (*)(void))key2any_freectx }, \ + { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))key2any_settable_ctx_params }, \ + { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \ + (void (*)(void))key2any_set_ctx_params }, \ + { OSSL_FUNC_ENCODER_DOES_SELECTION, \ + (void (*)(void))impl##_to_##kind##_##output##_does_selection }, \ + { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ + (void (*)(void))impl##_to_##kind##_##output##_import_object }, \ + { OSSL_FUNC_ENCODER_FREE_OBJECT, \ + (void (*)(void))impl##_to_##kind##_##output##_free_object }, \ + { OSSL_FUNC_ENCODER_ENCODE, \ + (void (*)(void))impl##_to_##kind##_##output##_encode }, \ + { 0, NULL } \ + } /* * Replacements for i2d_{TYPE}PrivateKey, i2d_{TYPE}PublicKey, @@ -1323,9 +1309,9 @@ MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, type_specific, der); #endif #ifndef OPENSSL_NO_EC MAKE_ENCODER(ec, ec, EVP_PKEY_EC, type_specific_no_pub, der); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, type_specific_no_pub, der); -# endif +#endif #endif /* @@ -1342,9 +1328,9 @@ MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, type_specific, pem); #endif #ifndef OPENSSL_NO_EC MAKE_ENCODER(ec, ec, EVP_PKEY_EC, type_specific_no_pub, pem); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, type_specific_no_pub, pem); -# endif +#endif #endif /* @@ -1396,14 +1382,14 @@ MAKE_ENCODER(ec, ec, EVP_PKEY_EC, PrivateKeyInfo, der); MAKE_ENCODER(ec, ec, EVP_PKEY_EC, PrivateKeyInfo, pem); MAKE_ENCODER(ec, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, der); MAKE_ENCODER(ec, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, pem); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, PrivateKeyInfo, der); MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, PrivateKeyInfo, pem); MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, der); MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, SubjectPublicKeyInfo, pem); -# endif +#endif MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, EncryptedPrivateKeyInfo, der); MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, EncryptedPrivateKeyInfo, pem); MAKE_ENCODER(ed25519, ecx, EVP_PKEY_ED25519, PrivateKeyInfo, der); @@ -1453,10 +1439,10 @@ MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, DSA, pem); #ifndef OPENSSL_NO_EC MAKE_ENCODER(ec, ec, EVP_PKEY_EC, EC, der); MAKE_ENCODER(ec, ec, EVP_PKEY_EC, EC, pem); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, SM2, der); MAKE_ENCODER(sm2, ec, EVP_PKEY_EC, SM2, pem); -# endif +#endif #endif /* Convenience structure names */ diff --git a/providers/implementations/encode_decode/encode_key2blob.c b/providers/implementations/encode_decode/encode_key2blob.c index 550bceb09f58..0ce0401dec1b 100644 --- a/providers/implementations/encode_decode/encode_key2blob.c +++ b/providers/implementations/encode_decode/encode_key2blob.c @@ -27,7 +27,7 @@ #include "endecoder_local.h" static int write_blob(void *provctx, OSSL_CORE_BIO *cout, - void *data, int len) + void *data, int len) { BIO *out = ossl_bio_new_from_core_bio(provctx, cout); int ret; @@ -86,7 +86,7 @@ static int key2blob_check_selection(int selection, int selection_mask) } static int key2blob_encode(void *vctx, const void *key, int selection, - OSSL_CORE_BIO *cout) + OSSL_CORE_BIO *cout) { int pubkey_len = 0, ok = 0; unsigned char *pubkey = NULL; @@ -118,62 +118,62 @@ static int key2blob_encode(void *vctx, const void *key, int selection, * EVP_PKEY_##selection_name are convenience macros that combine "typical" * OSSL_KEYMGMT_SELECT_ macros for a certain type of EVP_PKEY content. */ -#define MAKE_BLOB_ENCODER(impl, type, selection_name) \ - static OSSL_FUNC_encoder_import_object_fn \ - impl##2blob_import_object; \ - static OSSL_FUNC_encoder_free_object_fn impl##2blob_free_object; \ - static OSSL_FUNC_encoder_does_selection_fn \ - impl##2blob_does_selection; \ - static OSSL_FUNC_encoder_encode_fn impl##2blob_encode; \ - \ - static void *impl##2blob_import_object(void *ctx, int selection, \ - const OSSL_PARAM params[]) \ - { \ - return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ - ctx, selection, params); \ - } \ - static void impl##2blob_free_object(void *key) \ - { \ - ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ - } \ - static int impl##2blob_does_selection(void *ctx, int selection) \ - { \ - return key2blob_check_selection(selection, \ - EVP_PKEY_##selection_name); \ - } \ - static int impl##2blob_encode(void *vctx, OSSL_CORE_BIO *cout, \ - const void *key, \ - const OSSL_PARAM key_abstract[], \ - int selection, \ - OSSL_PASSPHRASE_CALLBACK *cb, \ - void *cbarg) \ - { \ - /* We don't deal with abstract objects */ \ - if (key_abstract != NULL) { \ - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ - return 0; \ - } \ - return key2blob_encode(vctx, key, selection, cout); \ - } \ - const OSSL_DISPATCH ossl_##impl##_to_blob_encoder_functions[] = { \ - { OSSL_FUNC_ENCODER_NEWCTX, \ - (void (*)(void))key2blob_newctx }, \ - { OSSL_FUNC_ENCODER_FREECTX, \ - (void (*)(void))key2blob_freectx }, \ - { OSSL_FUNC_ENCODER_DOES_SELECTION, \ - (void (*)(void))impl##2blob_does_selection }, \ - { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ - (void (*)(void))impl##2blob_import_object }, \ - { OSSL_FUNC_ENCODER_FREE_OBJECT, \ - (void (*)(void))impl##2blob_free_object }, \ - { OSSL_FUNC_ENCODER_ENCODE, \ - (void (*)(void))impl##2blob_encode }, \ - { 0, NULL } \ +#define MAKE_BLOB_ENCODER(impl, type, selection_name) \ + static OSSL_FUNC_encoder_import_object_fn \ + impl##2blob_import_object; \ + static OSSL_FUNC_encoder_free_object_fn impl##2blob_free_object; \ + static OSSL_FUNC_encoder_does_selection_fn \ + impl##2blob_does_selection; \ + static OSSL_FUNC_encoder_encode_fn impl##2blob_encode; \ + \ + static void *impl##2blob_import_object(void *ctx, int selection, \ + const OSSL_PARAM params[]) \ + { \ + return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ + ctx, selection, params); \ + } \ + static void impl##2blob_free_object(void *key) \ + { \ + ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ + } \ + static int impl##2blob_does_selection(void *ctx, int selection) \ + { \ + return key2blob_check_selection(selection, \ + EVP_PKEY_##selection_name); \ + } \ + static int impl##2blob_encode(void *vctx, OSSL_CORE_BIO *cout, \ + const void *key, \ + const OSSL_PARAM key_abstract[], \ + int selection, \ + OSSL_PASSPHRASE_CALLBACK *cb, \ + void *cbarg) \ + { \ + /* We don't deal with abstract objects */ \ + if (key_abstract != NULL) { \ + ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ + return 0; \ + } \ + return key2blob_encode(vctx, key, selection, cout); \ + } \ + const OSSL_DISPATCH ossl_##impl##_to_blob_encoder_functions[] = { \ + { OSSL_FUNC_ENCODER_NEWCTX, \ + (void (*)(void))key2blob_newctx }, \ + { OSSL_FUNC_ENCODER_FREECTX, \ + (void (*)(void))key2blob_freectx }, \ + { OSSL_FUNC_ENCODER_DOES_SELECTION, \ + (void (*)(void))impl##2blob_does_selection }, \ + { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ + (void (*)(void))impl##2blob_import_object }, \ + { OSSL_FUNC_ENCODER_FREE_OBJECT, \ + (void (*)(void))impl##2blob_free_object }, \ + { OSSL_FUNC_ENCODER_ENCODE, \ + (void (*)(void))impl##2blob_encode }, \ + { 0, NULL } \ } #ifndef OPENSSL_NO_EC MAKE_BLOB_ENCODER(ec, ec, PUBLIC_KEY); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_BLOB_ENCODER(sm2, ec, PUBLIC_KEY); -# endif +#endif #endif diff --git a/providers/implementations/encode_decode/encode_key2ms.c b/providers/implementations/encode_decode/encode_key2ms.c index fe8c2dce4316..54ac414a5193 100644 --- a/providers/implementations/encode_decode/encode_key2ms.c +++ b/providers/implementations/encode_decode/encode_key2ms.c @@ -18,7 +18,7 @@ #include <openssl/core_names.h> #include <openssl/params.h> #include <openssl/err.h> -#include <openssl/pem.h> /* Functions for writing MSBLOB and PVK */ +#include <openssl/pem.h> /* Functions for writing MSBLOB and PVK */ #include <openssl/dsa.h> #include "internal/passphrase.h" #include "crypto/rsa.h" @@ -36,7 +36,7 @@ struct key2ms_ctx_st { }; static int write_msblob(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, - EVP_PKEY *pkey, int ispub) + EVP_PKEY *pkey, int ispub) { BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout); int ret; @@ -50,7 +50,7 @@ static int write_msblob(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, } static int write_pvk(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, - EVP_PKEY *pkey) + EVP_PKEY *pkey) { BIO *out = NULL; int ret; @@ -60,7 +60,7 @@ static int write_pvk(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout, if (out == NULL) return 0; ret = i2b_PVK_bio_ex(out, pkey, ctx->pvk_encr_level, - ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL); + ossl_pw_pvk_password, &ctx->pwdata, libctx, NULL); BIO_free(out); return ret; } @@ -126,8 +126,8 @@ static int key2ms_does_selection(void *vctx, int selection) typedef int evp_pkey_set1_fn(EVP_PKEY *, const void *key); static int key2msblob_encode(void *vctx, const void *key, int selection, - OSSL_CORE_BIO *cout, evp_pkey_set1_fn *set1_key, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CORE_BIO *cout, evp_pkey_set1_fn *set1_key, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct key2ms_ctx_st *ctx = vctx; int ispub = -1; @@ -139,7 +139,7 @@ static int key2msblob_encode(void *vctx, const void *key, int selection, else if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) ispub = 1; else - return 0; /* Error */ + return 0; /* Error */ if ((pkey = EVP_PKEY_new()) != NULL && set1_key(pkey, key)) ok = write_msblob(ctx, cout, pkey, ispub); @@ -148,15 +148,15 @@ static int key2msblob_encode(void *vctx, const void *key, int selection, } static int key2pvk_encode(void *vctx, const void *key, int selection, - OSSL_CORE_BIO *cout, evp_pkey_set1_fn *set1_key, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CORE_BIO *cout, evp_pkey_set1_fn *set1_key, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct key2ms_ctx_st *ctx = vctx; EVP_PKEY *pkey = NULL; int ok = 0; if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0) - return 0; /* Error */ + return 0; /* Error */ if ((pkey = EVP_PKEY_new()) != NULL && set1_key(pkey, key) && (pw_cb == NULL @@ -166,39 +166,39 @@ static int key2pvk_encode(void *vctx, const void *key, int selection, return ok; } -#define dsa_set1 (evp_pkey_set1_fn *)EVP_PKEY_set1_DSA -#define rsa_set1 (evp_pkey_set1_fn *)EVP_PKEY_set1_RSA +#define dsa_set1 (evp_pkey_set1_fn *)EVP_PKEY_set1_DSA +#define rsa_set1 (evp_pkey_set1_fn *)EVP_PKEY_set1_RSA #define msblob_set_params -#define pvk_set_params \ - { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))key2pvk_settable_ctx_params }, \ - { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \ - (void (*)(void))key2pvk_set_ctx_params }, +#define pvk_set_params \ + { OSSL_FUNC_ENCODER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))key2pvk_settable_ctx_params }, \ + { OSSL_FUNC_ENCODER_SET_CTX_PARAMS, \ + (void (*)(void))key2pvk_set_ctx_params }, #define MAKE_MS_ENCODER(impl, output, type) \ static OSSL_FUNC_encoder_import_object_fn \ - impl##2##output##_import_object; \ + impl##2##output##_import_object; \ static OSSL_FUNC_encoder_free_object_fn impl##2##output##_free_object; \ static OSSL_FUNC_encoder_encode_fn impl##2##output##_encode; \ \ static void * \ - impl##2##output##_import_object(void *ctx, int selection, \ - const OSSL_PARAM params[]) \ + impl##2##output##_import_object(void *ctx, int selection, \ + const OSSL_PARAM params[]) \ { \ return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ - ctx, selection, params); \ + ctx, selection, params); \ } \ static void impl##2##output##_free_object(void *key) \ { \ ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ } \ static int impl##2##output##_encode(void *vctx, OSSL_CORE_BIO *cout, \ - const void *key, \ - const OSSL_PARAM key_abstract[], \ - int selection, \ - OSSL_PASSPHRASE_CALLBACK *cb, \ - void *cbarg) \ + const void *key, \ + const OSSL_PARAM key_abstract[], \ + int selection, \ + OSSL_PASSPHRASE_CALLBACK *cb, \ + void *cbarg) \ { \ /* We don't deal with abstract objects */ \ if (key_abstract != NULL) { \ @@ -206,22 +206,21 @@ static int key2pvk_encode(void *vctx, const void *key, int selection, return 0; \ } \ return key2##output##_encode(vctx, key, selection, cout, type##_set1, \ - cb, cbarg); \ + cb, cbarg); \ } \ const OSSL_DISPATCH ossl_##impl##_to_##output##_encoder_functions[] = { \ { OSSL_FUNC_ENCODER_NEWCTX, \ - (void (*)(void))key2ms_newctx }, \ + (void (*)(void))key2ms_newctx }, \ { OSSL_FUNC_ENCODER_FREECTX, \ - (void (*)(void))key2ms_freectx }, \ - output##_set_params \ - { OSSL_FUNC_ENCODER_DOES_SELECTION, \ - (void (*)(void))key2ms_does_selection }, \ + (void (*)(void))key2ms_freectx }, \ + output##_set_params { OSSL_FUNC_ENCODER_DOES_SELECTION, \ + (void (*)(void))key2ms_does_selection }, \ { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ - (void (*)(void))impl##2##output##_import_object }, \ + (void (*)(void))impl##2##output##_import_object }, \ { OSSL_FUNC_ENCODER_FREE_OBJECT, \ - (void (*)(void))impl##2##output##_free_object }, \ + (void (*)(void))impl##2##output##_free_object }, \ { OSSL_FUNC_ENCODER_ENCODE, \ - (void (*)(void))impl##2##output##_encode }, \ + (void (*)(void))impl##2##output##_encode }, \ { 0, NULL } \ } diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 363031e83dbe..d23b6152fb37 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -22,32 +22,32 @@ #include <openssl/safestack.h> #include <openssl/proverr.h> #include "internal/ffc.h" -#include "crypto/bn.h" /* bn_get_words() */ -#include "crypto/dh.h" /* ossl_dh_get0_params() */ -#include "crypto/dsa.h" /* ossl_dsa_get0_params() */ -#include "crypto/ec.h" /* ossl_ec_key_get_libctx */ -#include "crypto/ecx.h" /* ECX_KEY, etc... */ -#include "crypto/rsa.h" /* RSA_PSS_PARAMS_30, etc... */ +#include "crypto/bn.h" /* bn_get_words() */ +#include "crypto/dh.h" /* ossl_dh_get0_params() */ +#include "crypto/dsa.h" /* ossl_dsa_get0_params() */ +#include "crypto/ec.h" /* ossl_ec_key_get_libctx */ +#include "crypto/ecx.h" /* ECX_KEY, etc... */ +#include "crypto/rsa.h" /* RSA_PSS_PARAMS_30, etc... */ #include "prov/bio.h" #include "prov/implementations.h" #include "endecoder_local.h" DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -# ifdef SIXTY_FOUR_BIT_LONG -# define BN_FMTu "%lu" -# define BN_FMTx "%lx" -# endif +#ifdef SIXTY_FOUR_BIT_LONG +#define BN_FMTu "%lu" +#define BN_FMTx "%lx" +#endif -# ifdef SIXTY_FOUR_BIT -# define BN_FMTu "%llu" -# define BN_FMTx "%llx" -# endif +#ifdef SIXTY_FOUR_BIT +#define BN_FMTu "%llu" +#define BN_FMTx "%llx" +#endif -# ifdef THIRTY_TWO_BIT -# define BN_FMTu "%u" -# define BN_FMTx "%x" -# endif +#ifdef THIRTY_TWO_BIT +#define BN_FMTu "%u" +#define BN_FMTx "%x" +#endif static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) { @@ -76,7 +76,7 @@ static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) neg = "-"; return BIO_printf(out, "%s%s%s" BN_FMTu " (%s0x" BN_FMTx ")\n", - label, post_label_spc, neg, words[0], neg, words[0]); + label, post_label_spc, neg, words[0], neg, words[0]); } hex_str = BN_bn2hex(bn); @@ -109,11 +109,12 @@ static int print_labeled_bignum(BIO *out, const char *label, const BIGNUM *bn) if ((bytes % 15) == 0 && bytes > 0) { if (BIO_printf(out, ":\n%s", spaces) <= 0) goto err; - use_sep = 0; /* The first byte on the next line doesnt have a : */ + use_sep = 0; /* The first byte on the next line doesn't have a : */ } if (BIO_printf(out, "%s%c%c", use_sep ? ":" : "", - tolower((unsigned char)p[0]), - tolower((unsigned char)p[1])) <= 0) + tolower((unsigned char)p[0]), + tolower((unsigned char)p[1])) + <= 0) goto err; ++bytes; p += 2; @@ -128,11 +129,11 @@ err: } /* Number of octets per line */ -#define LABELED_BUF_PRINT_WIDTH 15 +#define LABELED_BUF_PRINT_WIDTH 15 #if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) static int print_labeled_buf(BIO *out, const char *label, - const unsigned char *buf, size_t buflen) + const unsigned char *buf, size_t buflen) { size_t i; @@ -148,7 +149,8 @@ static int print_labeled_buf(BIO *out, const char *label, } if (BIO_printf(out, "%02x%s", buf[i], - (i == buflen - 1) ? "" : ":") <= 0) + (i == buflen - 1) ? "" : ":") + <= 0) return 0; } if (BIO_printf(out, "\n") <= 0) @@ -277,14 +279,15 @@ static int dh_to_text(BIO *out, const void *key, int selection) length = DH_get_length(dh); if (length > 0 && BIO_printf(out, "recommended-private-length: %ld bits\n", - length) <= 0) + length) + <= 0) return 0; return 1; } -# define dh_input_type "DH" -# define dhx_input_type "DHX" +#define dh_input_type "DH" +#define dhx_input_type "DHX" #endif /* ---------------------------------------------------------------------- */ @@ -353,14 +356,14 @@ static int dsa_to_text(BIO *out, const void *key, int selection) return 1; } -# define dsa_input_type "DSA" +#define dsa_input_type "DSA" #endif /* ---------------------------------------------------------------------- */ #ifndef OPENSSL_NO_EC static int ec_param_explicit_curve_to_text(BIO *out, const EC_GROUP *group, - BN_CTX *ctx) + BN_CTX *ctx) { const char *plabel = "Prime:"; BIGNUM *p = NULL, *a = NULL, *b = NULL; @@ -387,7 +390,7 @@ static int ec_param_explicit_curve_to_text(BIO *out, const EC_GROUP *group, } static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, - BN_CTX *ctx) + BN_CTX *ctx) { int ret; size_t buflen; @@ -404,8 +407,8 @@ static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, switch (form) { case POINT_CONVERSION_COMPRESSED: - glabel = "Generator (compressed):"; - break; + glabel = "Generator (compressed):"; + break; case POINT_CONVERSION_UNCOMPRESSED: glabel = "Generator (uncompressed):"; break; @@ -427,7 +430,7 @@ static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, /* Print explicit parameters */ static int ec_param_explicit_to_text(BIO *out, const EC_GROUP *group, - OSSL_LIB_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ret = 0, tmp_nid; BN_CTX *ctx = NULL; @@ -468,7 +471,7 @@ err: } static int ec_param_to_text(BIO *out, const EC_GROUP *group, - OSSL_LIB_CTX *libctx) + OSSL_LIB_CTX *libctx) { if (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) { const char *curve_name; @@ -483,7 +486,7 @@ static int ec_param_to_text(BIO *out, const EC_GROUP *group, curve_name = EC_curve_nid2nist(curve_nid); return (curve_name == NULL - || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0); + || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0); } else { return ec_param_explicit_to_text(out, group, libctx); } @@ -542,7 +545,8 @@ static int ec_to_text(BIO *out, const void *key, int selection) if (type_label != NULL && BIO_printf(out, "%s: (%d bit)\n", type_label, - EC_GROUP_order_bits(group)) <= 0) + EC_GROUP_order_bits(group)) + <= 0) goto err; if (priv != NULL && !print_labeled_buf(out, "priv:", priv, priv_len)) @@ -558,11 +562,11 @@ err: return ret; } -# define ec_input_type "EC" +#define ec_input_type "EC" -# ifndef OPENSSL_NO_SM2 -# define sm2_input_type "SM2" -# endif +#ifndef OPENSSL_NO_SM2 +#define sm2_input_type "SM2" +#endif #endif /* ---------------------------------------------------------------------- */ @@ -620,10 +624,10 @@ static int ecx_to_text(BIO *out, const void *key, int selection) return 1; } -# define ed25519_input_type "ED25519" -# define ed448_input_type "ED448" -# define x25519_input_type "X25519" -# define x448_input_type "X448" +#define ed25519_input_type "ED25519" +#define ed448_input_type "ED448" +#define x25519_input_type "X25519" +#define x448_input_type "X448" #endif /* ---------------------------------------------------------------------- */ @@ -672,11 +676,13 @@ static int rsa_to_text(BIO *out, const void *key, int selection) if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { if (BIO_printf(out, "%s: (%d bit, %d primes)\n", - type_label, BN_num_bits(rsa_n), primes) <= 0) + type_label, BN_num_bits(rsa_n), primes) + <= 0) goto err; } else { if (BIO_printf(out, "%s: (%d bit)\n", - type_label, BN_num_bits(rsa_n)) <= 0) + type_label, BN_num_bits(rsa_n)) + <= 0) goto err; } @@ -690,35 +696,35 @@ static int rsa_to_text(BIO *out, const void *key, int selection) if (!print_labeled_bignum(out, "privateExponent:", rsa_d)) goto err; if (!print_labeled_bignum(out, "prime1:", - sk_BIGNUM_const_value(factors, 0))) + sk_BIGNUM_const_value(factors, 0))) goto err; if (!print_labeled_bignum(out, "prime2:", - sk_BIGNUM_const_value(factors, 1))) + sk_BIGNUM_const_value(factors, 1))) goto err; if (!print_labeled_bignum(out, "exponent1:", - sk_BIGNUM_const_value(exps, 0))) + sk_BIGNUM_const_value(exps, 0))) goto err; if (!print_labeled_bignum(out, "exponent2:", - sk_BIGNUM_const_value(exps, 1))) + sk_BIGNUM_const_value(exps, 1))) goto err; if (!print_labeled_bignum(out, "coefficient:", - sk_BIGNUM_const_value(coeffs, 0))) + sk_BIGNUM_const_value(coeffs, 0))) goto err; for (i = 2; i < sk_BIGNUM_const_num(factors); i++) { if (BIO_printf(out, "prime%d:", i + 1) <= 0) goto err; if (!print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(factors, i))) + sk_BIGNUM_const_value(factors, i))) goto err; if (BIO_printf(out, "exponent%d:", i + 1) <= 0) goto err; if (!print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(exps, i))) + sk_BIGNUM_const_value(exps, i))) goto err; if (BIO_printf(out, "coefficient%d:", i + 1) <= 0) goto err; if (!print_labeled_bignum(out, NULL, - sk_BIGNUM_const_value(coeffs, i - 1))) + sk_BIGNUM_const_value(coeffs, i - 1))) goto err; } } @@ -737,35 +743,38 @@ static int rsa_to_text(BIO *out, const void *key, int selection) goto err; } else { int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss_params); - int maskgenalg_nid = - ossl_rsa_pss_params_30_maskgenalg(pss_params); - int maskgenhashalg_nid = - ossl_rsa_pss_params_30_maskgenhashalg(pss_params); + int maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(pss_params); + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss_params); int saltlen = ossl_rsa_pss_params_30_saltlen(pss_params); - int trailerfield = - ossl_rsa_pss_params_30_trailerfield(pss_params); + int trailerfield = ossl_rsa_pss_params_30_trailerfield(pss_params); if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0) goto err; if (BIO_printf(out, " Hash Algorithm: %s%s\n", - ossl_rsa_oaeppss_nid2name(hashalg_nid), - (hashalg_nid == NID_sha1 - ? " (default)" : "")) <= 0) + ossl_rsa_oaeppss_nid2name(hashalg_nid), + (hashalg_nid == NID_sha1 + ? " (default)" + : "")) + <= 0) goto err; if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n", - ossl_rsa_mgf_nid2name(maskgenalg_nid), - ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid), - (maskgenalg_nid == NID_mgf1 - && maskgenhashalg_nid == NID_sha1 - ? " (default)" : "")) <= 0) + ossl_rsa_mgf_nid2name(maskgenalg_nid), + ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid), + (maskgenalg_nid == NID_mgf1 + && maskgenhashalg_nid == NID_sha1 + ? " (default)" + : "")) + <= 0) goto err; if (BIO_printf(out, " Minimum Salt Length: %d%s\n", - saltlen, - (saltlen == 20 ? " (default)" : "")) <= 0) + saltlen, + (saltlen == 20 ? " (default)" : "")) + <= 0) goto err; if (BIO_printf(out, " Trailer Field: 0x%x%s\n", - trailerfield, - (trailerfield == 1 ? " (default)" : "")) <= 0) + trailerfield, + (trailerfield == 1 ? " (default)" : "")) + <= 0) goto err; } break; @@ -773,15 +782,15 @@ static int rsa_to_text(BIO *out, const void *key, int selection) } ret = 1; - err: +err: sk_BIGNUM_const_free(factors); sk_BIGNUM_const_free(exps); sk_BIGNUM_const_free(coeffs); return ret; } -#define rsa_input_type "RSA" -#define rsapss_input_type "RSA-PSS" +#define rsa_input_type "RSA" +#define rsapss_input_type "RSA-PSS" /* ---------------------------------------------------------------------- */ @@ -795,10 +804,10 @@ static void key2text_freectx(ossl_unused void *vctx) } static int key2text_encode(void *vctx, const void *key, int selection, - OSSL_CORE_BIO *cout, - int (*key2text)(BIO *out, const void *key, - int selection), - OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) + OSSL_CORE_BIO *cout, + int (*key2text)(BIO *out, const void *key, + int selection), + OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg) { BIO *out = ossl_bio_new_from_core_bio(vctx, cout); int ret; @@ -812,50 +821,50 @@ static int key2text_encode(void *vctx, const void *key, int selection, return ret; } -#define MAKE_TEXT_ENCODER(impl, type) \ - static OSSL_FUNC_encoder_import_object_fn \ - impl##2text_import_object; \ - static OSSL_FUNC_encoder_free_object_fn \ - impl##2text_free_object; \ - static OSSL_FUNC_encoder_encode_fn impl##2text_encode; \ - \ - static void *impl##2text_import_object(void *ctx, int selection, \ - const OSSL_PARAM params[]) \ - { \ - return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ - ctx, selection, params); \ - } \ - static void impl##2text_free_object(void *key) \ - { \ - ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ - } \ - static int impl##2text_encode(void *vctx, OSSL_CORE_BIO *cout, \ - const void *key, \ - const OSSL_PARAM key_abstract[], \ - int selection, \ - OSSL_PASSPHRASE_CALLBACK *cb, \ - void *cbarg) \ - { \ - /* We don't deal with abstract objects */ \ - if (key_abstract != NULL) { \ - ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ - return 0; \ - } \ - return key2text_encode(vctx, key, selection, cout, \ - type##_to_text, cb, cbarg); \ - } \ - const OSSL_DISPATCH ossl_##impl##_to_text_encoder_functions[] = { \ - { OSSL_FUNC_ENCODER_NEWCTX, \ - (void (*)(void))key2text_newctx }, \ - { OSSL_FUNC_ENCODER_FREECTX, \ - (void (*)(void))key2text_freectx }, \ - { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ - (void (*)(void))impl##2text_import_object }, \ - { OSSL_FUNC_ENCODER_FREE_OBJECT, \ - (void (*)(void))impl##2text_free_object }, \ - { OSSL_FUNC_ENCODER_ENCODE, \ - (void (*)(void))impl##2text_encode }, \ - { 0, NULL } \ +#define MAKE_TEXT_ENCODER(impl, type) \ + static OSSL_FUNC_encoder_import_object_fn \ + impl##2text_import_object; \ + static OSSL_FUNC_encoder_free_object_fn \ + impl##2text_free_object; \ + static OSSL_FUNC_encoder_encode_fn impl##2text_encode; \ + \ + static void *impl##2text_import_object(void *ctx, int selection, \ + const OSSL_PARAM params[]) \ + { \ + return ossl_prov_import_key(ossl_##impl##_keymgmt_functions, \ + ctx, selection, params); \ + } \ + static void impl##2text_free_object(void *key) \ + { \ + ossl_prov_free_key(ossl_##impl##_keymgmt_functions, key); \ + } \ + static int impl##2text_encode(void *vctx, OSSL_CORE_BIO *cout, \ + const void *key, \ + const OSSL_PARAM key_abstract[], \ + int selection, \ + OSSL_PASSPHRASE_CALLBACK *cb, \ + void *cbarg) \ + { \ + /* We don't deal with abstract objects */ \ + if (key_abstract != NULL) { \ + ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); \ + return 0; \ + } \ + return key2text_encode(vctx, key, selection, cout, \ + type##_to_text, cb, cbarg); \ + } \ + const OSSL_DISPATCH ossl_##impl##_to_text_encoder_functions[] = { \ + { OSSL_FUNC_ENCODER_NEWCTX, \ + (void (*)(void))key2text_newctx }, \ + { OSSL_FUNC_ENCODER_FREECTX, \ + (void (*)(void))key2text_freectx }, \ + { OSSL_FUNC_ENCODER_IMPORT_OBJECT, \ + (void (*)(void))impl##2text_import_object }, \ + { OSSL_FUNC_ENCODER_FREE_OBJECT, \ + (void (*)(void))impl##2text_free_object }, \ + { OSSL_FUNC_ENCODER_ENCODE, \ + (void (*)(void))impl##2text_encode }, \ + { 0, NULL } \ } #ifndef OPENSSL_NO_DH @@ -867,9 +876,9 @@ MAKE_TEXT_ENCODER(dsa, dsa); #endif #ifndef OPENSSL_NO_EC MAKE_TEXT_ENCODER(ec, ec); -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 MAKE_TEXT_ENCODER(sm2, ec); -# endif +#endif MAKE_TEXT_ENCODER(ed25519, ecx); MAKE_TEXT_ENCODER(ed448, ecx); MAKE_TEXT_ENCODER(x25519, ecx); diff --git a/providers/implementations/encode_decode/endecoder_common.c b/providers/implementations/encode_decode/endecoder_common.c index c4ea2f853cfc..2e5b39242a71 100644 --- a/providers/implementations/encode_decode/endecoder_common.c +++ b/providers/implementations/encode_decode/endecoder_common.c @@ -58,12 +58,11 @@ ossl_prov_get_keymgmt_export(const OSSL_DISPATCH *fns) } void *ossl_prov_import_key(const OSSL_DISPATCH *fns, void *provctx, - int selection, const OSSL_PARAM params[]) + int selection, const OSSL_PARAM params[]) { OSSL_FUNC_keymgmt_new_fn *kmgmt_new = ossl_prov_get_keymgmt_new(fns); OSSL_FUNC_keymgmt_free_fn *kmgmt_free = ossl_prov_get_keymgmt_free(fns); - OSSL_FUNC_keymgmt_import_fn *kmgmt_import = - ossl_prov_get_keymgmt_import(fns); + OSSL_FUNC_keymgmt_import_fn *kmgmt_import = ossl_prov_get_keymgmt_import(fns); void *key = NULL; if (kmgmt_new != NULL && kmgmt_import != NULL && kmgmt_free != NULL) { @@ -84,8 +83,8 @@ void ossl_prov_free_key(const OSSL_DISPATCH *fns, void *key) kmgmt_free(key); } -int ossl_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, unsigned char **data, - long *len) +int ossl_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, unsigned char **data, + long *len) { BUF_MEM *mem = NULL; BIO *in = ossl_bio_new_from_core_bio(provctx, cin); diff --git a/providers/implementations/encode_decode/endecoder_local.h b/providers/implementations/encode_decode/endecoder_local.h index a65d05ffaeac..2576812be2df 100644 --- a/providers/implementations/encode_decode/endecoder_local.h +++ b/providers/implementations/encode_decode/endecoder_local.h @@ -18,11 +18,11 @@ OSSL_FUNC_keymgmt_import_fn *ossl_prov_get_keymgmt_import(const OSSL_DISPATCH *f OSSL_FUNC_keymgmt_export_fn *ossl_prov_get_keymgmt_export(const OSSL_DISPATCH *fns); int ossl_prov_der_from_p8(unsigned char **new_der, long *new_der_len, - unsigned char *input_der, long input_der_len, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg); + unsigned char *input_der, long input_der_len, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg); void *ossl_prov_import_key(const OSSL_DISPATCH *fns, void *provctx, - int selection, const OSSL_PARAM params[]); + int selection, const OSSL_PARAM params[]); void ossl_prov_free_key(const OSSL_DISPATCH *fns, void *key); -int ossl_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, unsigned char **data, - long *len); +int ossl_read_der(PROV_CTX *provctx, OSSL_CORE_BIO *cin, unsigned char **data, + long *len); diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c index 1d8a2e27b30e..bb2d355c8143 100644 --- a/providers/implementations/exchange/dh_exch.c +++ b/providers/implementations/exchange/dh_exch.c @@ -98,15 +98,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; if (!ossl_prov_is_running() - || pdhctx == NULL - || vdh == NULL - || !DH_up_ref(vdh)) + || pdhctx == NULL + || vdh == NULL + || !DH_up_ref(vdh)) return 0; DH_free(pdhctx->dh); pdhctx->dh = vdh; pdhctx->kdf_type = PROV_DH_KDF_NONE; return dh_set_ctx_params(pdhctx, params) - && ossl_dh_check_key(pdhctx->libctx, vdh); + && ossl_dh_check_key(pdhctx->libctx, vdh); } /* The 2 parties must share the same domain parameters */ @@ -117,8 +117,8 @@ static int dh_match_params(DH *priv, DH *peer) FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); ret = dhparams_priv != NULL - && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && dhparams_peer != NULL + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; @@ -129,10 +129,10 @@ static int dh_set_peer(void *vpdhctx, void *vdh) PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; if (!ossl_prov_is_running() - || pdhctx == NULL - || vdh == NULL - || !dh_match_params(vdh, pdhctx->dh) - || !DH_up_ref(vdh)) + || pdhctx == NULL + || vdh == NULL + || !dh_match_params(vdh, pdhctx->dh) + || !DH_up_ref(vdh)) return 0; DH_free(pdhctx->dhpeer); pdhctx->dhpeer = vdh; @@ -140,8 +140,8 @@ static int dh_set_peer(void *vpdhctx, void *vdh) } static int dh_plain_derive(void *vpdhctx, - unsigned char *secret, size_t *secretlen, - size_t outlen, unsigned int pad) + unsigned char *secret, size_t *secretlen, + size_t outlen, unsigned int pad) { PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; int ret; @@ -176,7 +176,7 @@ static int dh_plain_derive(void *vpdhctx, } static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret, - size_t *secretlen, size_t outlen) + size_t *secretlen, size_t outlen) { PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; unsigned char *stmp = NULL; @@ -204,12 +204,12 @@ static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret, /* Do KDF stuff */ if (pdhctx->kdf_type == PROV_DH_KDF_X9_42_ASN1) { if (!ossl_dh_kdf_X9_42_asn1(secret, pdhctx->kdf_outlen, - stmp, stmplen, - pdhctx->kdf_cekalg, - pdhctx->kdf_ukm, - pdhctx->kdf_ukmlen, - pdhctx->kdf_md, - pdhctx->libctx, NULL)) + stmp, stmplen, + pdhctx->kdf_cekalg, + pdhctx->kdf_ukm, + pdhctx->kdf_ukmlen, + pdhctx->kdf_md, + pdhctx->libctx, NULL)) goto err; } *secretlen = pdhctx->kdf_outlen; @@ -220,7 +220,7 @@ err: } static int dh_derive(void *vpdhctx, unsigned char *secret, - size_t *psecretlen, size_t outlen) + size_t *psecretlen, size_t outlen) { PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; @@ -228,13 +228,13 @@ static int dh_derive(void *vpdhctx, unsigned char *secret, return 0; switch (pdhctx->kdf_type) { - case PROV_DH_KDF_NONE: - return dh_plain_derive(pdhctx, secret, psecretlen, outlen, - pdhctx->pad); - case PROV_DH_KDF_X9_42_ASN1: - return dh_X9_42_kdf_derive(pdhctx, secret, psecretlen, outlen); - default: - break; + case PROV_DH_KDF_NONE: + return dh_plain_derive(pdhctx, secret, psecretlen, outlen, + pdhctx->pad); + case PROV_DH_KDF_X9_42_ASN1: + return dh_X9_42_kdf_derive(pdhctx, secret, psecretlen, outlen); + default: + break; } return 0; } @@ -289,7 +289,7 @@ static void *dh_dupctx(void *vpdhctx) /* Duplicate UKM data if present */ if (srcctx->kdf_ukm != NULL && srcctx->kdf_ukmlen > 0) { dstctx->kdf_ukm = OPENSSL_memdup(srcctx->kdf_ukm, - srcctx->kdf_ukmlen); + srcctx->kdf_ukmlen); if (dstctx->kdf_ukm == NULL) goto err; } @@ -342,7 +342,7 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[]) str = mdprops; p = OSSL_PARAM_locate_const(params, - OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS); + OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS); if (p != NULL) { if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops))) @@ -421,7 +421,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { }; static const OSSL_PARAM *dh_settable_ctx_params(ossl_unused void *vpdhctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -431,13 +431,13 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0), OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL), OSSL_PARAM_DEFN(OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, - NULL, 0), + NULL, 0), OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0), OSSL_PARAM_END }; static const OSSL_PARAM *dh_gettable_ctx_params(ossl_unused void *vpdhctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -455,14 +455,14 @@ static int dh_get_ctx_params(void *vpdhctx, OSSL_PARAM params[]) const char *kdf_type = NULL; switch (pdhctx->kdf_type) { - case PROV_DH_KDF_NONE: - kdf_type = ""; - break; - case PROV_DH_KDF_X9_42_ASN1: - kdf_type = OSSL_KDF_NAME_X942KDF_ASN1; - break; - default: - return 0; + case PROV_DH_KDF_NONE: + kdf_type = ""; + break; + case PROV_DH_KDF_X9_42_ASN1: + kdf_type = OSSL_KDF_NAME_X942KDF_ASN1; + break; + default: + return 0; } if (!OSSL_PARAM_set_utf8_string(p, kdf_type)) @@ -471,9 +471,7 @@ static int dh_get_ctx_params(void *vpdhctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_DIGEST); if (p != NULL - && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_md == NULL - ? "" - : EVP_MD_get0_name(pdhctx->kdf_md))){ + && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_md == NULL ? "" : EVP_MD_get0_name(pdhctx->kdf_md))) { return 0; } @@ -488,8 +486,7 @@ static int dh_get_ctx_params(void *vpdhctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_CEK_ALG); if (p != NULL - && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_cekalg == NULL - ? "" : pdhctx->kdf_cekalg)) + && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_cekalg == NULL ? "" : pdhctx->kdf_cekalg)) return 0; return 1; @@ -504,9 +501,9 @@ const OSSL_DISPATCH ossl_dh_keyexch_functions[] = { { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))dh_dupctx }, { OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS, (void (*)(void))dh_set_ctx_params }, { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS, - (void (*)(void))dh_settable_ctx_params }, + (void (*)(void))dh_settable_ctx_params }, { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))dh_get_ctx_params }, { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS, - (void (*)(void))dh_gettable_ctx_params }, + (void (*)(void))dh_gettable_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c index 35d665fb9105..6d867a0a23a2 100644 --- a/providers/implementations/exchange/ecdh_exch.c +++ b/providers/implementations/exchange/ecdh_exch.c @@ -79,8 +79,7 @@ typedef struct { size_t kdf_outlen; } PROV_ECDH_CTX; -static -void *ecdh_newctx(void *provctx) +static void *ecdh_newctx(void *provctx) { PROV_ECDH_CTX *pectx; @@ -98,26 +97,24 @@ void *ecdh_newctx(void *provctx) return (void *)pectx; } -static -int ecdh_init(void *vpecdhctx, void *vecdh, const OSSL_PARAM params[]) +static int ecdh_init(void *vpecdhctx, void *vecdh, const OSSL_PARAM params[]) { PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx; if (!ossl_prov_is_running() - || pecdhctx == NULL - || vecdh == NULL - || !EC_KEY_up_ref(vecdh)) + || pecdhctx == NULL + || vecdh == NULL + || !EC_KEY_up_ref(vecdh)) return 0; EC_KEY_free(pecdhctx->k); pecdhctx->k = vecdh; pecdhctx->cofactor_mode = -1; pecdhctx->kdf_type = PROV_ECDH_KDF_NONE; return ecdh_set_ctx_params(pecdhctx, params) - && ossl_ec_check_key(pecdhctx->libctx, vecdh, 1); + && ossl_ec_check_key(pecdhctx->libctx, vecdh, 1); } -static -int ecdh_match_params(const EC_KEY *priv, const EC_KEY *peer) +static int ecdh_match_params(const EC_KEY *priv, const EC_KEY *peer) { int ret; BN_CTX *ctx = NULL; @@ -130,25 +127,24 @@ int ecdh_match_params(const EC_KEY *priv, const EC_KEY *peer) return 0; } ret = group_priv != NULL - && group_peer != NULL - && EC_GROUP_cmp(group_priv, group_peer, ctx) == 0; + && group_peer != NULL + && EC_GROUP_cmp(group_priv, group_peer, ctx) == 0; if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); BN_CTX_free(ctx); return ret; } -static -int ecdh_set_peer(void *vpecdhctx, void *vecdh) +static int ecdh_set_peer(void *vpecdhctx, void *vecdh) { PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx; if (!ossl_prov_is_running() - || pecdhctx == NULL - || vecdh == NULL - || !ecdh_match_params(pecdhctx->k, vecdh) - || !ossl_ec_check_key(pecdhctx->libctx, vecdh, 1) - || !EC_KEY_up_ref(vecdh)) + || pecdhctx == NULL + || vecdh == NULL + || !ecdh_match_params(pecdhctx->k, vecdh) + || !ossl_ec_check_key(pecdhctx->libctx, vecdh, 1) + || !EC_KEY_up_ref(vecdh)) return 0; EC_KEY_free(pecdhctx->peerk); @@ -156,8 +152,7 @@ int ecdh_set_peer(void *vpecdhctx, void *vecdh) return 1; } -static -void ecdh_freectx(void *vpecdhctx) +static void ecdh_freectx(void *vpecdhctx) { PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx; @@ -170,8 +165,7 @@ void ecdh_freectx(void *vpecdhctx) OPENSSL_free(pecdhctx); } -static -void *ecdh_dupctx(void *vpecdhctx) +static void *ecdh_dupctx(void *vpecdhctx) { PROV_ECDH_CTX *srcctx = (PROV_ECDH_CTX *)vpecdhctx; PROV_ECDH_CTX *dstctx; @@ -187,7 +181,7 @@ void *ecdh_dupctx(void *vpecdhctx) /* clear all pointers */ - dstctx->k= NULL; + dstctx->k = NULL; dstctx->peerk = NULL; dstctx->kdf_md = NULL; dstctx->kdf_ukm = NULL; @@ -212,20 +206,19 @@ void *ecdh_dupctx(void *vpecdhctx) /* Duplicate UKM data if present */ if (srcctx->kdf_ukm != NULL && srcctx->kdf_ukmlen > 0) { dstctx->kdf_ukm = OPENSSL_memdup(srcctx->kdf_ukm, - srcctx->kdf_ukmlen); + srcctx->kdf_ukmlen); if (dstctx->kdf_ukm == NULL) goto err; } return dstctx; - err: +err: ecdh_freectx(dstctx); return NULL; } -static -int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[]) +static int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[]) { char name[80] = { '\0' }; /* should be big enough */ char *str = NULL; @@ -274,7 +267,7 @@ int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[]) str = mdprops; p = OSSL_PARAM_locate_const(params, - OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS); + OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS); if (p != NULL) { if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops))) @@ -325,15 +318,13 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; -static -const OSSL_PARAM *ecdh_settable_ctx_params(ossl_unused void *vpecdhctx, - ossl_unused void *provctx) +static const OSSL_PARAM *ecdh_settable_ctx_params(ossl_unused void *vpecdhctx, + ossl_unused void *provctx) { return known_settable_ctx_params; } -static -int ecdh_get_ctx_params(void *vpecdhctx, OSSL_PARAM params[]) +static int ecdh_get_ctx_params(void *vpecdhctx, OSSL_PARAM params[]) { PROV_ECDH_CTX *pectx = (PROV_ECDH_CTX *)vpecdhctx; OSSL_PARAM *p; @@ -359,14 +350,14 @@ int ecdh_get_ctx_params(void *vpecdhctx, OSSL_PARAM params[]) const char *kdf_type = NULL; switch (pectx->kdf_type) { - case PROV_ECDH_KDF_NONE: - kdf_type = ""; - break; - case PROV_ECDH_KDF_X9_63: - kdf_type = OSSL_KDF_NAME_X963KDF; - break; - default: - return 0; + case PROV_ECDH_KDF_NONE: + kdf_type = ""; + break; + case PROV_ECDH_KDF_X9_63: + kdf_type = OSSL_KDF_NAME_X963KDF; + break; + default: + return 0; } if (!OSSL_PARAM_set_utf8_string(p, kdf_type)) @@ -375,9 +366,7 @@ int ecdh_get_ctx_params(void *vpecdhctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_DIGEST); if (p != NULL - && !OSSL_PARAM_set_utf8_string(p, pectx->kdf_md == NULL - ? "" - : EVP_MD_get0_name(pectx->kdf_md))){ + && !OSSL_PARAM_set_utf8_string(p, pectx->kdf_md == NULL ? "" : EVP_MD_get0_name(pectx->kdf_md))) { return 0; } @@ -386,8 +375,7 @@ int ecdh_get_ctx_params(void *vpecdhctx, OSSL_PARAM params[]) return 0; p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_UKM); - if (p != NULL && - !OSSL_PARAM_set_octet_ptr(p, pectx->kdf_ukm, pectx->kdf_ukmlen)) + if (p != NULL && !OSSL_PARAM_set_octet_ptr(p, pectx->kdf_ukm, pectx->kdf_ukmlen)) return 0; return 1; @@ -399,25 +387,25 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0), OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL), OSSL_PARAM_DEFN(OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, - NULL, 0), + NULL, 0), OSSL_PARAM_END }; -static -const OSSL_PARAM *ecdh_gettable_ctx_params(ossl_unused void *vpecdhctx, - ossl_unused void *provctx) +static const OSSL_PARAM *ecdh_gettable_ctx_params(ossl_unused void *vpecdhctx, + ossl_unused void *provctx) { return known_gettable_ctx_params; } static ossl_inline -size_t ecdh_size(const EC_KEY *k) + size_t + ecdh_size(const EC_KEY *k) { size_t degree = 0; const EC_GROUP *group; if (k == NULL - || (group = EC_KEY_get0_group(k)) == NULL) + || (group = EC_KEY_get0_group(k)) == NULL) return 0; degree = EC_GROUP_get_degree(group); @@ -425,9 +413,8 @@ size_t ecdh_size(const EC_KEY *k) return (degree + 7) / 8; } -static ossl_inline -int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret, - size_t *psecretlen, size_t outlen) +static ossl_inline int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret, + size_t *psecretlen, size_t outlen) { PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx; int retlen, ret = 0; @@ -450,7 +437,7 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret, } if ((group = EC_KEY_get0_group(pecdhctx->k)) == NULL - || (cofactor = EC_GROUP_get0_cofactor(group)) == NULL ) + || (cofactor = EC_GROUP_get0_cofactor(group)) == NULL) return 0; /* @@ -471,11 +458,10 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret, * - if ctx->k->cofactor != 1, use a duplicate of ctx->k with the flag * set to ctx->cofactor_mode */ - key_cofactor_mode = - (EC_KEY_get_flags(pecdhctx->k) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; + key_cofactor_mode = (EC_KEY_get_flags(pecdhctx->k) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; if (pecdhctx->cofactor_mode != -1 - && pecdhctx->cofactor_mode != key_cofactor_mode - && !BN_is_one(cofactor)) { + && pecdhctx->cofactor_mode != key_cofactor_mode + && !BN_is_one(cofactor)) { if ((privk = EC_KEY_dup(pecdhctx->k)) == NULL) return 0; @@ -497,15 +483,14 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret, *psecretlen = retlen; ret = 1; - end: +end: if (privk != pecdhctx->k) EC_KEY_free(privk); return ret; } -static ossl_inline -int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, - size_t *psecretlen, size_t outlen) +static ossl_inline int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, + size_t *psecretlen, size_t outlen) { PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx; unsigned char *stmp = NULL; @@ -532,33 +517,32 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, /* Do KDF stuff */ if (!ossl_ecdh_kdf_X9_63(secret, pecdhctx->kdf_outlen, - stmp, stmplen, - pecdhctx->kdf_ukm, - pecdhctx->kdf_ukmlen, - pecdhctx->kdf_md, - pecdhctx->libctx, NULL)) + stmp, stmplen, + pecdhctx->kdf_ukm, + pecdhctx->kdf_ukmlen, + pecdhctx->kdf_md, + pecdhctx->libctx, NULL)) goto err; *psecretlen = pecdhctx->kdf_outlen; ret = 1; - err: +err: OPENSSL_secure_clear_free(stmp, stmplen); return ret; } -static -int ecdh_derive(void *vpecdhctx, unsigned char *secret, - size_t *psecretlen, size_t outlen) +static int ecdh_derive(void *vpecdhctx, unsigned char *secret, + size_t *psecretlen, size_t outlen) { PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx; switch (pecdhctx->kdf_type) { - case PROV_ECDH_KDF_NONE: - return ecdh_plain_derive(vpecdhctx, secret, psecretlen, outlen); - case PROV_ECDH_KDF_X9_63: - return ecdh_X9_63_kdf_derive(vpecdhctx, secret, psecretlen, outlen); - default: - break; + case PROV_ECDH_KDF_NONE: + return ecdh_plain_derive(vpecdhctx, secret, psecretlen, outlen); + case PROV_ECDH_KDF_X9_63: + return ecdh_X9_63_kdf_derive(vpecdhctx, secret, psecretlen, outlen); + default: + break; } return 0; } @@ -572,9 +556,9 @@ const OSSL_DISPATCH ossl_ecdh_keyexch_functions[] = { { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))ecdh_dupctx }, { OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS, (void (*)(void))ecdh_set_ctx_params }, { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS, - (void (*)(void))ecdh_settable_ctx_params }, + (void (*)(void))ecdh_settable_ctx_params }, { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))ecdh_get_ctx_params }, { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS, - (void (*)(void))ecdh_gettable_ctx_params }, + (void (*)(void))ecdh_gettable_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/exchange/ecx_exch.c b/providers/implementations/exchange/ecx_exch.c index 2ba9090c8b5a..bd0d968c3492 100644 --- a/providers/implementations/exchange/ecx_exch.c +++ b/providers/implementations/exchange/ecx_exch.c @@ -18,7 +18,7 @@ #include "prov/implementations.h" #include "prov/providercommon.h" #ifdef S390X_EC_ASM -# include "s390x_arch.h" +#include "s390x_arch.h" #endif static OSSL_FUNC_keyexch_newctx_fn x25519_newctx; @@ -70,7 +70,7 @@ static void *x448_newctx(void *provctx) } static int ecx_init(void *vecxctx, void *vkey, - ossl_unused const OSSL_PARAM params[]) + ossl_unused const OSSL_PARAM params[]) { PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx; ECX_KEY *key = vkey; @@ -79,9 +79,9 @@ static int ecx_init(void *vecxctx, void *vkey, return 0; if (ecxctx == NULL - || key == NULL - || key->keylen != ecxctx->keylen - || !ossl_ecx_key_up_ref(key)) { + || key == NULL + || key->keylen != ecxctx->keylen + || !ossl_ecx_key_up_ref(key)) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return 0; } @@ -101,9 +101,9 @@ static int ecx_set_peer(void *vecxctx, void *vkey) return 0; if (ecxctx == NULL - || key == NULL - || key->keylen != ecxctx->keylen - || !ossl_ecx_key_up_ref(key)) { + || key == NULL + || key->keylen != ecxctx->keylen + || !ossl_ecx_key_up_ref(key)) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return 0; } @@ -114,7 +114,7 @@ static int ecx_set_peer(void *vecxctx, void *vkey) } static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen, - size_t outlen) + size_t outlen) { PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx; @@ -122,8 +122,8 @@ static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen, return 0; if (ecxctx->key == NULL - || ecxctx->key->privkey == NULL - || ecxctx->peerkey == NULL) { + || ecxctx->key->privkey == NULL + || ecxctx->peerkey == NULL) { ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY); return 0; } @@ -146,32 +146,36 @@ static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen, if (ecxctx->keylen == X25519_KEYLEN) { #ifdef S390X_EC_ASM if (OPENSSL_s390xcap_P.pcc[1] - & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) { + & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) { if (s390x_x25519_mul(secret, ecxctx->peerkey->pubkey, - ecxctx->key->privkey) == 0) { + ecxctx->key->privkey) + == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); return 0; } } else #endif - if (ossl_x25519(secret, ecxctx->key->privkey, - ecxctx->peerkey->pubkey) == 0) { + if (ossl_x25519(secret, ecxctx->key->privkey, + ecxctx->peerkey->pubkey) + == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); return 0; } } else { #ifdef S390X_EC_ASM if (OPENSSL_s390xcap_P.pcc[1] - & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) { + & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) { if (s390x_x448_mul(secret, ecxctx->peerkey->pubkey, - ecxctx->key->privkey) == 0) { + ecxctx->key->privkey) + == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); return 0; } } else #endif - if (ossl_x448(secret, ecxctx->key->privkey, - ecxctx->peerkey->pubkey) == 0) { + if (ossl_x448(secret, ecxctx->key->privkey, + ecxctx->peerkey->pubkey) + == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); return 0; } diff --git a/providers/implementations/exchange/kdf_exch.c b/providers/implementations/exchange/kdf_exch.c index 148a3c422a8f..5db56d422304 100644 --- a/providers/implementations/exchange/kdf_exch.c +++ b/providers/implementations/exchange/kdf_exch.c @@ -71,10 +71,10 @@ err: return NULL; } -#define KDF_NEWCTX(funcname, kdfname) \ +#define KDF_NEWCTX(funcname, kdfname) \ static void *kdf_##funcname##_newctx(void *provctx) \ - { \ - return kdf_newctx(kdfname, provctx); \ + { \ + return kdf_newctx(kdfname, provctx); \ } KDF_NEWCTX(tls1_prf, "TLS1-PRF") @@ -86,9 +86,9 @@ static int kdf_init(void *vpkdfctx, void *vkdf, const OSSL_PARAM params[]) PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx; if (!ossl_prov_is_running() - || pkdfctx == NULL - || vkdf == NULL - || !ossl_kdf_data_up_ref(vkdf)) + || pkdfctx == NULL + || vkdf == NULL + || !ossl_kdf_data_up_ref(vkdf)) return 0; pkdfctx->kdfdata = vkdf; @@ -96,7 +96,7 @@ static int kdf_init(void *vpkdfctx, void *vkdf, const OSSL_PARAM params[]) } static int kdf_derive(void *vpkdfctx, unsigned char *secret, size_t *secretlen, - size_t outlen) + size_t outlen) { PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx; size_t kdfsize; @@ -181,11 +181,11 @@ static int kdf_get_ctx_params(void *vpkdfctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_settable_ctx_params(ossl_unused void *vpkdfctx, - void *provctx, - const char *kdfname) + void *provctx, + const char *kdfname) { EVP_KDF *kdf = EVP_KDF_fetch(PROV_LIBCTX_OF(provctx), kdfname, - NULL); + NULL); const OSSL_PARAM *params; if (kdf == NULL) @@ -197,11 +197,11 @@ static const OSSL_PARAM *kdf_settable_ctx_params(ossl_unused void *vpkdfctx, return params; } -#define KDF_SETTABLE_CTX_PARAMS(funcname, kdfname) \ +#define KDF_SETTABLE_CTX_PARAMS(funcname, kdfname) \ static const OSSL_PARAM *kdf_##funcname##_settable_ctx_params(void *vpkdfctx, \ - void *provctx) \ - { \ - return kdf_settable_ctx_params(vpkdfctx, provctx, kdfname); \ + void *provctx) \ + { \ + return kdf_settable_ctx_params(vpkdfctx, provctx, kdfname); \ } KDF_SETTABLE_CTX_PARAMS(tls1_prf, "TLS1-PRF") @@ -209,11 +209,11 @@ KDF_SETTABLE_CTX_PARAMS(hkdf, "HKDF") KDF_SETTABLE_CTX_PARAMS(scrypt, "SCRYPT") static const OSSL_PARAM *kdf_gettable_ctx_params(ossl_unused void *vpkdfctx, - void *provctx, - const char *kdfname) + void *provctx, + const char *kdfname) { EVP_KDF *kdf = EVP_KDF_fetch(PROV_LIBCTX_OF(provctx), kdfname, - NULL); + NULL); const OSSL_PARAM *params; if (kdf == NULL) @@ -225,31 +225,31 @@ static const OSSL_PARAM *kdf_gettable_ctx_params(ossl_unused void *vpkdfctx, return params; } -#define KDF_GETTABLE_CTX_PARAMS(funcname, kdfname) \ +#define KDF_GETTABLE_CTX_PARAMS(funcname, kdfname) \ static const OSSL_PARAM *kdf_##funcname##_gettable_ctx_params(void *vpkdfctx, \ - void *provctx) \ - { \ - return kdf_gettable_ctx_params(vpkdfctx, provctx, kdfname); \ + void *provctx) \ + { \ + return kdf_gettable_ctx_params(vpkdfctx, provctx, kdfname); \ } KDF_GETTABLE_CTX_PARAMS(tls1_prf, "TLS1-PRF") KDF_GETTABLE_CTX_PARAMS(hkdf, "HKDF") KDF_GETTABLE_CTX_PARAMS(scrypt, "SCRYPT") -#define KDF_KEYEXCH_FUNCTIONS(funcname) \ - const OSSL_DISPATCH ossl_kdf_##funcname##_keyexch_functions[] = { \ - { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))kdf_##funcname##_newctx }, \ - { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))kdf_init }, \ - { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))kdf_derive }, \ - { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))kdf_freectx }, \ - { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))kdf_dupctx }, \ +#define KDF_KEYEXCH_FUNCTIONS(funcname) \ + const OSSL_DISPATCH ossl_kdf_##funcname##_keyexch_functions[] = { \ + { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))kdf_##funcname##_newctx }, \ + { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))kdf_init }, \ + { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))kdf_derive }, \ + { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))kdf_freectx }, \ + { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))kdf_dupctx }, \ { OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS, (void (*)(void))kdf_set_ctx_params }, \ { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))kdf_get_ctx_params }, \ - { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS, \ - (void (*)(void))kdf_##funcname##_settable_ctx_params }, \ - { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS, \ - (void (*)(void))kdf_##funcname##_gettable_ctx_params }, \ - { 0, NULL } \ + { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS, \ + (void (*)(void))kdf_##funcname##_settable_ctx_params }, \ + { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS, \ + (void (*)(void))kdf_##funcname##_gettable_ctx_params }, \ + { 0, NULL } \ }; KDF_KEYEXCH_FUNCTIONS(tls1_prf) diff --git a/providers/implementations/include/prov/blake2.h b/providers/implementations/include/prov/blake2.h index d18cbc708c4f..8e87e797b004 100644 --- a/providers/implementations/include/prov/blake2.h +++ b/providers/implementations/include/prov/blake2.h @@ -8,36 +8,36 @@ */ #ifndef OSSL_PROV_BLAKE2_H -# define OSSL_PROV_BLAKE2_H +#define OSSL_PROV_BLAKE2_H -# include <openssl/opensslconf.h> +#include <openssl/opensslconf.h> -# include <openssl/e_os2.h> -# include <stddef.h> +#include <openssl/e_os2.h> +#include <stddef.h> -# define BLAKE2S_BLOCKBYTES 64 -# define BLAKE2S_OUTBYTES 32 -# define BLAKE2S_KEYBYTES 32 -# define BLAKE2S_SALTBYTES 8 -# define BLAKE2S_PERSONALBYTES 8 +#define BLAKE2S_BLOCKBYTES 64 +#define BLAKE2S_OUTBYTES 32 +#define BLAKE2S_KEYBYTES 32 +#define BLAKE2S_SALTBYTES 8 +#define BLAKE2S_PERSONALBYTES 8 -# define BLAKE2B_BLOCKBYTES 128 -# define BLAKE2B_OUTBYTES 64 -# define BLAKE2B_KEYBYTES 64 -# define BLAKE2B_SALTBYTES 16 -# define BLAKE2B_PERSONALBYTES 16 +#define BLAKE2B_BLOCKBYTES 128 +#define BLAKE2B_OUTBYTES 64 +#define BLAKE2B_KEYBYTES 64 +#define BLAKE2B_SALTBYTES 16 +#define BLAKE2B_PERSONALBYTES 16 struct blake2s_param_st { - uint8_t digest_length; /* 1 */ - uint8_t key_length; /* 2 */ - uint8_t fanout; /* 3 */ - uint8_t depth; /* 4 */ - uint8_t leaf_length[4];/* 8 */ - uint8_t node_offset[6];/* 14 */ - uint8_t node_depth; /* 15 */ - uint8_t inner_length; /* 16 */ - uint8_t salt[BLAKE2S_SALTBYTES]; /* 24 */ - uint8_t personal[BLAKE2S_PERSONALBYTES]; /* 32 */ + uint8_t digest_length; /* 1 */ + uint8_t key_length; /* 2 */ + uint8_t fanout; /* 3 */ + uint8_t depth; /* 4 */ + uint8_t leaf_length[4]; /* 8 */ + uint8_t node_offset[6]; /* 14 */ + uint8_t node_depth; /* 15 */ + uint8_t inner_length; /* 16 */ + uint8_t salt[BLAKE2S_SALTBYTES]; /* 24 */ + uint8_t personal[BLAKE2S_PERSONALBYTES]; /* 32 */ }; typedef struct blake2s_param_st BLAKE2S_PARAM; @@ -46,23 +46,23 @@ struct blake2s_ctx_st { uint32_t h[8]; uint32_t t[2]; uint32_t f[2]; - uint8_t buf[BLAKE2S_BLOCKBYTES]; - size_t buflen; - size_t outlen; + uint8_t buf[BLAKE2S_BLOCKBYTES]; + size_t buflen; + size_t outlen; }; struct blake2b_param_st { - uint8_t digest_length; /* 1 */ - uint8_t key_length; /* 2 */ - uint8_t fanout; /* 3 */ - uint8_t depth; /* 4 */ - uint8_t leaf_length[4];/* 8 */ - uint8_t node_offset[8];/* 16 */ - uint8_t node_depth; /* 17 */ - uint8_t inner_length; /* 18 */ - uint8_t reserved[14]; /* 32 */ - uint8_t salt[BLAKE2B_SALTBYTES]; /* 48 */ - uint8_t personal[BLAKE2B_PERSONALBYTES]; /* 64 */ + uint8_t digest_length; /* 1 */ + uint8_t key_length; /* 2 */ + uint8_t fanout; /* 3 */ + uint8_t depth; /* 4 */ + uint8_t leaf_length[4]; /* 8 */ + uint8_t node_offset[8]; /* 16 */ + uint8_t node_depth; /* 17 */ + uint8_t inner_length; /* 18 */ + uint8_t reserved[14]; /* 32 */ + uint8_t salt[BLAKE2B_SALTBYTES]; /* 48 */ + uint8_t personal[BLAKE2B_PERSONALBYTES]; /* 64 */ }; typedef struct blake2b_param_st BLAKE2B_PARAM; @@ -71,9 +71,9 @@ struct blake2b_ctx_st { uint64_t h[8]; uint64_t t[2]; uint64_t f[2]; - uint8_t buf[BLAKE2B_BLOCKBYTES]; - size_t buflen; - size_t outlen; + uint8_t buf[BLAKE2B_BLOCKBYTES]; + size_t buflen; + size_t outlen; }; #define BLAKE2B_DIGEST_LENGTH 64 @@ -87,7 +87,7 @@ int ossl_blake2b512_init(void *ctx); int ossl_blake2b_init(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P); int ossl_blake2b_init_key(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P, - const void *key); + const void *key); int ossl_blake2b_update(BLAKE2B_CTX *c, const void *data, size_t datalen); int ossl_blake2b_final(unsigned char *md, BLAKE2B_CTX *c); @@ -100,12 +100,12 @@ void ossl_blake2b_param_init(BLAKE2B_PARAM *P); void ossl_blake2b_param_set_digest_length(BLAKE2B_PARAM *P, uint8_t outlen); void ossl_blake2b_param_set_key_length(BLAKE2B_PARAM *P, uint8_t keylen); void ossl_blake2b_param_set_personal(BLAKE2B_PARAM *P, const uint8_t *personal, - size_t length); + size_t length); void ossl_blake2b_param_set_salt(BLAKE2B_PARAM *P, const uint8_t *salt, - size_t length); + size_t length); int ossl_blake2s_init(BLAKE2S_CTX *c, const BLAKE2S_PARAM *P); int ossl_blake2s_init_key(BLAKE2S_CTX *c, const BLAKE2S_PARAM *P, - const void *key); + const void *key); int ossl_blake2s_update(BLAKE2S_CTX *c, const void *data, size_t datalen); int ossl_blake2s_final(unsigned char *md, BLAKE2S_CTX *c); @@ -113,8 +113,8 @@ void ossl_blake2s_param_init(BLAKE2S_PARAM *P); void ossl_blake2s_param_set_digest_length(BLAKE2S_PARAM *P, uint8_t outlen); void ossl_blake2s_param_set_key_length(BLAKE2S_PARAM *P, uint8_t keylen); void ossl_blake2s_param_set_personal(BLAKE2S_PARAM *P, const uint8_t *personal, - size_t length); + size_t length); void ossl_blake2s_param_set_salt(BLAKE2S_PARAM *P, const uint8_t *salt, - size_t length); + size_t length); #endif /* OSSL_PROV_BLAKE2_H */ diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h index aacd49707f84..66decd870ddb 100644 --- a/providers/implementations/include/prov/ciphercommon.h +++ b/providers/implementations/include/prov/ciphercommon.h @@ -14,32 +14,32 @@ #include "internal/cryptlib.h" #include "crypto/modes.h" -# define MAXCHUNK ((size_t)1 << 30) -# define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4)) +#define MAXCHUNK ((size_t)1 << 30) +#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4)) #define GENERIC_BLOCK_SIZE 16 -#define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */ -#define IV_STATE_BUFFERED 1 /* iv has been copied to the iv buffer */ -#define IV_STATE_COPIED 2 /* iv has been copied from the iv buffer */ -#define IV_STATE_FINISHED 3 /* the iv has been used - so don't reuse it */ +#define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */ +#define IV_STATE_BUFFERED 1 /* iv has been copied to the iv buffer */ +#define IV_STATE_COPIED 2 /* iv has been copied from the iv buffer */ +#define IV_STATE_FINISHED 3 /* the iv has been used - so don't reuse it */ -#define PROV_CIPHER_FUNC(type, name, args) typedef type (* OSSL_##name##_fn)args +#define PROV_CIPHER_FUNC(type, name, args) typedef type(*OSSL_##name##_fn) args typedef struct prov_cipher_hw_st PROV_CIPHER_HW; typedef struct prov_cipher_ctx_st PROV_CIPHER_CTX; -typedef int (PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len); +typedef int(PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out, + const unsigned char *in, size_t len); /* Internal flags that can be queried */ -#define PROV_CIPHER_FLAG_AEAD 0x0001 -#define PROV_CIPHER_FLAG_CUSTOM_IV 0x0002 -#define PROV_CIPHER_FLAG_CTS 0x0004 -#define PROV_CIPHER_FLAG_TLS1_MULTIBLOCK 0x0008 -#define PROV_CIPHER_FLAG_RAND_KEY 0x0010 +#define PROV_CIPHER_FLAG_AEAD 0x0001 +#define PROV_CIPHER_FLAG_CUSTOM_IV 0x0002 +#define PROV_CIPHER_FLAG_CTS 0x0004 +#define PROV_CIPHER_FLAG_TLS1_MULTIBLOCK 0x0008 +#define PROV_CIPHER_FLAG_RAND_KEY 0x0010 /* Internal flags that are only used within the provider */ -#define PROV_CIPHER_FLAG_VARIABLE_LENGTH 0x0100 -#define PROV_CIPHER_FLAG_INVERSE_CIPHER 0x0200 +#define PROV_CIPHER_FLAG_VARIABLE_LENGTH 0x0100 +#define PROV_CIPHER_FLAG_INVERSE_CIPHER 0x0200 struct prov_cipher_ctx_st { /* place buffer at the beginning for memory alignment */ @@ -57,13 +57,13 @@ struct prov_cipher_ctx_st { } stream; unsigned int mode; - size_t keylen; /* key size (in bytes) */ + size_t keylen; /* key size (in bytes) */ size_t ivlen; size_t blocksize; - size_t bufsz; /* Number of bytes in buf */ - unsigned int cts_mode; /* Use to set the type for CTS modes */ - unsigned int pad : 1; /* Whether padding should be used or not */ - unsigned int enc : 1; /* Set to 1 for encrypt, or 0 otherwise */ + size_t bufsz; /* Number of bytes in buf */ + unsigned int cts_mode; /* Use to set the type for CTS modes */ + unsigned int pad : 1; /* Whether padding should be used or not */ + unsigned int enc : 1; /* Set to 1 for encrypt, or 0 otherwise */ unsigned int iv_set : 1; /* Set when the iv is copied to the iv/oiv buffers */ unsigned int key_set : 1; /* Set when key is set on the context */ unsigned int updated : 1; /* Set to 1 during update for one shot ciphers */ @@ -72,18 +72,18 @@ struct prov_cipher_ctx_st { unsigned int use_bits : 1; /* Set to 0 for cfb1 to use bits instead of bytes */ unsigned int tlsversion; /* If TLS padding is in use the TLS version number */ - unsigned char *tlsmac; /* tls MAC extracted from the last record */ - int alloced; /* - * Whether the tlsmac data has been allocated or - * points into the user buffer. - */ - size_t tlsmacsize; /* Size of the TLS MAC */ - int removetlspad; /* Whether TLS padding should be removed or not */ - size_t removetlsfixed; /* - * Length of the fixed size data to remove when - * processing TLS data (equals mac size plus - * IV size if applicable) - */ + unsigned char *tlsmac; /* tls MAC extracted from the last record */ + int alloced; /* + * Whether the tlsmac data has been allocated or + * points into the user buffer. + */ + size_t tlsmacsize; /* Size of the TLS MAC */ + int removetlspad; /* Whether TLS padding should be removed or not */ + size_t removetlsfixed; /* + * Length of the fixed size data to remove when + * processing TLS data (equals mac size plus + * IV size if applicable) + */ /* * num contains the number of bytes of |iv| which are valid for modes that @@ -111,7 +111,7 @@ OSSL_FUNC_cipher_final_fn ossl_cipher_generic_stream_final; OSSL_FUNC_cipher_cipher_fn ossl_cipher_generic_cipher; OSSL_FUNC_cipher_get_ctx_params_fn ossl_cipher_generic_get_ctx_params; OSSL_FUNC_cipher_set_ctx_params_fn ossl_cipher_generic_set_ctx_params; -OSSL_FUNC_cipher_gettable_params_fn ossl_cipher_generic_gettable_params; +OSSL_FUNC_cipher_gettable_params_fn ossl_cipher_generic_gettable_params; OSSL_FUNC_cipher_gettable_ctx_params_fn ossl_cipher_generic_gettable_ctx_params; OSSL_FUNC_cipher_settable_ctx_params_fn ossl_cipher_generic_settable_ctx_params; OSSL_FUNC_cipher_set_ctx_params_fn ossl_cipher_var_keylen_set_ctx_params; @@ -120,103 +120,102 @@ OSSL_FUNC_cipher_gettable_ctx_params_fn ossl_cipher_aead_gettable_ctx_params; OSSL_FUNC_cipher_settable_ctx_params_fn ossl_cipher_aead_settable_ctx_params; int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, - uint64_t flags, - size_t kbits, size_t blkbits, size_t ivbits); + uint64_t flags, + size_t kbits, size_t blkbits, size_t ivbits); void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, - uint64_t flags, - const PROV_CIPHER_HW *hw, void *provctx); + size_t ivbits, unsigned int mode, + uint64_t flags, + const PROV_CIPHER_HW *hw, void *provctx); -#define IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits,\ - blkbits, ivbits, typ) \ -const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ - { 0, NULL } \ -}; - -#define IMPLEMENT_var_keylen_cipher_func(alg, UCALG, lcmode, UCMODE, flags, \ - kbits, blkbits, ivbits, typ) \ -const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit },\ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit },\ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_var_keylen_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_var_keylen_settable_ctx_params }, \ - { 0, NULL } \ -}; +#define IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ + const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))alg##_##kbits##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ + { 0, NULL } \ + }; +#define IMPLEMENT_var_keylen_cipher_func(alg, UCALG, lcmode, UCMODE, flags, \ + kbits, blkbits, ivbits, typ) \ + const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, \ + (void (*)(void))alg##_##kbits##_##lcmode##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_##lcmode##_get_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_var_keylen_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_var_keylen_settable_ctx_params }, \ + { 0, NULL } \ + }; -#define IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, \ - kbits, blkbits, ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ -static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ -static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ -{ \ - PROV_##UCALG##_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx))\ - : NULL; \ - if (ctx != NULL) { \ - ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags, \ - ossl_prov_cipher_hw_##alg##_##lcmode(kbits),\ - provctx); \ - } \ - return ctx; \ -} \ +#define IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, \ + kbits, blkbits, ivbits, typ) \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ + static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ + static void *alg##_##kbits##_##lcmode##_newctx(void *provctx) \ + { \ + PROV_##UCALG##_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) \ + : NULL; \ + if (ctx != NULL) { \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ + ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ + provctx); \ + } \ + return ctx; \ + } -#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) +#define IMPLEMENT_generic_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ + IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ + IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) #define IMPLEMENT_var_keylen_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) \ -IMPLEMENT_var_keylen_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \ - blkbits, ivbits, typ) + blkbits, ivbits, typ) \ + IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) \ + IMPLEMENT_var_keylen_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \ + blkbits, ivbits, typ) PROV_CIPHER_HW_FN ossl_cipher_hw_generic_cbc; PROV_CIPHER_HW_FN ossl_cipher_hw_generic_ecb; @@ -229,135 +228,137 @@ PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_cbc; PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_cfb8; PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_cfb128; PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_ofb128; -#define ossl_cipher_hw_chunked_ecb ossl_cipher_hw_generic_ecb -#define ossl_cipher_hw_chunked_ctr ossl_cipher_hw_generic_ctr +#define ossl_cipher_hw_chunked_ecb ossl_cipher_hw_generic_ecb +#define ossl_cipher_hw_chunked_ctr ossl_cipher_hw_generic_ctr #define ossl_cipher_hw_chunked_cfb1 ossl_cipher_hw_generic_cfb1 -#define IMPLEMENT_CIPHER_HW_OFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ -static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ - unsigned char *out, \ - const unsigned char *in, size_t len) \ -{ \ - int num = ctx->num; \ - KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ - \ - while (len >= MAXCHUNK) { \ - FUNC_PREFIX##_encrypt(in, out, MAXCHUNK, key, ctx->iv, &num); \ - len -= MAXCHUNK; \ - in += MAXCHUNK; \ - out += MAXCHUNK; \ - } \ - if (len > 0) { \ - FUNC_PREFIX##_encrypt(in, out, (long)len, key, ctx->iv, &num); \ - } \ - ctx->num = num; \ - return 1; \ -} +#define IMPLEMENT_CIPHER_HW_OFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ + static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ + { \ + int num = ctx->num; \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + \ + while (len >= MAXCHUNK) { \ + FUNC_PREFIX##_encrypt(in, out, MAXCHUNK, key, ctx->iv, &num); \ + len -= MAXCHUNK; \ + in += MAXCHUNK; \ + out += MAXCHUNK; \ + } \ + if (len > 0) { \ + FUNC_PREFIX##_encrypt(in, out, (long)len, key, ctx->iv, &num); \ + } \ + ctx->num = num; \ + return 1; \ + } -#define IMPLEMENT_CIPHER_HW_ECB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ -static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ - unsigned char *out, \ - const unsigned char *in, size_t len) \ -{ \ - size_t i, bl = ctx->blocksize; \ - KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ - \ - if (len < bl) \ - return 1; \ - for (i = 0, len -= bl; i <= len; i += bl) \ - FUNC_PREFIX##_encrypt(in + i, out + i, key, ctx->enc); \ - return 1; \ -} +#define IMPLEMENT_CIPHER_HW_ECB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ + static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ + { \ + size_t i, bl = ctx->blocksize; \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + \ + if (len < bl) \ + return 1; \ + for (i = 0, len -= bl; i <= len; i += bl) \ + FUNC_PREFIX##_encrypt(in + i, out + i, key, ctx->enc); \ + return 1; \ + } #define IMPLEMENT_CIPHER_HW_CBC(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ -static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ - unsigned char *out, \ - const unsigned char *in, size_t len) \ -{ \ - KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ + { \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ \ - while (len >= MAXCHUNK) { \ - FUNC_PREFIX##_encrypt(in, out, MAXCHUNK, key, ctx->iv, ctx->enc); \ - len -= MAXCHUNK; \ - in += MAXCHUNK; \ - out += MAXCHUNK; \ - } \ - if (len > 0) \ - FUNC_PREFIX##_encrypt(in, out, (long)len, key, ctx->iv, ctx->enc); \ - return 1; \ -} + while (len >= MAXCHUNK) { \ + FUNC_PREFIX##_encrypt(in, out, MAXCHUNK, key, ctx->iv, ctx->enc); \ + len -= MAXCHUNK; \ + in += MAXCHUNK; \ + out += MAXCHUNK; \ + } \ + if (len > 0) \ + FUNC_PREFIX##_encrypt(in, out, (long)len, key, ctx->iv, ctx->enc); \ + return 1; \ + } -#define IMPLEMENT_CIPHER_HW_CFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ -static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ - unsigned char *out, \ - const unsigned char *in, size_t len) \ -{ \ - size_t chunk = MAXCHUNK; \ - KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ - int num = ctx->num; \ - \ - if (len < chunk) \ - chunk = len; \ - while (len > 0 && len >= chunk) { \ - FUNC_PREFIX##_encrypt(in, out, (long)chunk, key, ctx->iv, &num, \ - ctx->enc); \ - len -= chunk; \ - in += chunk; \ - out += chunk; \ - if (len < chunk) \ - chunk = len; \ - } \ - ctx->num = num; \ - return 1; \ -} +#define IMPLEMENT_CIPHER_HW_CFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ + static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ + unsigned char *out, \ + const unsigned char *in, size_t len) \ + { \ + size_t chunk = MAXCHUNK; \ + KEY_NAME *key = &(((CTX_NAME *)ctx)->ks.ks); \ + int num = ctx->num; \ + \ + if (len < chunk) \ + chunk = len; \ + while (len > 0 && len >= chunk) { \ + FUNC_PREFIX##_encrypt(in, out, (long)chunk, key, ctx->iv, &num, \ + ctx->enc); \ + len -= chunk; \ + in += chunk; \ + out += chunk; \ + if (len < chunk) \ + chunk = len; \ + } \ + ctx->num = num; \ + return 1; \ + } -#define IMPLEMENT_CIPHER_HW_COPYCTX(name, CTX_TYPE) \ -static void name(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src) \ -{ \ - CTX_TYPE *sctx = (CTX_TYPE *)src; \ - CTX_TYPE *dctx = (CTX_TYPE *)dst; \ - \ - *dctx = *sctx; \ - dst->ks = &dctx->ks.ks; \ -} +#define IMPLEMENT_CIPHER_HW_COPYCTX(name, CTX_TYPE) \ + static void name(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src) \ + { \ + CTX_TYPE *sctx = (CTX_TYPE *)src; \ + CTX_TYPE *dctx = (CTX_TYPE *)dst; \ + \ + *dctx = *sctx; \ + dst->ks = &dctx->ks.ks; \ + } -#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(name) \ -static const OSSL_PARAM name##_known_gettable_ctx_params[] = { \ - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), \ - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), \ - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), \ - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), \ - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), \ - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), +#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(name) \ + static const OSSL_PARAM name##_known_gettable_ctx_params[] = { \ + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), \ + OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), \ + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), \ + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), \ + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0), \ + OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0), -#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name) \ - OSSL_PARAM_END \ -}; \ -const OSSL_PARAM * name##_gettable_ctx_params(ossl_unused void *cctx, \ - ossl_unused void *provctx) \ -{ \ - return name##_known_gettable_ctx_params; \ -} +#define CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(name) \ + OSSL_PARAM_END \ + } \ + ; \ + const OSSL_PARAM *name##_gettable_ctx_params(ossl_unused void *cctx, \ + ossl_unused void *provctx) \ + { \ + return name##_known_gettable_ctx_params; \ + } -#define CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(name) \ -static const OSSL_PARAM name##_known_settable_ctx_params[] = { \ - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), \ - OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), -#define CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(name) \ - OSSL_PARAM_END \ -}; \ -const OSSL_PARAM * name##_settable_ctx_params(ossl_unused void *cctx, \ - ossl_unused void *provctx) \ -{ \ - return name##_known_settable_ctx_params; \ -} +#define CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(name) \ + static const OSSL_PARAM name##_known_settable_ctx_params[] = { \ + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_PADDING, NULL), \ + OSSL_PARAM_uint(OSSL_CIPHER_PARAM_NUM, NULL), +#define CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(name) \ + OSSL_PARAM_END \ + } \ + ; \ + const OSSL_PARAM *name##_settable_ctx_params(ossl_unused void *cctx, \ + ossl_unused void *provctx) \ + { \ + return name##_known_settable_ctx_params; \ + } int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, - size_t ivlen); + size_t ivlen); size_t ossl_cipher_fillblock(unsigned char *buf, size_t *buflen, - size_t blocksize, - const unsigned char **in, size_t *inlen); + size_t blocksize, + const unsigned char **in, size_t *inlen); int ossl_cipher_trailingdata(unsigned char *buf, size_t *buflen, - size_t blocksize, - const unsigned char **in, size_t *inlen); + size_t blocksize, + const unsigned char **in, size_t *inlen); diff --git a/providers/implementations/include/prov/ciphercommon_aead.h b/providers/implementations/include/prov/ciphercommon_aead.h index 4a5329e98406..a618ac29bfdf 100644 --- a/providers/implementations/include/prov/ciphercommon_aead.h +++ b/providers/implementations/include/prov/ciphercommon_aead.h @@ -11,42 +11,42 @@ #define AEAD_FLAGS (PROV_CIPHER_FLAG_AEAD | PROV_CIPHER_FLAG_CUSTOM_IV) -#define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ -static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ -} \ -static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \ -static void * alg##kbits##lc##_newctx(void *provctx) \ -{ \ - return alg##_##lc##_newctx(provctx, kbits); \ -} \ -static void * alg##kbits##lc##_dupctx(void *src) \ -{ \ - return alg##_##lc##_dupctx(src); \ -} \ -const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ - { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \ - { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \ - { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##kbits##lc##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_##lc##_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_##lc##_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_##lc##_stream_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_##lc##_stream_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_##lc##_cipher }, \ - { OSSL_FUNC_CIPHER_GET_PARAMS, \ - (void (*)(void)) alg##_##kbits##_##lc##_get_params }, \ - { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void)) ossl_##lc##_get_ctx_params }, \ - { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void)) ossl_##lc##_set_ctx_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))ossl_cipher_generic_gettable_params }, \ - { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_aead_gettable_ctx_params }, \ - { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))ossl_cipher_aead_settable_ctx_params }, \ - { 0, NULL } \ -} +#define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ + static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ + static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ + } \ + static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \ + static void *alg##kbits##lc##_newctx(void *provctx) \ + { \ + return alg##_##lc##_newctx(provctx, kbits); \ + } \ + static void *alg##kbits##lc##_dupctx(void *src) \ + { \ + return alg##_##lc##_dupctx(src); \ + } \ + const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ + { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \ + { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \ + { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##kbits##lc##_dupctx }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_##lc##_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_##lc##_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_##lc##_stream_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_##lc##_stream_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_##lc##_cipher }, \ + { OSSL_FUNC_CIPHER_GET_PARAMS, \ + (void (*)(void))alg##_##kbits##_##lc##_get_params }, \ + { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ + (void (*)(void))ossl_##lc##_get_ctx_params }, \ + { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ + (void (*)(void))ossl_##lc##_set_ctx_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ + { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_aead_gettable_ctx_params }, \ + { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ + (void (*)(void))ossl_cipher_aead_settable_ctx_params }, \ + { 0, NULL } \ + } diff --git a/providers/implementations/include/prov/ciphercommon_ccm.h b/providers/implementations/include/prov/ciphercommon_ccm.h index 4c184b395f44..2c7832f51004 100644 --- a/providers/implementations/include/prov/ciphercommon_ccm.h +++ b/providers/implementations/include/prov/ciphercommon_ccm.h @@ -29,41 +29,28 @@ typedef struct S390X_kmac_params_st { /* Base structure that is shared by AES & ARIA for CCM MODE */ typedef struct prov_ccm_st { unsigned int enc : 1; - unsigned int key_set : 1; /* Set if key initialised */ - unsigned int iv_set : 1; /* Set if an iv is set */ - unsigned int tag_set : 1; /* Set if tag is valid */ - unsigned int len_set : 1; /* Set if message length set */ - size_t l, m; /* L and M parameters from RFC3610 */ + unsigned int key_set : 1; /* Set if key initialised */ + unsigned int iv_set : 1; /* Set if an iv is set */ + unsigned int tag_set : 1; /* Set if tag is valid */ + unsigned int len_set : 1; /* Set if message length set */ + size_t l, m; /* L and M parameters from RFC3610 */ size_t keylen; - size_t tls_aad_len; /* TLS AAD length */ + size_t tls_aad_len; /* TLS AAD length */ size_t tls_aad_pad_sz; unsigned char iv[GENERIC_BLOCK_SIZE]; unsigned char buf[GENERIC_BLOCK_SIZE]; CCM128_CONTEXT ccm_ctx; ccm128_f str; - const PROV_CCM_HW *hw; /* hardware specific methods */ + const PROV_CCM_HW *hw; /* hardware specific methods */ } PROV_CCM_CTX; -PROV_CIPHER_FUNC(int, CCM_cipher, (PROV_CCM_CTX *ctx, unsigned char *out, \ - size_t *padlen, const unsigned char *in, \ - size_t len)); -PROV_CIPHER_FUNC(int, CCM_setkey, (PROV_CCM_CTX *ctx, \ - const unsigned char *key, size_t keylen)); -PROV_CIPHER_FUNC(int, CCM_setiv, (PROV_CCM_CTX *dat, \ - const unsigned char *iv, size_t ivlen, \ - size_t mlen)); -PROV_CIPHER_FUNC(int, CCM_setaad, (PROV_CCM_CTX *ctx, \ - const unsigned char *aad, size_t aadlen)); -PROV_CIPHER_FUNC(int, CCM_auth_encrypt, (PROV_CCM_CTX *ctx, \ - const unsigned char *in, \ - unsigned char *out, size_t len, \ - unsigned char *tag, size_t taglen)); -PROV_CIPHER_FUNC(int, CCM_auth_decrypt, (PROV_CCM_CTX *ctx, \ - const unsigned char *in, \ - unsigned char *out, size_t len, \ - unsigned char *tag, size_t taglen)); -PROV_CIPHER_FUNC(int, CCM_gettag, (PROV_CCM_CTX *ctx, \ - unsigned char *tag, size_t taglen)); +PROV_CIPHER_FUNC(int, CCM_cipher, (PROV_CCM_CTX * ctx, unsigned char *out, size_t *padlen, const unsigned char *in, size_t len)); +PROV_CIPHER_FUNC(int, CCM_setkey, (PROV_CCM_CTX * ctx, const unsigned char *key, size_t keylen)); +PROV_CIPHER_FUNC(int, CCM_setiv, (PROV_CCM_CTX * dat, const unsigned char *iv, size_t ivlen, size_t mlen)); +PROV_CIPHER_FUNC(int, CCM_setaad, (PROV_CCM_CTX * ctx, const unsigned char *aad, size_t aadlen)); +PROV_CIPHER_FUNC(int, CCM_auth_encrypt, (PROV_CCM_CTX * ctx, const unsigned char *in, unsigned char *out, size_t len, unsigned char *tag, size_t taglen)); +PROV_CIPHER_FUNC(int, CCM_auth_decrypt, (PROV_CCM_CTX * ctx, const unsigned char *in, unsigned char *out, size_t len, unsigned char *tag, size_t taglen)); +PROV_CIPHER_FUNC(int, CCM_gettag, (PROV_CCM_CTX * ctx, unsigned char *tag, size_t taglen)); /* * CCM Mode internal method table used to handle hardware specific differences, @@ -88,13 +75,13 @@ OSSL_FUNC_cipher_cipher_fn ossl_ccm_cipher; void ossl_ccm_initctx(PROV_CCM_CTX *ctx, size_t keybits, const PROV_CCM_HW *hw); int ossl_ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce, - size_t nlen, size_t mlen); + size_t nlen, size_t mlen); int ossl_ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad, - size_t alen); + size_t alen); int ossl_ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag, size_t tlen); int ossl_ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len, - unsigned char *tag, size_t taglen); + unsigned char *out, size_t len, + unsigned char *tag, size_t taglen); int ossl_ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in, - unsigned char *out, size_t len, - unsigned char *expected_tag, size_t taglen); + unsigned char *out, size_t len, + unsigned char *expected_tag, size_t taglen); diff --git a/providers/implementations/include/prov/ciphercommon_gcm.h b/providers/implementations/include/prov/ciphercommon_gcm.h index 7c4a548f9d44..6e78ff8583c2 100644 --- a/providers/implementations/include/prov/ciphercommon_gcm.h +++ b/providers/implementations/include/prov/ciphercommon_gcm.h @@ -14,8 +14,8 @@ typedef struct prov_gcm_hw_st PROV_GCM_HW; #define GCM_IV_DEFAULT_SIZE 12 /* IV's for AES_GCM should normally be 12 bytes */ -#define GCM_IV_MAX_SIZE (1024 / 8) -#define GCM_TAG_MAX_SIZE 16 +#define GCM_IV_MAX_SIZE (1024 / 8) +#define GCM_TAG_MAX_SIZE 16 #if defined(OPENSSL_CPUID_OBJ) && defined(__s390__) /*- @@ -38,67 +38,59 @@ typedef struct S390X_kma_params_st { union { unsigned long long g[2]; unsigned int w[4]; - } j0; /* initial counter value */ - unsigned char k[32]; /* key */ + } j0; /* initial counter value */ + unsigned char k[32]; /* key */ } S390X_KMA_PARAMS; #endif typedef struct prov_gcm_ctx_st { - unsigned int mode; /* The mode that we are using */ + unsigned int mode; /* The mode that we are using */ size_t keylen; size_t ivlen; size_t taglen; size_t tls_aad_pad_sz; - size_t tls_aad_len; /* TLS AAD length */ - uint64_t tls_enc_records; /* Number of TLS records encrypted */ + size_t tls_aad_len; /* TLS AAD length */ + uint64_t tls_enc_records; /* Number of TLS records encrypted */ /* * num contains the number of bytes of |iv| which are valid for modes that * manage partial blocks themselves. */ size_t num; - size_t bufsz; /* Number of bytes in buf */ + size_t bufsz; /* Number of bytes in buf */ uint64_t flags; - unsigned int iv_state; /* set to one of IV_STATE_XXX */ - unsigned int enc:1; /* Set to 1 if we are encrypting or 0 otherwise */ - unsigned int pad:1; /* Whether padding should be used or not */ - unsigned int key_set:1; /* Set if key initialised */ - unsigned int iv_gen_rand:1; /* No IV was specified, so generate a rand IV */ - unsigned int iv_gen:1; /* It is OK to generate IVs */ + unsigned int iv_state; /* set to one of IV_STATE_XXX */ + unsigned int enc : 1; /* Set to 1 if we are encrypting or 0 otherwise */ + unsigned int pad : 1; /* Whether padding should be used or not */ + unsigned int key_set : 1; /* Set if key initialised */ + unsigned int iv_gen_rand : 1; /* No IV was specified, so generate a rand IV */ + unsigned int iv_gen : 1; /* It is OK to generate IVs */ unsigned char iv[GCM_IV_MAX_SIZE]; /* Buffer to use for IV's */ unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */ - OSSL_LIB_CTX *libctx; /* needed for rand calls */ - const PROV_GCM_HW *hw; /* hardware specific methods */ + OSSL_LIB_CTX *libctx; /* needed for rand calls */ + const PROV_GCM_HW *hw; /* hardware specific methods */ GCM128_CONTEXT gcm; ctr128_f ctr; const void *ks; } PROV_GCM_CTX; -PROV_CIPHER_FUNC(int, GCM_setkey, (PROV_GCM_CTX *ctx, const unsigned char *key, - size_t keylen)); -PROV_CIPHER_FUNC(int, GCM_setiv, (PROV_GCM_CTX *dat, const unsigned char *iv, - size_t ivlen)); -PROV_CIPHER_FUNC(int, GCM_aadupdate, (PROV_GCM_CTX *ctx, - const unsigned char *aad, size_t aadlen)); -PROV_CIPHER_FUNC(int, GCM_cipherupdate, (PROV_GCM_CTX *ctx, - const unsigned char *in, size_t len, - unsigned char *out)); -PROV_CIPHER_FUNC(int, GCM_cipherfinal, (PROV_GCM_CTX *ctx, unsigned char *tag)); -PROV_CIPHER_FUNC(int, GCM_oneshot, (PROV_GCM_CTX *ctx, unsigned char *aad, - size_t aad_len, const unsigned char *in, - size_t in_len, unsigned char *out, - unsigned char *tag, size_t taglen)); +PROV_CIPHER_FUNC(int, GCM_setkey, (PROV_GCM_CTX * ctx, const unsigned char *key, size_t keylen)); +PROV_CIPHER_FUNC(int, GCM_setiv, (PROV_GCM_CTX * dat, const unsigned char *iv, size_t ivlen)); +PROV_CIPHER_FUNC(int, GCM_aadupdate, (PROV_GCM_CTX * ctx, const unsigned char *aad, size_t aadlen)); +PROV_CIPHER_FUNC(int, GCM_cipherupdate, (PROV_GCM_CTX * ctx, const unsigned char *in, size_t len, unsigned char *out)); +PROV_CIPHER_FUNC(int, GCM_cipherfinal, (PROV_GCM_CTX * ctx, unsigned char *tag)); +PROV_CIPHER_FUNC(int, GCM_oneshot, (PROV_GCM_CTX * ctx, unsigned char *aad, size_t aad_len, const unsigned char *in, size_t in_len, unsigned char *out, unsigned char *tag, size_t taglen)); struct prov_gcm_hw_st { - OSSL_GCM_setkey_fn setkey; - OSSL_GCM_setiv_fn setiv; - OSSL_GCM_aadupdate_fn aadupdate; - OSSL_GCM_cipherupdate_fn cipherupdate; - OSSL_GCM_cipherfinal_fn cipherfinal; - OSSL_GCM_oneshot_fn oneshot; + OSSL_GCM_setkey_fn setkey; + OSSL_GCM_setiv_fn setiv; + OSSL_GCM_aadupdate_fn aadupdate; + OSSL_GCM_cipherupdate_fn cipherupdate; + OSSL_GCM_cipherfinal_fn cipherfinal; + OSSL_GCM_oneshot_fn oneshot; }; OSSL_FUNC_cipher_encrypt_init_fn ossl_gcm_einit; @@ -109,21 +101,21 @@ OSSL_FUNC_cipher_cipher_fn ossl_gcm_cipher; OSSL_FUNC_cipher_update_fn ossl_gcm_stream_update; OSSL_FUNC_cipher_final_fn ossl_gcm_stream_final; void ossl_gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits, - const PROV_GCM_HW *hw); + const PROV_GCM_HW *hw); int ossl_gcm_setiv(PROV_GCM_CTX *ctx, const unsigned char *iv, size_t ivlen); int ossl_gcm_aad_update(PROV_GCM_CTX *ctx, const unsigned char *aad, - size_t aad_len); + size_t aad_len); int ossl_gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag); int ossl_gcm_one_shot(PROV_GCM_CTX *ctx, unsigned char *aad, size_t aad_len, - const unsigned char *in, size_t in_len, - unsigned char *out, unsigned char *tag, size_t tag_len); + const unsigned char *in, size_t in_len, + unsigned char *out, unsigned char *tag, size_t tag_len); int ossl_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in, - size_t len, unsigned char *out); + size_t len, unsigned char *out); -#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \ - ctx->ks = ks; \ - fn_set_enc_key(key, keylen * 8, ks); \ - CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \ - ctx->ctr = (ctr128_f)fn_ctr; \ +#define GCM_HW_SET_KEY_CTR_FN(ks, fn_set_enc_key, fn_block, fn_ctr) \ + ctx->ks = ks; \ + fn_set_enc_key(key, keylen * 8, ks); \ + CRYPTO_gcm128_init(&ctx->gcm, ks, (block128_f)fn_block); \ + ctx->ctr = (ctr128_f)fn_ctr; \ ctx->key_set = 1; diff --git a/providers/implementations/include/prov/digestcommon.h b/providers/implementations/include/prov/digestcommon.h index abdb8bb2ad55..850de610da12 100644 --- a/providers/implementations/include/prov/digestcommon.h +++ b/providers/implementations/include/prov/digestcommon.h @@ -8,119 +8,123 @@ */ #ifndef OSSL_PROVIDERS_DIGESTCOMMON_H -# define OSSL_PROVIDERS_DIGESTCOMMON_H +#define OSSL_PROVIDERS_DIGESTCOMMON_H -# include <openssl/core_dispatch.h> -# include <openssl/core_names.h> -# include <openssl/params.h> -# include "prov/providercommon.h" +#include <openssl/core_dispatch.h> +#include <openssl/core_names.h> +#include <openssl/params.h> +#include "prov/providercommon.h" /* Internal flags that can be queried */ -#define PROV_DIGEST_FLAG_XOF 0x0001 -#define PROV_DIGEST_FLAG_ALGID_ABSENT 0x0002 +#define PROV_DIGEST_FLAG_XOF 0x0001 +#define PROV_DIGEST_FLAG_ALGID_ABSENT 0x0002 -# ifdef __cplusplus +#ifdef __cplusplus extern "C" { -# endif +#endif -#define PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ -static OSSL_FUNC_digest_get_params_fn name##_get_params; \ -static int name##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_digest_default_get_params(params, blksize, dgstsize, flags); \ -} - -#define PROV_DISPATCH_FUNC_DIGEST_GET_PARAMS(name) \ -{ OSSL_FUNC_DIGEST_GET_PARAMS, (void (*)(void))name##_get_params }, \ -{ OSSL_FUNC_DIGEST_GETTABLE_PARAMS, \ - (void (*)(void))ossl_digest_default_gettable_params } +#define PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ + static OSSL_FUNC_digest_get_params_fn name##_get_params; \ + static int name##_get_params(OSSL_PARAM params[]) \ + { \ + return ossl_digest_default_get_params(params, blksize, dgstsize, flags); \ + } -# define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ -static OSSL_FUNC_digest_final_fn name##_internal_final; \ -static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ - size_t outsz) \ -{ \ - if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \ - *outl = dgstsize; \ - return 1; \ - } \ - return 0; \ -} +#define PROV_DISPATCH_FUNC_DIGEST_GET_PARAMS(name) \ + { OSSL_FUNC_DIGEST_GET_PARAMS, (void (*)(void))name##_get_params }, \ + { \ + OSSL_FUNC_DIGEST_GETTABLE_PARAMS, \ + (void (*)(void))ossl_digest_default_gettable_params \ + } -# define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START( \ - name, CTX, blksize, dgstsize, flags, upd, fin) \ -static OSSL_FUNC_digest_newctx_fn name##_newctx; \ -static OSSL_FUNC_digest_freectx_fn name##_freectx; \ -static OSSL_FUNC_digest_dupctx_fn name##_dupctx; \ -static void *name##_newctx(void *prov_ctx) \ -{ \ - CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) : NULL; \ - return ctx; \ -} \ -static void name##_freectx(void *vctx) \ -{ \ - CTX *ctx = (CTX *)vctx; \ - OPENSSL_clear_free(ctx, sizeof(*ctx)); \ -} \ -static void *name##_dupctx(void *ctx) \ -{ \ - CTX *in = (CTX *)ctx; \ - CTX *ret = ossl_prov_is_running() ? OPENSSL_malloc(sizeof(*ret)) : NULL; \ - if (ret != NULL) \ - *ret = *in; \ - return ret; \ -} \ -PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ -PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ -const OSSL_DISPATCH ossl_##name##_functions[] = { \ - { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \ - { OSSL_FUNC_DIGEST_UPDATE, (void (*)(void))upd }, \ - { OSSL_FUNC_DIGEST_FINAL, (void (*)(void))name##_internal_final }, \ - { OSSL_FUNC_DIGEST_FREECTX, (void (*)(void))name##_freectx }, \ - { OSSL_FUNC_DIGEST_DUPCTX, (void (*)(void))name##_dupctx }, \ - PROV_DISPATCH_FUNC_DIGEST_GET_PARAMS(name) +#define PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ + static OSSL_FUNC_digest_final_fn name##_internal_final; \ + static int name##_internal_final(void *ctx, unsigned char *out, size_t *outl, \ + size_t outsz) \ + { \ + if (ossl_prov_is_running() && outsz >= dgstsize && fin(out, ctx)) { \ + *outl = dgstsize; \ + return 1; \ + } \ + return 0; \ + } -# define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END \ - { 0, NULL } \ -}; +#define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START( \ + name, CTX, blksize, dgstsize, flags, upd, fin) \ + static OSSL_FUNC_digest_newctx_fn name##_newctx; \ + static OSSL_FUNC_digest_freectx_fn name##_freectx; \ + static OSSL_FUNC_digest_dupctx_fn name##_dupctx; \ + static void *name##_newctx(void *prov_ctx) \ + { \ + CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx)) : NULL; \ + return ctx; \ + } \ + static void name##_freectx(void *vctx) \ + { \ + CTX *ctx = (CTX *)vctx; \ + OPENSSL_clear_free(ctx, sizeof(*ctx)); \ + } \ + static void *name##_dupctx(void *ctx) \ + { \ + CTX *in = (CTX *)ctx; \ + CTX *ret = ossl_prov_is_running() ? OPENSSL_malloc(sizeof(*ret)) : NULL; \ + if (ret != NULL) \ + *ret = *in; \ + return ret; \ + } \ + PROV_FUNC_DIGEST_FINAL(name, dgstsize, fin) \ + PROV_FUNC_DIGEST_GET_PARAM(name, blksize, dgstsize, flags) \ + const OSSL_DISPATCH ossl_##name##_functions[] = { \ + { OSSL_FUNC_DIGEST_NEWCTX, (void (*)(void))name##_newctx }, \ + { OSSL_FUNC_DIGEST_UPDATE, (void (*)(void))upd }, \ + { OSSL_FUNC_DIGEST_FINAL, (void (*)(void))name##_internal_final }, \ + { OSSL_FUNC_DIGEST_FREECTX, (void (*)(void))name##_freectx }, \ + { OSSL_FUNC_DIGEST_DUPCTX, (void (*)(void))name##_dupctx }, \ + PROV_DISPATCH_FUNC_DIGEST_GET_PARAMS(name) -# define IMPLEMENT_digest_functions( \ - name, CTX, blksize, dgstsize, flags, init, upd, fin) \ -static OSSL_FUNC_digest_init_fn name##_internal_init; \ -static int name##_internal_init(void *ctx, \ - ossl_unused const OSSL_PARAM params[]) \ -{ \ - return ossl_prov_is_running() && init(ctx); \ -} \ -PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START(name, CTX, blksize, dgstsize, flags, \ - upd, fin), \ - { OSSL_FUNC_DIGEST_INIT, (void (*)(void))name##_internal_init }, \ -PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END +#define PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END \ + { \ + 0, NULL \ + } \ + } \ + ; -# define IMPLEMENT_digest_functions_with_settable_ctx( \ - name, CTX, blksize, dgstsize, flags, init, upd, fin, \ - settable_ctx_params, set_ctx_params) \ -static OSSL_FUNC_digest_init_fn name##_internal_init; \ -static int name##_internal_init(void *ctx, const OSSL_PARAM params[]) \ -{ \ - return ossl_prov_is_running() \ - && init(ctx) \ - && set_ctx_params(ctx, params); \ -} \ -PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START(name, CTX, blksize, dgstsize, flags, \ - upd, fin), \ - { OSSL_FUNC_DIGEST_INIT, (void (*)(void))name##_internal_init }, \ - { OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS, (void (*)(void))settable_ctx_params }, \ - { OSSL_FUNC_DIGEST_SET_CTX_PARAMS, (void (*)(void))set_ctx_params }, \ -PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END +#define IMPLEMENT_digest_functions( \ + name, CTX, blksize, dgstsize, flags, init, upd, fin) \ + static OSSL_FUNC_digest_init_fn name##_internal_init; \ + static int name##_internal_init(void *ctx, \ + ossl_unused const OSSL_PARAM params[]) \ + { \ + return ossl_prov_is_running() && init(ctx); \ + } \ + PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START(name, CTX, blksize, dgstsize, flags, \ + upd, fin), \ + { OSSL_FUNC_DIGEST_INIT, (void (*)(void))name##_internal_init }, \ + PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END +#define IMPLEMENT_digest_functions_with_settable_ctx( \ + name, CTX, blksize, dgstsize, flags, init, upd, fin, \ + settable_ctx_params, set_ctx_params) \ + static OSSL_FUNC_digest_init_fn name##_internal_init; \ + static int name##_internal_init(void *ctx, const OSSL_PARAM params[]) \ + { \ + return ossl_prov_is_running() \ + && init(ctx) \ + && set_ctx_params(ctx, params); \ + } \ + PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_START(name, CTX, blksize, dgstsize, flags, \ + upd, fin), \ + { OSSL_FUNC_DIGEST_INIT, (void (*)(void))name##_internal_init }, \ + { OSSL_FUNC_DIGEST_SETTABLE_CTX_PARAMS, (void (*)(void))settable_ctx_params }, \ + { OSSL_FUNC_DIGEST_SET_CTX_PARAMS, (void (*)(void))set_ctx_params }, \ + PROV_DISPATCH_FUNC_DIGEST_CONSTRUCT_END const OSSL_PARAM *ossl_digest_default_gettable_params(void *provctx); int ossl_digest_default_get_params(OSSL_PARAM params[], size_t blksz, - size_t paramsz, unsigned long flags); + size_t paramsz, unsigned long flags); -# ifdef __cplusplus +#ifdef __cplusplus } -# endif +#endif #endif /* OSSL_PROVIDERS_DIGESTCOMMON_H */ diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index 6786ad691535..6f833b31f014 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -197,7 +197,7 @@ extern const OSSL_DISPATCH ossl_rc2128ofb128_functions[]; #ifndef OPENSSL_NO_DES extern const OSSL_DISPATCH ossl_tdes_ede3_ecb_functions[]; extern const OSSL_DISPATCH ossl_tdes_ede3_cbc_functions[]; -# ifndef FIPS_MODULE +#ifndef FIPS_MODULE extern const OSSL_DISPATCH ossl_tdes_ede3_ofb_functions[]; extern const OSSL_DISPATCH ossl_tdes_ede3_cfb_functions[]; extern const OSSL_DISPATCH ossl_tdes_ede3_cfb8_functions[]; @@ -217,24 +217,23 @@ extern const OSSL_DISPATCH ossl_des_ofb64_functions[]; extern const OSSL_DISPATCH ossl_des_cfb64_functions[]; extern const OSSL_DISPATCH ossl_des_cfb1_functions[]; extern const OSSL_DISPATCH ossl_des_cfb8_functions[]; -# endif /* FIPS_MODULE */ +#endif /* FIPS_MODULE */ #endif /* OPENSSL_NO_DES */ #ifndef OPENSSL_NO_RC4 extern const OSSL_DISPATCH ossl_rc440_functions[]; extern const OSSL_DISPATCH ossl_rc4128_functions[]; -# ifndef OPENSSL_NO_MD5 +#ifndef OPENSSL_NO_MD5 extern const OSSL_DISPATCH ossl_rc4_hmac_ossl_md5_functions[]; -# endif /* OPENSSL_NO_MD5 */ +#endif /* OPENSSL_NO_MD5 */ #endif /* OPENSSL_NO_RC4 */ #ifndef OPENSSL_NO_CHACHA extern const OSSL_DISPATCH ossl_chacha20_functions[]; -# ifndef OPENSSL_NO_POLY1305 +#ifndef OPENSSL_NO_POLY1305 extern const OSSL_DISPATCH ossl_chacha20_ossl_poly1305_functions[]; -# endif /* OPENSSL_NO_POLY1305 */ +#endif /* OPENSSL_NO_POLY1305 */ #endif /* OPENSSL_NO_CHACHA */ - #ifndef OPENSSL_NO_SIV extern const OSSL_DISPATCH ossl_aes128siv_functions[]; extern const OSSL_DISPATCH ossl_aes192siv_functions[]; diff --git a/providers/implementations/include/prov/md5_sha1.h b/providers/implementations/include/prov/md5_sha1.h index 181267d6b19f..da97f89be042 100644 --- a/providers/implementations/include/prov/md5_sha1.h +++ b/providers/implementations/include/prov/md5_sha1.h @@ -8,18 +8,18 @@ */ #ifndef OSSL_PROV_MD5_SHA1_H -# define OSSL_PROV_MD5_SHA1_H +#define OSSL_PROV_MD5_SHA1_H -# include <openssl/opensslconf.h> +#include <openssl/opensslconf.h> -# ifndef OPENSSL_NO_MD5 -# include <openssl/e_os2.h> -# include <stddef.h> -# include <openssl/md5.h> -# include <openssl/sha.h> +#ifndef OPENSSL_NO_MD5 +#include <openssl/e_os2.h> +#include <stddef.h> +#include <openssl/md5.h> +#include <openssl/sha.h> -# define MD5_SHA1_DIGEST_LENGTH (MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH) -# define MD5_SHA1_CBLOCK MD5_CBLOCK +#define MD5_SHA1_DIGEST_LENGTH (MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH) +#define MD5_SHA1_CBLOCK MD5_CBLOCK typedef struct md5_sha1_st { MD5_CTX md5; @@ -31,6 +31,6 @@ int ossl_md5_sha1_update(MD5_SHA1_CTX *mctx, const void *data, size_t count); int ossl_md5_sha1_final(unsigned char *md, MD5_SHA1_CTX *mctx); int ossl_md5_sha1_ctrl(MD5_SHA1_CTX *mctx, int cmd, int mslen, void *ms); -# endif /* OPENSSL_NO_MD5 */ +#endif /* OPENSSL_NO_MD5 */ #endif /* OSSL_PROV_MD5_SHA1_H */ diff --git a/providers/implementations/include/prov/names.h b/providers/implementations/include/prov/names.h index e0dbb69a9d8c..0a487f7de2eb 100644 --- a/providers/implementations/include/prov/names.h +++ b/providers/implementations/include/prov/names.h @@ -223,7 +223,7 @@ #define PROV_NAMES_SHAKE_256 "SHAKE-256:SHAKE256:2.16.840.1.101.3.4.2.12" /* - * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for + * KECCAK-KMAC-128 and KECCAK-KMAC-256 as hashes are mostly useful for * KMAC128 and KMAC256. */ #define PROV_NAMES_KECCAK_KMAC_128 "KECCAK-KMAC-128:KECCAK-KMAC128" diff --git a/providers/implementations/include/prov/seeding.h b/providers/implementations/include/prov/seeding.h index 637b921b2b52..a3fe0a452c6f 100644 --- a/providers/implementations/include/prov/seeding.h +++ b/providers/implementations/include/prov/seeding.h @@ -31,11 +31,11 @@ int ossl_rand_pool_add_additional_data(RAND_POOL *pool); int ossl_prov_seeding_from_dispatch(const OSSL_DISPATCH *fns); size_t ossl_prov_get_entropy(PROV_CTX *prov_ctx, unsigned char **pout, - int entropy, size_t min_len, size_t max_len); + int entropy, size_t min_len, size_t max_len); void ossl_prov_cleanup_entropy(PROV_CTX *prov_ctx, unsigned char *buf, - size_t len); + size_t len); size_t ossl_prov_get_nonce(PROV_CTX *prov_ctx, unsigned char **pout, - size_t min_len, size_t max_len, - const void *salt, size_t salt_len); + size_t min_len, size_t max_len, + const void *salt, size_t salt_len); void ossl_prov_cleanup_nonce(PROV_CTX *prov_ctx, unsigned char *buf, - size_t len); + size_t len); diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 1197a678e935..6a37d4c7b688 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -32,7 +32,7 @@ #include "e_os.h" #define HKDF_MAXBUF 2048 -#define HKDF_MAXINFO (32*1024) +#define HKDF_MAXINFO (32 * 1024) static OSSL_FUNC_kdf_newctx_fn kdf_hkdf_new; static OSSL_FUNC_kdf_freectx_fn kdf_hkdf_free; @@ -47,26 +47,26 @@ static OSSL_FUNC_kdf_settable_ctx_params_fn kdf_tls1_3_settable_ctx_params; static OSSL_FUNC_kdf_set_ctx_params_fn kdf_tls1_3_set_ctx_params; static int HKDF(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, - const unsigned char *salt, size_t salt_len, - const unsigned char *key, size_t key_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len); + const unsigned char *salt, size_t salt_len, + const unsigned char *key, size_t key_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); static int HKDF_Extract(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - unsigned char *prk, size_t prk_len); + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + unsigned char *prk, size_t prk_len); static int HKDF_Expand(const EVP_MD *evp_md, - const unsigned char *prk, size_t prk_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len); + const unsigned char *prk, size_t prk_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len); /* Settable context parameters that are common across HKDF and the TLS KDF */ -#define HKDF_COMMON_SETTABLES \ - OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MODE, NULL, 0), \ - OSSL_PARAM_int(OSSL_KDF_PARAM_MODE, NULL), \ - OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_DIGEST, NULL, 0), \ - OSSL_PARAM_octet_string(OSSL_KDF_PARAM_KEY, NULL, 0), \ +#define HKDF_COMMON_SETTABLES \ + OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MODE, NULL, 0), \ + OSSL_PARAM_int(OSSL_KDF_PARAM_MODE, NULL), \ + OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_DIGEST, NULL, 0), \ + OSSL_PARAM_octet_string(OSSL_KDF_PARAM_KEY, NULL, 0), \ OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, NULL, 0) typedef struct { @@ -147,7 +147,7 @@ static size_t kdf_hkdf_size(KDF_HKDF *ctx) } static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_HKDF *ctx = (KDF_HKDF *)vctx; OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); @@ -174,15 +174,15 @@ static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen, case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: default: return HKDF(libctx, md, ctx->salt, ctx->salt_len, - ctx->key, ctx->key_len, ctx->info, ctx->info_len, key, keylen); + ctx->key, ctx->key_len, ctx->info, ctx->info_len, key, keylen); case EVP_KDF_HKDF_MODE_EXTRACT_ONLY: return HKDF_Extract(libctx, md, ctx->salt, ctx->salt_len, - ctx->key, ctx->key_len, key, keylen); + ctx->key, ctx->key_len, key, keylen); case EVP_KDF_HKDF_MODE_EXPAND_ONLY: return HKDF_Expand(md, ctx->key, ctx->key_len, ctx->info, - ctx->info_len, key, keylen); + ctx->info_len, key, keylen); } } @@ -228,7 +228,7 @@ static int hkdf_common_set_ctx_params(KDF_HKDF *ctx, const OSSL_PARAM params[]) OPENSSL_clear_free(ctx->key, ctx->key_len); ctx->key = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->key, 0, - &ctx->key_len)) + &ctx->key_len)) return 0; } @@ -236,7 +236,7 @@ static int hkdf_common_set_ctx_params(KDF_HKDF *ctx, const OSSL_PARAM params[]) OPENSSL_free(ctx->salt); ctx->salt = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->salt, 0, - &ctx->salt_len)) + &ctx->salt_len)) return 0; } @@ -265,12 +265,12 @@ static int setinfo_fromparams(const OSSL_PARAM *p, unsigned char *out, size_t *o if (p->data_type != OSSL_PARAM_OCTET_STRING) goto err; if (p->data != NULL - && p->data_size != 0 - && !WPACKET_memcpy(&pkt, p->data, p->data_size)) + && p->data_size != 0 + && !WPACKET_memcpy(&pkt, p->data, p->data_size)) goto err; } if (!WPACKET_get_total_written(&pkt, outlen) - || !WPACKET_finish(&pkt)) + || !WPACKET_finish(&pkt)) goto err; ret = 1; err: @@ -316,7 +316,7 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_hkdf_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { HKDF_COMMON_SETTABLES, @@ -349,7 +349,7 @@ static int kdf_hkdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -360,16 +360,16 @@ static const OSSL_PARAM *kdf_hkdf_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_hkdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_hkdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_hkdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_hkdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_hkdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_hkdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_hkdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_hkdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_hkdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_hkdf_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_hkdf_set_ctx_params }, + (void (*)(void))kdf_hkdf_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_hkdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_hkdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_hkdf_get_ctx_params }, + (void (*)(void))kdf_hkdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_hkdf_get_ctx_params }, { 0, NULL } }; @@ -399,10 +399,10 @@ const OSSL_DISPATCH ossl_kdf_hkdf_functions[] = { * HKDF-Expand(PRK, info, L) -> OKM */ static int HKDF(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len) + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len) { unsigned char prk[EVP_MAX_MD_SIZE]; int ret, sz; @@ -415,7 +415,7 @@ static int HKDF(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, /* Step 1: HKDF-Extract(salt, IKM) -> PRK */ if (!HKDF_Extract(libctx, evp_md, - salt, salt_len, ikm, ikm_len, prk, prk_len)) + salt, salt_len, ikm, ikm_len, prk, prk_len)) return 0; /* Step 2: HKDF-Expand(PRK, info, L) -> OKM */ @@ -450,9 +450,9 @@ static int HKDF(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, * PRK = HMAC-Hash(salt, IKM) */ static int HKDF_Extract(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, - const unsigned char *salt, size_t salt_len, - const unsigned char *ikm, size_t ikm_len, - unsigned char *prk, size_t prk_len) + const unsigned char *salt, size_t salt_len, + const unsigned char *ikm, size_t ikm_len, + unsigned char *prk, size_t prk_len) { int sz = EVP_MD_get_size(evp_md); @@ -463,9 +463,8 @@ static int HKDF_Extract(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, return 0; } /* calc: PRK = HMAC-Hash(salt, IKM) */ - return - EVP_Q_mac(libctx, "HMAC", NULL, EVP_MD_get0_name(evp_md), NULL, salt, - salt_len, ikm, ikm_len, prk, EVP_MD_get_size(evp_md), NULL) + return EVP_Q_mac(libctx, "HMAC", NULL, EVP_MD_get0_name(evp_md), NULL, salt, + salt_len, ikm, ikm_len, prk, EVP_MD_get_size(evp_md), NULL) != NULL; } @@ -509,9 +508,9 @@ static int HKDF_Extract(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, * single octet.) */ static int HKDF_Expand(const EVP_MD *evp_md, - const unsigned char *prk, size_t prk_len, - const unsigned char *info, size_t info_len, - unsigned char *okm, size_t okm_len) + const unsigned char *prk, size_t prk_len, + const unsigned char *info, size_t info_len, + unsigned char *okm, size_t okm_len) { HMAC_CTX *hmac; int ret = 0, sz; @@ -560,9 +559,7 @@ static int HKDF_Expand(const EVP_MD *evp_md, if (!HMAC_Final(hmac, prev, NULL)) goto err; - copy_len = (dig_len > okm_len - done_len) ? - okm_len - done_len : - dig_len; + copy_len = (dig_len > okm_len - done_len) ? okm_len - done_len : dig_len; memcpy(okm + done_len, prev, copy_len); @@ -570,7 +567,7 @@ static int HKDF_Expand(const EVP_MD *evp_md, } ret = 1; - err: +err: OPENSSL_cleanse(prev, sizeof(prev)); HMAC_CTX_free(hmac); return ret; @@ -589,11 +586,11 @@ static int HKDF_Expand(const EVP_MD *evp_md, * The |data| value may be zero length. Returns 1 on success and 0 on failure. */ static int prov_tls13_hkdf_expand(const EVP_MD *md, - const unsigned char *key, size_t keylen, - const unsigned char *prefix, size_t prefixlen, - const unsigned char *label, size_t labellen, - const unsigned char *data, size_t datalen, - unsigned char *out, size_t outlen) + const unsigned char *key, size_t keylen, + const unsigned char *prefix, size_t prefixlen, + const unsigned char *label, size_t labellen, + const unsigned char *data, size_t datalen, + unsigned char *out, size_t outlen) { size_t hkdflabellen; unsigned char hkdflabel[HKDF_MAXBUF]; @@ -606,33 +603,33 @@ static int prov_tls13_hkdf_expand(const EVP_MD *md, * which should always be sufficient. */ if (!WPACKET_init_static_len(&pkt, hkdflabel, sizeof(hkdflabel), 0) - || !WPACKET_put_bytes_u16(&pkt, outlen) - || !WPACKET_start_sub_packet_u8(&pkt) - || !WPACKET_memcpy(&pkt, prefix, prefixlen) - || !WPACKET_memcpy(&pkt, label, labellen) - || !WPACKET_close(&pkt) - || !WPACKET_sub_memcpy_u8(&pkt, data, (data == NULL) ? 0 : datalen) - || !WPACKET_get_total_written(&pkt, &hkdflabellen) - || !WPACKET_finish(&pkt)) { + || !WPACKET_put_bytes_u16(&pkt, outlen) + || !WPACKET_start_sub_packet_u8(&pkt) + || !WPACKET_memcpy(&pkt, prefix, prefixlen) + || !WPACKET_memcpy(&pkt, label, labellen) + || !WPACKET_close(&pkt) + || !WPACKET_sub_memcpy_u8(&pkt, data, (data == NULL) ? 0 : datalen) + || !WPACKET_get_total_written(&pkt, &hkdflabellen) + || !WPACKET_finish(&pkt)) { WPACKET_cleanup(&pkt); return 0; } return HKDF_Expand(md, key, keylen, hkdflabel, hkdflabellen, - out, outlen); + out, outlen); } static int prov_tls13_hkdf_generate_secret(OSSL_LIB_CTX *libctx, - const EVP_MD *md, - const unsigned char *prevsecret, - size_t prevsecretlen, - const unsigned char *insecret, - size_t insecretlen, - const unsigned char *prefix, - size_t prefixlen, - const unsigned char *label, - size_t labellen, - unsigned char *out, size_t outlen) + const EVP_MD *md, + const unsigned char *prevsecret, + size_t prevsecretlen, + const unsigned char *insecret, + size_t insecretlen, + const unsigned char *prefix, + size_t prefixlen, + const unsigned char *label, + size_t labellen, + unsigned char *out, size_t outlen) { size_t mdlen; int ret; @@ -659,8 +656,8 @@ static int prov_tls13_hkdf_generate_secret(OSSL_LIB_CTX *libctx, /* The pre-extract derive step uses a hash of no messages */ if (mctx == NULL - || EVP_DigestInit_ex(mctx, md, NULL) <= 0 - || EVP_DigestFinal_ex(mctx, hash, NULL) <= 0) { + || EVP_DigestInit_ex(mctx, md, NULL) <= 0 + || EVP_DigestFinal_ex(mctx, hash, NULL) <= 0) { EVP_MD_CTX_free(mctx); return 0; } @@ -668,15 +665,15 @@ static int prov_tls13_hkdf_generate_secret(OSSL_LIB_CTX *libctx, /* Generate the pre-extract secret */ if (!prov_tls13_hkdf_expand(md, prevsecret, prevsecretlen, - prefix, prefixlen, label, labellen, - hash, mdlen, preextractsec, mdlen)) + prefix, prefixlen, label, labellen, + hash, mdlen, preextractsec, mdlen)) return 0; prevsecret = preextractsec; prevsecretlen = mdlen; } ret = HKDF_Extract(libctx, md, prevsecret, prevsecretlen, - insecret, insecretlen, out, outlen); + insecret, insecretlen, out, outlen); if (prevsecret == preextractsec) OPENSSL_cleanse(preextractsec, mdlen); @@ -684,7 +681,7 @@ static int prov_tls13_hkdf_generate_secret(OSSL_LIB_CTX *libctx, } static int kdf_tls1_3_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_HKDF *ctx = (KDF_HKDF *)vctx; const EVP_MD *md; @@ -704,19 +701,19 @@ static int kdf_tls1_3_derive(void *vctx, unsigned char *key, size_t keylen, case EVP_KDF_HKDF_MODE_EXTRACT_ONLY: return prov_tls13_hkdf_generate_secret(PROV_LIBCTX_OF(ctx->provctx), - md, - ctx->salt, ctx->salt_len, - ctx->key, ctx->key_len, - ctx->prefix, ctx->prefix_len, - ctx->label, ctx->label_len, - key, keylen); + md, + ctx->salt, ctx->salt_len, + ctx->key, ctx->key_len, + ctx->prefix, ctx->prefix_len, + ctx->label, ctx->label_len, + key, keylen); case EVP_KDF_HKDF_MODE_EXPAND_ONLY: return prov_tls13_hkdf_expand(md, ctx->key, ctx->key_len, - ctx->prefix, ctx->prefix_len, - ctx->label, ctx->label_len, - ctx->data, ctx->data_len, - key, keylen); + ctx->prefix, ctx->prefix_len, + ctx->label, ctx->label_len, + ctx->data, ctx->data_len, + key, keylen); } } @@ -740,7 +737,7 @@ static int kdf_tls1_3_set_ctx_params(void *vctx, const OSSL_PARAM params[]) OPENSSL_free(ctx->prefix); ctx->prefix = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->prefix, 0, - &ctx->prefix_len)) + &ctx->prefix_len)) return 0; } @@ -748,21 +745,21 @@ static int kdf_tls1_3_set_ctx_params(void *vctx, const OSSL_PARAM params[]) OPENSSL_free(ctx->label); ctx->label = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->label, 0, - &ctx->label_len)) + &ctx->label_len)) return 0; } OPENSSL_clear_free(ctx->data, ctx->data_len); ctx->data = NULL; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_DATA)) != NULL - && !OSSL_PARAM_get_octet_string(p, (void **)&ctx->data, 0, - &ctx->data_len)) + && !OSSL_PARAM_get_octet_string(p, (void **)&ctx->data, 0, + &ctx->data_len)) return 0; return 1; } static const OSSL_PARAM *kdf_tls1_3_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { HKDF_COMMON_SETTABLES, @@ -775,15 +772,15 @@ static const OSSL_PARAM *kdf_tls1_3_settable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_tls1_3_kdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_hkdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_hkdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_hkdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_tls1_3_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_hkdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_hkdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_hkdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_tls1_3_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_tls1_3_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_tls1_3_set_ctx_params }, + (void (*)(void))kdf_tls1_3_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_tls1_3_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_hkdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_hkdf_get_ctx_params }, + (void (*)(void))kdf_hkdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_hkdf_get_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index a542f84dfa5b..1e84f1f00d68 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -149,10 +149,10 @@ static void kbkdf_reset(void *vctx) /* SP800-108 section 5.1 or section 5.2 depending on mode. */ static int derive(EVP_MAC_CTX *ctx_init, kbkdf_mode mode, unsigned char *iv, - size_t iv_len, unsigned char *label, size_t label_len, - unsigned char *context, size_t context_len, - unsigned char *k_i, size_t h, uint32_t l, int has_separator, - unsigned char *ko, size_t ko_len) + size_t iv_len, unsigned char *label, size_t label_len, + unsigned char *context, size_t context_len, + unsigned char *k_i, size_t h, uint32_t l, int has_separator, + unsigned char *ko, size_t ko_len) { int ret = 0; EVP_MAC_CTX *ctx = NULL; @@ -210,7 +210,7 @@ done: } static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KBKDF *ctx = (KBKDF *)vctx; int ret = 0; @@ -256,8 +256,8 @@ static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen, goto done; ret = derive(ctx->ctx_init, ctx->mode, ctx->iv, ctx->iv_len, ctx->label, - ctx->label_len, ctx->context, ctx->context_len, k_i, h, l, - ctx->use_separator, key, keylen); + ctx->label_len, ctx->context, ctx->context_len, k_i, h, l, + ctx->use_separator, key, keylen); done: if (ret != 1) OPENSSL_cleanse(key, keylen); @@ -266,7 +266,7 @@ done: } static int kbkdf_set_buffer(unsigned char **out, size_t *out_len, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { if (p->data == NULL || p->data_size == 0) return 1; @@ -286,13 +286,13 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL, - NULL, NULL, libctx)) + NULL, NULL, libctx)) return 0; else if (ctx->ctx_init != NULL - && !EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init), - OSSL_MAC_NAME_HMAC) - && !EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init), - OSSL_MAC_NAME_CMAC)) { + && !EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init), + OSSL_MAC_NAME_HMAC) + && !EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init), + OSSL_MAC_NAME_CMAC)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MAC); return 0; } @@ -302,7 +302,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) && OPENSSL_strncasecmp("counter", p->data, p->data_size) == 0) { ctx->mode = COUNTER; } else if (p != NULL - && OPENSSL_strncasecmp("feedback", p->data, p->data_size) == 0) { + && OPENSSL_strncasecmp("feedback", p->data, p->data_size) == 0) { ctx->mode = FEEDBACK; } else if (p != NULL) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE); @@ -335,13 +335,13 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) /* Set up digest context, if we can. */ if (ctx->ctx_init != NULL && ctx->ki_len != 0 - && !EVP_MAC_init(ctx->ctx_init, ctx->ki, ctx->ki_len, NULL)) - return 0; + && !EVP_MAC_init(ctx->ctx_init, ctx->ki, ctx->ki_len, NULL)) + return 0; return 1; } static const OSSL_PARAM *kbkdf_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0), @@ -373,23 +373,22 @@ static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kbkdf_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { - static const OSSL_PARAM known_gettable_ctx_params[] = - { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_END }; + static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_END }; return known_gettable_ctx_params; } const OSSL_DISPATCH ossl_kdf_kbkdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kbkdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kbkdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kbkdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kbkdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kbkdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kbkdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kbkdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kbkdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kbkdf_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kbkdf_set_ctx_params }, + (void (*)(void))kbkdf_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kbkdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kbkdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kbkdf_get_ctx_params }, + (void (*)(void))kbkdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kbkdf_get_ctx_params }, { 0, NULL }, }; diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index fc7a3e600cc7..bbb976369303 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -43,9 +43,9 @@ static OSSL_FUNC_kdf_gettable_ctx_params_fn krb5kdf_gettable_ctx_params; static OSSL_FUNC_kdf_get_ctx_params_fn krb5kdf_get_ctx_params; static int KRB5KDF(const EVP_CIPHER *cipher, ENGINE *engine, - const unsigned char *key, size_t key_len, - const unsigned char *constant, size_t constant_len, - unsigned char *okey, size_t okey_len); + const unsigned char *key, size_t key_len, + const unsigned char *constant, size_t constant_len, + unsigned char *okey, size_t okey_len); typedef struct { void *provctx; @@ -94,7 +94,7 @@ static void krb5kdf_reset(void *vctx) } static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { OPENSSL_clear_free(*dst, *dst_len); *dst = NULL; @@ -103,7 +103,7 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len, } static int krb5kdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KRB5KDF_CTX *ctx = (KRB5KDF_CTX *)vctx; const EVP_CIPHER *cipher; @@ -127,8 +127,8 @@ static int krb5kdf_derive(void *vctx, unsigned char *key, size_t keylen, } engine = ossl_prov_cipher_engine(&ctx->cipher); return KRB5KDF(cipher, engine, ctx->key, ctx->key_len, - ctx->constant, ctx->constant_len, - key, keylen); + ctx->constant, ctx->constant_len, + key, keylen); } static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -156,7 +156,7 @@ static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *krb5kdf_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -187,7 +187,7 @@ static int krb5kdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *krb5kdf_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -197,18 +197,18 @@ static const OSSL_PARAM *krb5kdf_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_krb5kdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))krb5kdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))krb5kdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))krb5kdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))krb5kdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))krb5kdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))krb5kdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))krb5kdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))krb5kdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))krb5kdf_settable_ctx_params }, + (void (*)(void))krb5kdf_settable_ctx_params }, { OSSL_FUNC_KDF_SET_CTX_PARAMS, - (void(*)(void))krb5kdf_set_ctx_params }, + (void (*)(void))krb5kdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))krb5kdf_gettable_ctx_params }, + (void (*)(void))krb5kdf_gettable_ctx_params }, { OSSL_FUNC_KDF_GET_CTX_PARAMS, - (void(*)(void))krb5kdf_get_ctx_params }, + (void (*)(void))krb5kdf_get_ctx_params }, { 0, NULL } }; @@ -233,8 +233,7 @@ static int fixup_des3_key(unsigned char *key) } /* fail if keys are such that triple des degrades to single des */ - if (CRYPTO_memcmp(&key[0], &key[8], 8) == 0 || - CRYPTO_memcmp(&key[8], &key[16], 8) == 0) { + if (CRYPTO_memcmp(&key[0], &key[8], 8) == 0 || CRYPTO_memcmp(&key[8], &key[16], 8) == 0) { return 0; } @@ -263,7 +262,7 @@ static int fixup_des3_key(unsigned char *key) * finally add carry if any */ static void n_fold(unsigned char *block, unsigned int blocksize, - const unsigned char *constant, size_t constant_len) + const unsigned char *constant, size_t constant_len) { unsigned int tmp, gcd, remainder, lcm, carry; int b, l; @@ -305,9 +304,9 @@ static void n_fold(unsigned char *block, unsigned int blocksize, /* rbyte % constant_len gives us the unrotated byte in the * constant buffer, get also the previous byte then * appropriately shift them to get the rotated byte we need */ - tmp = (constant[(rbyte-1) % constant_len] << (8 - rshift) - | constant[rbyte % constant_len] >> rshift) - & 0xff; + tmp = (constant[(rbyte - 1) % constant_len] << (8 - rshift) + | constant[rbyte % constant_len] >> rshift) + & 0xff; /* add with carry to any value placed by previous passes */ tmp += carry + block[b]; block[b] = tmp & 0xff; @@ -324,8 +323,8 @@ static void n_fold(unsigned char *block, unsigned int blocksize, } static int cipher_init(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER *cipher, ENGINE *engine, - const unsigned char *key, size_t key_len) + const EVP_CIPHER *cipher, ENGINE *engine, + const unsigned char *key, size_t key_len) { int klen, ret; @@ -356,9 +355,9 @@ out: } static int KRB5KDF(const EVP_CIPHER *cipher, ENGINE *engine, - const unsigned char *key, size_t key_len, - const unsigned char *constant, size_t constant_len, - unsigned char *okey, size_t okey_len) + const unsigned char *key, size_t key_len, + const unsigned char *constant, size_t constant_len, + unsigned char *okey, size_t okey_len) { EVP_CIPHER_CTX *ctx = NULL; unsigned char block[EVP_MAX_BLOCK_LENGTH * 2]; @@ -375,9 +374,8 @@ static int KRB5KDF(const EVP_CIPHER *cipher, ENGINE *engine, #ifndef OPENSSL_NO_DES /* special case for 3des, where the caller may be requesting * the random raw key, instead of the fixed up key */ - if (EVP_CIPHER_get_nid(cipher) == NID_des_ede3_cbc && - key_len == 24 && okey_len == 21) { - des3_no_fixup = 1; + if (EVP_CIPHER_get_nid(cipher) == NID_des_ede3_cbc && key_len == 24 && okey_len == 21) { + des3_no_fixup = 1; } else { #endif ERR_raise(ERR_LIB_PROV, PROV_R_WRONG_OUTPUT_BUFFER_SIZE); @@ -412,7 +410,7 @@ static int KRB5KDF(const EVP_CIPHER *cipher, ENGINE *engine, int olen; ret = EVP_EncryptUpdate(ctx, cipherblock, &olen, - plainblock, blocksize); + plainblock, blocksize); if (!ret) goto out; cipherlen = olen; @@ -467,4 +465,3 @@ out: OPENSSL_cleanse(block, EVP_MAX_BLOCK_LENGTH * 2); return ret; } - diff --git a/providers/implementations/kdfs/pbkdf1.c b/providers/implementations/kdfs/pbkdf1.c index a3d7cf5175ae..fcc5c3cb430c 100644 --- a/providers/implementations/kdfs/pbkdf1.c +++ b/providers/implementations/kdfs/pbkdf1.c @@ -48,9 +48,9 @@ typedef struct { */ static int kdf_pbkdf1_do_derive(const unsigned char *pass, size_t passlen, - const unsigned char *salt, size_t saltlen, - uint64_t iter, const EVP_MD *md_type, - unsigned char *out, size_t n) + const unsigned char *salt, size_t saltlen, + uint64_t iter, const EVP_MD *md_type, + unsigned char *out, size_t n) { uint64_t i; int mdsize, ret = 0; @@ -137,7 +137,7 @@ static void kdf_pbkdf1_reset(void *vctx) } static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); *buffer = NULL; @@ -156,7 +156,7 @@ static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen, } static int kdf_pbkdf1_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_PBKDF1 *ctx = (KDF_PBKDF1 *)vctx; const EVP_MD *md; @@ -176,7 +176,7 @@ static int kdf_pbkdf1_derive(void *vctx, unsigned char *key, size_t keylen, md = ossl_prov_digest_md(&ctx->digest); return kdf_pbkdf1_do_derive(ctx->pass, ctx->pass_len, ctx->salt, ctx->salt_len, - ctx->iter, md, key, keylen); + ctx->iter, md, key, keylen); } static int kdf_pbkdf1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -193,7 +193,7 @@ static int kdf_pbkdf1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SALT)) != NULL) - if (!kdf_pbkdf1_set_membuf(&ctx->salt, &ctx->salt_len,p)) + if (!kdf_pbkdf1_set_membuf(&ctx->salt, &ctx->salt_len, p)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_ITER)) != NULL) @@ -203,7 +203,7 @@ static int kdf_pbkdf1_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_pbkdf1_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -226,7 +226,7 @@ static int kdf_pbkdf1_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_pbkdf1_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -236,15 +236,15 @@ static const OSSL_PARAM *kdf_pbkdf1_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_pbkdf1_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_pbkdf1_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_pbkdf1_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_pbkdf1_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_pbkdf1_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_pbkdf1_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_pbkdf1_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_pbkdf1_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_pbkdf1_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_pbkdf1_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_pbkdf1_set_ctx_params }, + (void (*)(void))kdf_pbkdf1_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_pbkdf1_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_pbkdf1_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_pbkdf1_get_ctx_params }, + (void (*)(void))kdf_pbkdf1_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_pbkdf1_get_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index 2a0ae63acc32..fb99df0540bb 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -31,10 +31,10 @@ #include "pbkdf2.h" /* Constants specified in SP800-132 */ -#define KDF_PBKDF2_MIN_KEY_LEN_BITS 112 +#define KDF_PBKDF2_MIN_KEY_LEN_BITS 112 #define KDF_PBKDF2_MAX_KEY_LEN_DIGEST_RATIO 0xFFFFFFFF #define KDF_PBKDF2_MIN_ITERATIONS 1000 -#define KDF_PBKDF2_MIN_SALT_LEN (128 / 8) +#define KDF_PBKDF2_MIN_SALT_LEN (128 / 8) static OSSL_FUNC_kdf_newctx_fn kdf_pbkdf2_new; static OSSL_FUNC_kdf_freectx_fn kdf_pbkdf2_free; @@ -45,10 +45,10 @@ static OSSL_FUNC_kdf_set_ctx_params_fn kdf_pbkdf2_set_ctx_params; static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_pbkdf2_gettable_ctx_params; static OSSL_FUNC_kdf_get_ctx_params_fn kdf_pbkdf2_get_ctx_params; -static int pbkdf2_derive(const char *pass, size_t passlen, - const unsigned char *salt, int saltlen, uint64_t iter, - const EVP_MD *digest, unsigned char *key, - size_t keylen, int extra_checks); +static int pbkdf2_derive(const char *pass, size_t passlen, + const unsigned char *salt, int saltlen, uint64_t iter, + const EVP_MD *digest, unsigned char *key, + size_t keylen, int extra_checks); typedef struct { void *provctx; @@ -114,7 +114,7 @@ static void kdf_pbkdf2_init(KDF_PBKDF2 *ctx) OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); params[0] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, - SN_sha1, 0); + SN_sha1, 0); if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) /* This is an error, but there is no way to indicate such directly */ ossl_prov_digest_reset(&ctx->digest); @@ -123,7 +123,7 @@ static void kdf_pbkdf2_init(KDF_PBKDF2 *ctx) } static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); *buffer = NULL; @@ -142,7 +142,7 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, } static int kdf_pbkdf2_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_PBKDF2 *ctx = (KDF_PBKDF2 *)vctx; const EVP_MD *md; @@ -162,8 +162,8 @@ static int kdf_pbkdf2_derive(void *vctx, unsigned char *key, size_t keylen, md = ossl_prov_digest_md(&ctx->digest); return pbkdf2_derive((char *)ctx->pass, ctx->pass_len, - ctx->salt, ctx->salt_len, ctx->iter, - md, key, keylen, ctx->lower_bound_checks); + ctx->salt, ctx->salt_len, ctx->iter, + md, key, keylen, ctx->lower_bound_checks); } static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -196,7 +196,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH); return 0; } - if (!pbkdf2_set_membuf(&ctx->salt, &ctx->salt_len,p)) + if (!pbkdf2_set_membuf(&ctx->salt, &ctx->salt_len, p)) return 0; } @@ -214,7 +214,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_pbkdf2_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -238,7 +238,7 @@ static int kdf_pbkdf2_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -248,16 +248,16 @@ static const OSSL_PARAM *kdf_pbkdf2_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_pbkdf2_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_pbkdf2_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_pbkdf2_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_pbkdf2_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_pbkdf2_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_pbkdf2_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_pbkdf2_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_pbkdf2_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_pbkdf2_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_pbkdf2_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_pbkdf2_set_ctx_params }, + (void (*)(void))kdf_pbkdf2_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_pbkdf2_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_pbkdf2_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_pbkdf2_get_ctx_params }, + (void (*)(void))kdf_pbkdf2_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_pbkdf2_get_ctx_params }, { 0, NULL } }; @@ -272,9 +272,9 @@ const OSSL_DISPATCH ossl_kdf_pbkdf2_functions[] = { * - Randomly-generated portion of the salt shall be at least 128 bits. */ static int pbkdf2_derive(const char *pass, size_t passlen, - const unsigned char *salt, int saltlen, uint64_t iter, - const EVP_MD *digest, unsigned char *key, - size_t keylen, int lower_bound_checks) + const unsigned char *salt, int saltlen, uint64_t iter, + const EVP_MD *digest, unsigned char *key, + size_t keylen, int lower_bound_checks) { int ret = 0; unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4]; @@ -337,15 +337,15 @@ static int pbkdf2_derive(const char *pass, size_t passlen, if (!HMAC_CTX_copy(hctx, hctx_tpl)) goto err; if (!HMAC_Update(hctx, salt, saltlen) - || !HMAC_Update(hctx, itmp, 4) - || !HMAC_Final(hctx, digtmp, NULL)) + || !HMAC_Update(hctx, itmp, 4) + || !HMAC_Final(hctx, digtmp, NULL)) goto err; memcpy(p, digtmp, cplen); for (j = 1; j < iter; j++) { if (!HMAC_CTX_copy(hctx, hctx_tpl)) goto err; if (!HMAC_Update(hctx, digtmp, mdlen) - || !HMAC_Final(hctx, digtmp, NULL)) + || !HMAC_Final(hctx, digtmp, NULL)) goto err; for (k = 0; k < cplen; k++) p[k] ^= digtmp[k]; diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c index 3218daa781e9..f8d5e2b73972 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c +++ b/providers/implementations/kdfs/pkcs12kdf.c @@ -46,9 +46,9 @@ typedef struct { /* PKCS12 compatible key/IV generation */ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, - const unsigned char *salt, size_t saltlen, - int id, uint64_t iter, const EVP_MD *md_type, - unsigned char *out, size_t n) + const unsigned char *salt, size_t saltlen, + int id, uint64_t iter, const EVP_MD *md_type, + unsigned char *out, size_t n) { unsigned char *B = NULL, *D = NULL, *I = NULL, *p = NULL, *Ai = NULL; size_t Slen, Plen, Ilen; @@ -126,7 +126,7 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, } } - end: +end: OPENSSL_free(Ai); OPENSSL_free(B); OPENSSL_free(D); @@ -179,7 +179,7 @@ static void kdf_pkcs12_reset(void *vctx) } static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); *buffer = NULL; @@ -198,7 +198,7 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen, } static int kdf_pkcs12_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_PKCS12 *ctx = (KDF_PKCS12 *)vctx; const EVP_MD *md; @@ -218,7 +218,7 @@ static int kdf_pkcs12_derive(void *vctx, unsigned char *key, size_t keylen, md = ossl_prov_digest_md(&ctx->digest); return pkcs12kdf_derive(ctx->pass, ctx->pass_len, ctx->salt, ctx->salt_len, - ctx->id, ctx->iter, md, key, keylen); + ctx->id, ctx->iter, md, key, keylen); } static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -238,7 +238,7 @@ static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SALT)) != NULL) - if (!pkcs12kdf_set_membuf(&ctx->salt, &ctx->salt_len,p)) + if (!pkcs12kdf_set_membuf(&ctx->salt, &ctx->salt_len, p)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PKCS12_ID)) != NULL) @@ -252,7 +252,7 @@ static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_pkcs12_settable_ctx_params( - ossl_unused void *ctx, ossl_unused void *provctx) + ossl_unused void *ctx, ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -276,7 +276,7 @@ static int kdf_pkcs12_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_pkcs12_gettable_ctx_params( - ossl_unused void *ctx, ossl_unused void *provctx) + ossl_unused void *ctx, ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -286,15 +286,15 @@ static const OSSL_PARAM *kdf_pkcs12_gettable_ctx_params( } const OSSL_DISPATCH ossl_kdf_pkcs12_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_pkcs12_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_pkcs12_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_pkcs12_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_pkcs12_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_pkcs12_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_pkcs12_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_pkcs12_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_pkcs12_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_pkcs12_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_pkcs12_set_ctx_params }, + (void (*)(void))kdf_pkcs12_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_pkcs12_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_pkcs12_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_pkcs12_get_ctx_params }, + (void (*)(void))kdf_pkcs12_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_pkcs12_get_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index 6fa4192600fd..be7ca71c8a84 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -34,10 +34,10 @@ static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_scrypt_gettable_ctx_params; static OSSL_FUNC_kdf_get_ctx_params_fn kdf_scrypt_get_ctx_params; static int scrypt_alg(const char *pass, size_t passlen, - const unsigned char *salt, size_t saltlen, - uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen, EVP_MD *sha256, - OSSL_LIB_CTX *libctx, const char *propq); + const unsigned char *salt, size_t saltlen, + uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, + unsigned char *key, size_t keylen, EVP_MD *sha256, + OSSL_LIB_CTX *libctx, const char *propq); typedef struct { OSSL_LIB_CTX *libctx; @@ -107,7 +107,7 @@ static void kdf_scrypt_init(KDF_SCRYPT *ctx) } static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { OPENSSL_clear_free(*buffer, *buflen); *buffer = NULL; @@ -151,7 +151,7 @@ static int set_property_query(KDF_SCRYPT *ctx, const char *propq) } static int kdf_scrypt_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_SCRYPT *ctx = (KDF_SCRYPT *)vctx; @@ -172,9 +172,9 @@ static int kdf_scrypt_derive(void *vctx, unsigned char *key, size_t keylen, return 0; return scrypt_alg((char *)ctx->pass, ctx->pass_len, ctx->salt, - ctx->salt_len, ctx->N, ctx->r, ctx->p, - ctx->maxmem_bytes, key, keylen, ctx->sha256, - ctx->libctx, ctx->propq); + ctx->salt_len, ctx->N, ctx->r, ctx->p, + ctx->maxmem_bytes, key, keylen, ctx->sha256, + ctx->libctx, ctx->propq); } static int is_power_of_two(uint64_t value) @@ -240,7 +240,7 @@ static int kdf_scrypt_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_scrypt_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_KDF_PARAM_PASSWORD, NULL, 0), @@ -265,7 +265,7 @@ static int kdf_scrypt_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_scrypt_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -275,20 +275,20 @@ static const OSSL_PARAM *kdf_scrypt_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_scrypt_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_scrypt_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_scrypt_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_scrypt_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_scrypt_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_scrypt_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_scrypt_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_scrypt_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_scrypt_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_scrypt_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_scrypt_set_ctx_params }, + (void (*)(void))kdf_scrypt_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_scrypt_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_scrypt_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_scrypt_get_ctx_params }, + (void (*)(void))kdf_scrypt_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_scrypt_get_ctx_params }, { 0, NULL } }; -#define R(a,b) (((a) << (b)) | ((a) >> (32 - (b)))) +#define R(a, b) (((a) << (b)) | ((a) >> (32 - (b)))) static void salsa208_word_specification(uint32_t inout[16]) { int i; @@ -351,7 +351,7 @@ static void scryptBlockMix(uint32_t *B_, uint32_t *B, uint64_t r) } static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, - uint32_t *X, uint32_t *T, uint32_t *V) + uint32_t *X, uint32_t *T, uint32_t *V) { unsigned char *pB; uint32_t *pV; @@ -389,7 +389,7 @@ static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, } #ifndef SIZE_MAX -# define SIZE_MAX ((size_t)-1) +#define SIZE_MAX ((size_t)-1) #endif /* @@ -397,7 +397,7 @@ static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, * most (all?) platforms. */ -#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) +#define LOG2_UINT64_MAX (sizeof(uint64_t) * 8 - 1) /* * Maximum value of p * r: @@ -406,13 +406,13 @@ static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, * p * r <= (2^30-1) */ -#define SCRYPT_PR_MAX ((1 << 30) - 1) +#define SCRYPT_PR_MAX ((1 << 30) - 1) static int scrypt_alg(const char *pass, size_t passlen, - const unsigned char *salt, size_t saltlen, - uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen, EVP_MD *sha256, - OSSL_LIB_CTX *libctx, const char *propq) + const unsigned char *salt, size_t saltlen, + uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, + unsigned char *key, size_t keylen, EVP_MD *sha256, + OSSL_LIB_CTX *libctx, const char *propq) { int rv = 0; unsigned char *B; @@ -497,17 +497,19 @@ static int scrypt_alg(const char *pass, size_t passlen, T = X + 32 * r; V = T + 32 * r; if (ossl_pkcs5_pbkdf2_hmac_ex(pass, passlen, salt, saltlen, 1, sha256, - (int)Blen, B, libctx, propq) == 0) + (int)Blen, B, libctx, propq) + == 0) goto err; for (i = 0; i < p; i++) scryptROMix(B + 128 * r * i, r, N, X, T, V); if (ossl_pkcs5_pbkdf2_hmac_ex(pass, passlen, B, (int)Blen, 1, sha256, - keylen, key, libctx, propq) == 0) + keylen, key, libctx, propq) + == 0) goto err; rv = 1; - err: +err: if (rv == 0) ERR_raise(ERR_LIB_EVP, EVP_R_PBKDF2_ERROR); diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index c592ba72f1e0..adad9997de45 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -33,10 +33,10 @@ static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_sshkdf_gettable_ctx_params; static OSSL_FUNC_kdf_get_ctx_params_fn kdf_sshkdf_get_ctx_params; static int SSHKDF(const EVP_MD *evp_md, - const unsigned char *key, size_t key_len, - const unsigned char *xcghash, size_t xcghash_len, - const unsigned char *session_id, size_t session_id_len, - char type, unsigned char *okey, size_t okey_len); + const unsigned char *key, size_t key_len, + const unsigned char *xcghash, size_t xcghash_len, + const unsigned char *session_id, size_t session_id_len, + char type, unsigned char *okey, size_t okey_len); typedef struct { void *provctx; @@ -88,7 +88,7 @@ static void kdf_sshkdf_reset(void *vctx) } static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { OPENSSL_clear_free(*dst, *dst_len); *dst = NULL; @@ -97,7 +97,7 @@ static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len, } static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_SSHKDF *ctx = (KDF_SSHKDF *)vctx; const EVP_MD *md; @@ -127,9 +127,9 @@ static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } return SSHKDF(md, ctx->key, ctx->key_len, - ctx->xcghash, ctx->xcghash_len, - ctx->session_id, ctx->session_id_len, - ctx->type, key, keylen); + ctx->xcghash, ctx->xcghash_len, + ctx->session_id, ctx->session_id_len, + ctx->type, key, keylen); } static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -177,7 +177,7 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -201,7 +201,7 @@ static int kdf_sshkdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -211,24 +211,24 @@ static const OSSL_PARAM *kdf_sshkdf_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_sshkdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_sshkdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_sshkdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_sshkdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_sshkdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_sshkdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_sshkdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_sshkdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_sshkdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_sshkdf_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))kdf_sshkdf_set_ctx_params }, + (void (*)(void))kdf_sshkdf_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))kdf_sshkdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_sshkdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))kdf_sshkdf_get_ctx_params }, + (void (*)(void))kdf_sshkdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))kdf_sshkdf_get_ctx_params }, { 0, NULL } }; static int SSHKDF(const EVP_MD *evp_md, - const unsigned char *key, size_t key_len, - const unsigned char *xcghash, size_t xcghash_len, - const unsigned char *session_id, size_t session_id_len, - char type, unsigned char *okey, size_t okey_len) + const unsigned char *key, size_t key_len, + const unsigned char *xcghash, size_t xcghash_len, + const unsigned char *session_id, size_t session_id_len, + char type, unsigned char *okey, size_t okey_len) { EVP_MD_CTX *md = NULL; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -299,4 +299,3 @@ out: OPENSSL_cleanse(digest, EVP_MAX_MD_SIZE); return ret; } - diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index eb54972e1c44..8b09d62995bd 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -53,8 +53,8 @@ typedef struct { void *provctx; - EVP_MAC_CTX *macctx; /* H(x) = HMAC_hash OR H(x) = KMAC */ - PROV_DIGEST digest; /* H(x) = hash(x) */ + EVP_MAC_CTX *macctx; /* H(x) = HMAC_hash OR H(x) = KMAC */ + PROV_DIGEST digest; /* H(x) = hash(x) */ unsigned char *secret; size_t secret_len; unsigned char *info; @@ -65,7 +65,7 @@ typedef struct { int is_kmac; } KDF_SSKDF; -#define SSKDF_MAX_INLEN (1<<30) +#define SSKDF_MAX_INLEN (1 << 30) #define SSKDF_KMAC128_DEFAULT_SALT_SIZE (168 - 4) #define SSKDF_KMAC256_DEFAULT_SALT_SIZE (136 - 4) @@ -92,10 +92,10 @@ static OSSL_FUNC_kdf_get_ctx_params_fn sskdf_get_ctx_params; * result[i] = Hash(z || counter || info) for X9.63. */ static int SSKDF_hash_kdm(const EVP_MD *kdf_md, - const unsigned char *z, size_t z_len, - const unsigned char *info, size_t info_len, - unsigned int append_ctr, - unsigned char *derived_key, size_t derived_key_len) + const unsigned char *z, size_t z_len, + const unsigned char *info, size_t info_len, + unsigned int append_ctr, + unsigned char *derived_key, size_t derived_key_len) { int ret = 0, hlen; size_t counter, out_len, len = derived_key_len; @@ -105,8 +105,8 @@ static int SSKDF_hash_kdm(const EVP_MD *kdf_md, EVP_MD_CTX *ctx = NULL, *ctx_init = NULL; if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN - || derived_key_len > SSKDF_MAX_INLEN - || derived_key_len == 0) + || derived_key_len > SSKDF_MAX_INLEN + || derived_key_len == 0) return 0; hlen = EVP_MD_get_size(kdf_md); @@ -157,8 +157,8 @@ end: } static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, - size_t custom_len, size_t kmac_out_len, - size_t derived_key_len, unsigned char **out) + size_t custom_len, size_t kmac_out_len, + size_t derived_key_len, unsigned char **out) { OSSL_PARAM params[2]; @@ -167,7 +167,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, return 1; params[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_CUSTOM, - (void *)custom, custom_len); + (void *)custom, custom_len); params[1] = OSSL_PARAM_construct_end(); if (!EVP_MAC_CTX_set_params(ctx, params)) @@ -178,15 +178,15 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, kmac_out_len = derived_key_len; /* otherwise check the size is valid */ else if (!(kmac_out_len == derived_key_len - || kmac_out_len == 20 - || kmac_out_len == 28 - || kmac_out_len == 32 - || kmac_out_len == 48 - || kmac_out_len == 64)) + || kmac_out_len == 20 + || kmac_out_len == 28 + || kmac_out_len == 32 + || kmac_out_len == 48 + || kmac_out_len == 64)) return 0; params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, - &kmac_out_len); + &kmac_out_len); if (EVP_MAC_CTX_set_params(ctx, params) <= 0) return 0; @@ -210,12 +210,12 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, * H(x) = KMAC#(salt, x, outbits, CustomString='KDF') */ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init, - const unsigned char *kmac_custom, - size_t kmac_custom_len, size_t kmac_out_len, - const unsigned char *salt, size_t salt_len, - const unsigned char *z, size_t z_len, - const unsigned char *info, size_t info_len, - unsigned char *derived_key, size_t derived_key_len) + const unsigned char *kmac_custom, + size_t kmac_custom_len, size_t kmac_out_len, + const unsigned char *salt, size_t salt_len, + const unsigned char *z, size_t z_len, + const unsigned char *info, size_t info_len, + unsigned char *derived_key, size_t derived_key_len) { int ret = 0; size_t counter, out_len, len; @@ -226,12 +226,12 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init, unsigned char *mac = mac_buf, *kmac_buffer = NULL; if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN - || derived_key_len > SSKDF_MAX_INLEN - || derived_key_len == 0) + || derived_key_len > SSKDF_MAX_INLEN + || derived_key_len == 0) return 0; if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len, - derived_key_len, &kmac_buffer)) + derived_key_len, &kmac_buffer)) goto end; if (kmac_buffer != NULL) mac = kmac_buffer; @@ -321,7 +321,7 @@ static void sskdf_free(void *vctx) } static int sskdf_set_buffer(unsigned char **out, size_t *out_len, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { if (p->data == NULL || p->data_size == 0) return 1; @@ -348,7 +348,7 @@ static size_t sskdf_size(KDF_SSKDF *ctx) } static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_SSKDF *ctx = (KDF_SSKDF *)vctx; const EVP_MD *md; @@ -400,10 +400,10 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen, ctx->salt_len = default_salt_len; } ret = SSKDF_mac_kdm(ctx->macctx, - custom, custom_len, ctx->out_len, - ctx->salt, ctx->salt_len, - ctx->secret, ctx->secret_len, - ctx->info, ctx->info_len, key, keylen); + custom, custom_len, ctx->out_len, + ctx->salt, ctx->salt_len, + ctx->secret, ctx->secret_len, + ctx->info, ctx->info_len, key, keylen); return ret; } else { /* H(x) = hash */ @@ -412,12 +412,12 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } return SSKDF_hash_kdm(md, ctx->secret, ctx->secret_len, - ctx->info, ctx->info_len, 0, key, keylen); + ctx->info, ctx->info_len, 0, key, keylen); } } static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_SSKDF *ctx = (KDF_SSKDF *)vctx; const EVP_MD *md; @@ -443,7 +443,7 @@ static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen, } return SSKDF_hash_kdm(md, ctx->secret, ctx->secret_len, - ctx->info, ctx->info_len, 1, key, keylen); + ctx->info, ctx->info_len, 1, key, keylen); } static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -457,19 +457,19 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; if (!ossl_prov_macctx_load_from_params(&ctx->macctx, params, - NULL, NULL, NULL, libctx)) + NULL, NULL, NULL, libctx)) return 0; - if (ctx->macctx != NULL) { + if (ctx->macctx != NULL) { if (EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->macctx), - OSSL_MAC_NAME_KMAC128) + OSSL_MAC_NAME_KMAC128) || EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->macctx), - OSSL_MAC_NAME_KMAC256)) { + OSSL_MAC_NAME_KMAC256)) { ctx->is_kmac = 1; } - } + } - if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx)) - return 0; + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx)) + return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET)) != NULL || (p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL) @@ -494,7 +494,7 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *sskdf_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SECRET, NULL, 0), @@ -521,7 +521,7 @@ static int sskdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *sskdf_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -531,29 +531,29 @@ static const OSSL_PARAM *sskdf_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_sskdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))sskdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))sskdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))sskdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))sskdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))sskdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))sskdf_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))sskdf_set_ctx_params }, + (void (*)(void))sskdf_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))sskdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))sskdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))sskdf_get_ctx_params }, + (void (*)(void))sskdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))sskdf_get_ctx_params }, { 0, NULL } }; const OSSL_DISPATCH ossl_kdf_x963_kdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))x963kdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))sskdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))sskdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))sskdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))x963kdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))sskdf_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))sskdf_set_ctx_params }, + (void (*)(void))sskdf_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))sskdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))sskdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))sskdf_get_ctx_params }, + (void (*)(void))sskdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))sskdf_get_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index a4d64b935222..991858138896 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -72,9 +72,9 @@ static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_tls1_prf_gettable_ctx_params; static OSSL_FUNC_kdf_get_ctx_params_fn kdf_tls1_prf_get_ctx_params; static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx, - const unsigned char *sec, size_t slen, - const unsigned char *seed, size_t seed_len, - unsigned char *out, size_t olen); + const unsigned char *sec, size_t slen, + const unsigned char *seed, size_t seed_len, + unsigned char *out, size_t olen); #define TLS1_PRF_MAXBUF 1024 @@ -134,7 +134,7 @@ static void kdf_tls1_prf_reset(void *vctx) } static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { TLS1_PRF *ctx = (TLS1_PRF *)vctx; @@ -159,9 +159,9 @@ static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen, } return tls1_prf_alg(ctx->P_hash, ctx->P_sha1, - ctx->sec, ctx->seclen, - ctx->seed, ctx->seedlen, - key, keylen); + ctx->sec, ctx->seclen, + ctx->seed, ctx->seedlen, + key, keylen); } static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -176,17 +176,18 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_DIGEST)) != NULL) { if (OPENSSL_strcasecmp(p->data, SN_md5_sha1) == 0) { if (!ossl_prov_macctx_load_from_params(&ctx->P_hash, params, - OSSL_MAC_NAME_HMAC, - NULL, SN_md5, libctx) + OSSL_MAC_NAME_HMAC, + NULL, SN_md5, libctx) || !ossl_prov_macctx_load_from_params(&ctx->P_sha1, params, - OSSL_MAC_NAME_HMAC, - NULL, SN_sha1, libctx)) + OSSL_MAC_NAME_HMAC, + NULL, SN_sha1, libctx)) return 0; } else { EVP_MAC_CTX_free(ctx->P_sha1); + ctx->P_sha1 = NULL; if (!ossl_prov_macctx_load_from_params(&ctx->P_hash, params, - OSSL_MAC_NAME_HMAC, - NULL, NULL, libctx)) + OSSL_MAC_NAME_HMAC, + NULL, NULL, libctx)) return 0; } } @@ -200,15 +201,15 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) /* The seed fields concatenate, so process them all */ if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SEED)) != NULL) { for (; p != NULL; p = OSSL_PARAM_locate_const(p + 1, - OSSL_KDF_PARAM_SEED)) { + OSSL_KDF_PARAM_SEED)) { const void *q = ctx->seed + ctx->seedlen; size_t sz = 0; if (p->data_size != 0 && p->data != NULL && !OSSL_PARAM_get_octet_string(p, (void **)&q, - TLS1_PRF_MAXBUF - ctx->seedlen, - &sz)) + TLS1_PRF_MAXBUF - ctx->seedlen, + &sz)) return 0; ctx->seedlen += sz; } @@ -217,7 +218,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params( - ossl_unused void *ctx, ossl_unused void *provctx) + ossl_unused void *ctx, ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -239,7 +240,7 @@ static int kdf_tls1_prf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params( - ossl_unused void *ctx, ossl_unused void *provctx) + ossl_unused void *ctx, ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -249,18 +250,18 @@ static const OSSL_PARAM *kdf_tls1_prf_gettable_ctx_params( } const OSSL_DISPATCH ossl_kdf_tls1_prf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))kdf_tls1_prf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))kdf_tls1_prf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))kdf_tls1_prf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))kdf_tls1_prf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))kdf_tls1_prf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))kdf_tls1_prf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))kdf_tls1_prf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))kdf_tls1_prf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))kdf_tls1_prf_settable_ctx_params }, + (void (*)(void))kdf_tls1_prf_settable_ctx_params }, { OSSL_FUNC_KDF_SET_CTX_PARAMS, - (void(*)(void))kdf_tls1_prf_set_ctx_params }, + (void (*)(void))kdf_tls1_prf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))kdf_tls1_prf_gettable_ctx_params }, + (void (*)(void))kdf_tls1_prf_gettable_ctx_params }, { OSSL_FUNC_KDF_GET_CTX_PARAMS, - (void(*)(void))kdf_tls1_prf_get_ctx_params }, + (void (*)(void))kdf_tls1_prf_get_ctx_params }, { 0, NULL } }; @@ -285,9 +286,9 @@ const OSSL_DISPATCH ossl_kdf_tls1_prf_functions[] = { * A(i) = HMAC_<hash>(secret, A(i-1)) */ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, - const unsigned char *sec, size_t sec_len, - const unsigned char *seed, size_t seed_len, - unsigned char *out, size_t olen) + const unsigned char *sec, size_t sec_len, + const unsigned char *seed, size_t seed_len, + unsigned char *out, size_t olen) { size_t chunk; EVP_MAC_CTX *ctx = NULL, *ctx_Ai = NULL; @@ -343,7 +344,7 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, olen -= chunk; } ret = 1; - err: +err: EVP_MAC_CTX_free(ctx); EVP_MAC_CTX_free(ctx_Ai); OPENSSL_cleanse(Ai, sizeof(Ai)); @@ -371,9 +372,9 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, * PRF(secret, label, seed) = P_<hash>(secret, label + seed) */ static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx, - const unsigned char *sec, size_t slen, - const unsigned char *seed, size_t seed_len, - unsigned char *out, size_t olen) + const unsigned char *sec, size_t slen, + const unsigned char *seed, size_t seed_len, + unsigned char *out, size_t olen) { if (sha1ctx != NULL) { /* TLS v1.0 and TLS v1.1 */ @@ -384,7 +385,7 @@ static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx, size_t L_S2 = L_S1; if (!tls1_prf_P_hash(mdctx, sec, L_S1, - seed, seed_len, out, olen)) + seed, seed_len, out, olen)) return 0; if ((tmp = OPENSSL_malloc(olen)) == NULL) { @@ -393,7 +394,7 @@ static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx, } if (!tls1_prf_P_hash(sha1ctx, sec + slen - L_S2, L_S2, - seed, seed_len, tmp, olen)) { + seed, seed_len, tmp, olen)) { OPENSSL_clear_free(tmp, olen); return 0; } diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c index b1bc6f7e1ba5..eb8f78520d0c 100644 --- a/providers/implementations/kdfs/x942kdf.c +++ b/providers/implementations/kdfs/x942kdf.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -62,19 +62,19 @@ static const struct { size_t keklen; /* size in bytes */ } kek_algs[] = { { "AES-128-WRAP", ossl_der_oid_id_aes128_wrap, DER_OID_SZ_id_aes128_wrap, - 16 }, + 16 }, { "AES-192-WRAP", ossl_der_oid_id_aes192_wrap, DER_OID_SZ_id_aes192_wrap, - 24 }, + 24 }, { "AES-256-WRAP", ossl_der_oid_id_aes256_wrap, DER_OID_SZ_id_aes256_wrap, - 32 }, + 32 }, #ifndef FIPS_MODULE { "DES3-WRAP", ossl_der_oid_id_alg_CMS3DESwrap, - DER_OID_SZ_id_alg_CMS3DESwrap, 24 }, + DER_OID_SZ_id_alg_CMS3DESwrap, 24 }, #endif }; static int find_alg_id(OSSL_LIB_CTX *libctx, const char *algname, - const char *propq, size_t *id) + const char *propq, size_t *id) { int ret = 1; size_t i; @@ -97,43 +97,42 @@ end: } static int DER_w_keyinfo(WPACKET *pkt, - const unsigned char *der_oid, size_t der_oidlen, - unsigned char **pcounter) + const unsigned char *der_oid, size_t der_oidlen, + unsigned char **pcounter) { return ossl_DER_w_begin_sequence(pkt, -1) - /* Store the initial value of 1 into the counter */ - && ossl_DER_w_octet_string_uint32(pkt, -1, 1) - /* Remember where we stored the counter in the buffer */ - && (pcounter == NULL - || (*pcounter = WPACKET_get_curr(pkt)) != NULL) - && ossl_DER_w_precompiled(pkt, -1, der_oid, der_oidlen) - && ossl_DER_w_end_sequence(pkt, -1); + /* Store the initial value of 1 into the counter */ + && ossl_DER_w_octet_string_uint32(pkt, -1, 1) + /* Remember where we stored the counter in the buffer */ + && (pcounter == NULL + || (*pcounter = WPACKET_get_curr(pkt)) != NULL) + && ossl_DER_w_precompiled(pkt, -1, der_oid, der_oidlen) + && ossl_DER_w_end_sequence(pkt, -1); } static int der_encode_sharedinfo(WPACKET *pkt, unsigned char *buf, size_t buflen, - const unsigned char *der_oid, size_t der_oidlen, - const unsigned char *acvp, size_t acvplen, - const unsigned char *partyu, size_t partyulen, - const unsigned char *partyv, size_t partyvlen, - const unsigned char *supp_pub, size_t supp_publen, - const unsigned char *supp_priv, size_t supp_privlen, - uint32_t keylen_bits, unsigned char **pcounter) + const unsigned char *der_oid, size_t der_oidlen, + const unsigned char *acvp, size_t acvplen, + const unsigned char *partyu, size_t partyulen, + const unsigned char *partyv, size_t partyvlen, + const unsigned char *supp_pub, size_t supp_publen, + const unsigned char *supp_priv, size_t supp_privlen, + uint32_t keylen_bits, unsigned char **pcounter) { - return (buf != NULL ? WPACKET_init_der(pkt, buf, buflen) : - WPACKET_init_null_der(pkt)) - && ossl_DER_w_begin_sequence(pkt, -1) - && (supp_priv == NULL - || ossl_DER_w_octet_string(pkt, 3, supp_priv, supp_privlen)) - && (supp_pub == NULL - || ossl_DER_w_octet_string(pkt, 2, supp_pub, supp_publen)) - && (keylen_bits == 0 - || ossl_DER_w_octet_string_uint32(pkt, 2, keylen_bits)) - && (partyv == NULL || ossl_DER_w_octet_string(pkt, 1, partyv, partyvlen)) - && (partyu == NULL || ossl_DER_w_octet_string(pkt, 0, partyu, partyulen)) - && (acvp == NULL || ossl_DER_w_precompiled(pkt, -1, acvp, acvplen)) - && DER_w_keyinfo(pkt, der_oid, der_oidlen, pcounter) - && ossl_DER_w_end_sequence(pkt, -1) - && WPACKET_finish(pkt); + return (buf != NULL ? WPACKET_init_der(pkt, buf, buflen) : WPACKET_init_null_der(pkt)) + && ossl_DER_w_begin_sequence(pkt, -1) + && (supp_priv == NULL + || ossl_DER_w_octet_string(pkt, 3, supp_priv, supp_privlen)) + && (supp_pub == NULL + || ossl_DER_w_octet_string(pkt, 2, supp_pub, supp_publen)) + && (keylen_bits == 0 + || ossl_DER_w_octet_string_uint32(pkt, 2, keylen_bits)) + && (partyv == NULL || ossl_DER_w_octet_string(pkt, 1, partyv, partyvlen)) + && (partyu == NULL || ossl_DER_w_octet_string(pkt, 0, partyu, partyulen)) + && (acvp == NULL || ossl_DER_w_precompiled(pkt, -1, acvp, acvplen)) + && DER_w_keyinfo(pkt, der_oid, der_oidlen, pcounter) + && ossl_DER_w_end_sequence(pkt, -1) + && WPACKET_finish(pkt); } /* @@ -169,7 +168,7 @@ static int der_encode_sharedinfo(WPACKET *pkt, unsigned char *buf, size_t buflen * |cek_oidlen| The length (in bytes) of the key wrapping algorithm oid, * |acvp| is the optional blob of DER data representing one or more of the * OtherInfo fields related to |partyu|, |partyv|, |supp_pub| and |supp_priv|. - * This field should noramlly be NULL. If |acvp| is non NULL then |partyu|, + * This field should normally be NULL. If |acvp| is non NULL then |partyu|, * |partyv|, |supp_pub| and |supp_priv| should all be NULL. * |acvp_len| is the |acvp| length (in bytes). * |partyu| is the optional public info contributed by the initiator. @@ -195,14 +194,14 @@ static int der_encode_sharedinfo(WPACKET *pkt, unsigned char *buf, size_t buflen */ static int x942_encode_otherinfo(size_t keylen, - const unsigned char *cek_oid, size_t cek_oid_len, - const unsigned char *acvp, size_t acvp_len, - const unsigned char *partyu, size_t partyu_len, - const unsigned char *partyv, size_t partyv_len, - const unsigned char *supp_pub, size_t supp_pub_len, - const unsigned char *supp_priv, size_t supp_priv_len, - unsigned char **der, size_t *der_len, - unsigned char **out_ctr) + const unsigned char *cek_oid, size_t cek_oid_len, + const unsigned char *acvp, size_t acvp_len, + const unsigned char *partyu, size_t partyu_len, + const unsigned char *partyv, size_t partyv_len, + const unsigned char *supp_pub, size_t supp_pub_len, + const unsigned char *supp_priv, size_t supp_priv_len, + unsigned char **der, size_t *der_len, + unsigned char **out_ctr) { int ret = 0; unsigned char *pcounter = NULL, *der_buf = NULL; @@ -217,10 +216,10 @@ x942_encode_otherinfo(size_t keylen, /* Calculate the size of the buffer */ if (!der_encode_sharedinfo(&pkt, NULL, 0, cek_oid, cek_oid_len, - acvp, acvp_len, - partyu, partyu_len, partyv, partyv_len, - supp_pub, supp_pub_len, supp_priv, supp_priv_len, - keylen_bits, NULL) + acvp, acvp_len, + partyu, partyu_len, partyv, partyv_len, + supp_pub, supp_pub_len, supp_priv, supp_priv_len, + keylen_bits, NULL) || !WPACKET_get_total_written(&pkt, &der_buflen)) goto err; WPACKET_cleanup(&pkt); @@ -230,14 +229,14 @@ x942_encode_otherinfo(size_t keylen, goto err; /* Encode into the buffer */ if (!der_encode_sharedinfo(&pkt, der_buf, der_buflen, cek_oid, cek_oid_len, - acvp, acvp_len, - partyu, partyu_len, partyv, partyv_len, - supp_pub, supp_pub_len, supp_priv, supp_priv_len, - keylen_bits, &pcounter)) + acvp, acvp_len, + partyu, partyu_len, partyv, partyv_len, + supp_pub, supp_pub_len, supp_priv, supp_priv_len, + keylen_bits, &pcounter)) goto err; /* * Since we allocated the exact size required, the buffer should point to the - * start of the alllocated buffer at this point. + * start of the allocated buffer at this point. */ if (WPACKET_get_curr(&pkt) != der_buf) goto err; @@ -262,10 +261,10 @@ err: } static int x942kdf_hash_kdm(const EVP_MD *kdf_md, - const unsigned char *z, size_t z_len, - const unsigned char *other, size_t other_len, - unsigned char *ctr, - unsigned char *derived_key, size_t derived_key_len) + const unsigned char *z, size_t z_len, + const unsigned char *other, size_t other_len, + unsigned char *ctr, + unsigned char *derived_key, size_t derived_key_len) { int ret = 0, hlen; size_t counter, out_len, len = derived_key_len; @@ -371,7 +370,7 @@ static void x942kdf_free(void *vctx) } static int x942kdf_set_buffer(unsigned char **out, size_t *out_len, - const OSSL_PARAM *p) + const OSSL_PARAM *p) { if (p->data_size == 0 || p->data == NULL) return 1; @@ -395,7 +394,7 @@ static size_t x942kdf_size(KDF_X942 *ctx) } static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { KDF_X942 *ctx = (KDF_X942 *)vctx; const EVP_MD *md; @@ -450,18 +449,18 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen, } /* generate the otherinfo der */ if (!x942_encode_otherinfo(ctx->use_keybits ? ctx->dkm_len : 0, - ctx->cek_oid, ctx->cek_oid_len, - ctx->acvpinfo, ctx->acvpinfo_len, - ctx->partyuinfo, ctx->partyuinfo_len, - ctx->partyvinfo, ctx->partyvinfo_len, - ctx->supp_pubinfo, ctx->supp_pubinfo_len, - ctx->supp_privinfo, ctx->supp_privinfo_len, - &der, &der_len, &ctr)) { + ctx->cek_oid, ctx->cek_oid_len, + ctx->acvpinfo, ctx->acvpinfo_len, + ctx->partyuinfo, ctx->partyuinfo_len, + ctx->partyvinfo, ctx->partyvinfo_len, + ctx->supp_pubinfo, ctx->supp_pubinfo_len, + ctx->supp_privinfo, ctx->supp_privinfo_len, + &der, &der_len, &ctr)) { ERR_raise(ERR_LIB_PROV, PROV_R_BAD_ENCODING); return 0; } ret = x942kdf_hash_kdm(md, ctx->secret, ctx->secret_len, - der, der_len, ctr, key, keylen); + der, der_len, ctr, key, keylen); OPENSSL_free(der); return ret; } @@ -539,7 +538,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *x942kdf_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0), @@ -570,7 +569,7 @@ static int x942kdf_get_ctx_params(void *vctx, OSSL_PARAM params[]) } static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), @@ -580,15 +579,15 @@ static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx, } const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { - { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))x942kdf_new }, - { OSSL_FUNC_KDF_FREECTX, (void(*)(void))x942kdf_free }, - { OSSL_FUNC_KDF_RESET, (void(*)(void))x942kdf_reset }, - { OSSL_FUNC_KDF_DERIVE, (void(*)(void))x942kdf_derive }, + { OSSL_FUNC_KDF_NEWCTX, (void (*)(void))x942kdf_new }, + { OSSL_FUNC_KDF_FREECTX, (void (*)(void))x942kdf_free }, + { OSSL_FUNC_KDF_RESET, (void (*)(void))x942kdf_reset }, + { OSSL_FUNC_KDF_DERIVE, (void (*)(void))x942kdf_derive }, { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS, - (void(*)(void))x942kdf_settable_ctx_params }, - { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))x942kdf_set_ctx_params }, + (void (*)(void))x942kdf_settable_ctx_params }, + { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void (*)(void))x942kdf_set_ctx_params }, { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS, - (void(*)(void))x942kdf_gettable_ctx_params }, - { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))x942kdf_get_ctx_params }, + (void (*)(void))x942kdf_gettable_ctx_params }, + { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void (*)(void))x942kdf_get_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c index 94c5bceea597..8383b49150c4 100644 --- a/providers/implementations/kem/rsa_kem.c +++ b/providers/implementations/kem/rsa_kem.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -43,8 +43,8 @@ static OSSL_FUNC_kem_settable_ctx_params_fn rsakem_settable_ctx_params; * Only the KEM for RSASVE as defined in SP800-56b r2 is implemented * currently. */ -#define KEM_OP_UNDEFINED -1 -#define KEM_OP_RSASVE 0 +#define KEM_OP_UNDEFINED -1 +#define KEM_OP_RSASVE 0 /* * What's passed as an actual key is defined by the KEYMGMT interface. @@ -82,7 +82,7 @@ static int rsakem_opname2id(const char *name) static void *rsakem_newctx(void *provctx) { - PROV_RSA_CTX *prsactx = OPENSSL_zalloc(sizeof(PROV_RSA_CTX)); + PROV_RSA_CTX *prsactx = OPENSSL_zalloc(sizeof(PROV_RSA_CTX)); if (prsactx == NULL) return NULL; @@ -118,7 +118,7 @@ static void *rsakem_dupctx(void *vprsactx) } static int rsakem_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[], int operation) + const OSSL_PARAM params[], int operation) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -137,13 +137,13 @@ static int rsakem_init(void *vprsactx, void *vrsa, } static int rsakem_encapsulate_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return rsakem_init(vprsactx, vrsa, params, EVP_PKEY_OP_ENCAPSULATE); } static int rsakem_decapsulate_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return rsakem_init(vprsactx, vrsa, params, EVP_PKEY_OP_DECAPSULATE); } @@ -160,7 +160,7 @@ static const OSSL_PARAM known_gettable_rsakem_ctx_params[] = { }; static const OSSL_PARAM *rsakem_gettable_ctx_params(ossl_unused void *vprsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_rsakem_ctx_params; } @@ -176,7 +176,6 @@ static int rsakem_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) if (params == NULL) return 1; - p = OSSL_PARAM_locate_const(params, OSSL_KEM_PARAM_OPERATION); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) @@ -195,7 +194,7 @@ static const OSSL_PARAM known_settable_rsakem_ctx_params[] = { }; static const OSSL_PARAM *rsakem_settable_ctx_params(ossl_unused void *vprsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_rsakem_ctx_params; } @@ -207,7 +206,7 @@ static const OSSL_PARAM *rsakem_settable_ctx_params(ossl_unused void *vprsactx, * Generate a random in the range 1 < z < (n – 1) */ static int rsasve_gen_rand_bytes(RSA *rsa_pub, - unsigned char *out, int outlen) + unsigned char *out, int outlen) { int ret = 0; BN_CTX *bnctx; @@ -227,11 +226,11 @@ static int rsasve_gen_rand_bytes(RSA *rsa_pub, nminus3 = BN_CTX_get(bnctx); z = BN_CTX_get(bnctx); ret = (z != NULL - && (BN_copy(nminus3, RSA_get0_n(rsa_pub)) != NULL) - && BN_sub_word(nminus3, 3) - && BN_priv_rand_range_ex(z, nminus3, 0, bnctx) - && BN_add_word(z, 2) - && (BN_bn2binpad(z, out, outlen) == outlen)); + && (BN_copy(nminus3, RSA_get0_n(rsa_pub)) != NULL) + && BN_sub_word(nminus3, 3) + && BN_priv_rand_range_ex(z, nminus3, 0, bnctx) + && BN_add_word(z, 2) + && (BN_bn2binpad(z, out, outlen) == outlen)); BN_CTX_end(bnctx); BN_CTX_free(bnctx); return ret; @@ -242,8 +241,8 @@ static int rsasve_gen_rand_bytes(RSA *rsa_pub, * 7.2.1.2 RSASVE Generate Operation (RSASVE.GENERATE). */ static int rsasve_generate(PROV_RSA_CTX *prsactx, - unsigned char *out, size_t *outlen, - unsigned char *secret, size_t *secretlen) + unsigned char *out, size_t *outlen, + unsigned char *secret, size_t *secretlen) { int ret; size_t nlen; @@ -268,7 +267,7 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx, /* * If outlen is specified, then it must report the length * of the out buffer on input so that we can confirm - * its size is sufficent for encapsulation + * its size is sufficient for encapsulation */ if (outlen != NULL && *outlen < nlen) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH); @@ -299,8 +298,7 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx, /** * rsasve_recover - Recovers a secret value from ciphertext using an RSA * private key. Once, recovered, the secret value is considered to be a - * shared secret. Algorithm is preformed as per - * NIST SP 800-56B Rev 2 + * shared secret. Algorithm is performed as per NIST SP 800-56B Rev 2 * 7.2.1.3 RSASVE Recovery Operation (RSASVE.RECOVER). * * This function performs RSA decryption using the private key from the @@ -318,8 +316,8 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx, * error messages are raised using the ERR_raise function. */ static int rsasve_recover(PROV_RSA_CTX *prsactx, - unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) + unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen) { size_t nlen; int ret; @@ -363,48 +361,48 @@ static int rsasve_recover(PROV_RSA_CTX *prsactx, } static int rsakem_generate(void *vprsactx, unsigned char *out, size_t *outlen, - unsigned char *secret, size_t *secretlen) + unsigned char *secret, size_t *secretlen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; switch (prsactx->op) { - case KEM_OP_RSASVE: - return rsasve_generate(prsactx, out, outlen, secret, secretlen); - default: - return -2; + case KEM_OP_RSASVE: + return rsasve_generate(prsactx, out, outlen, secret, secretlen); + default: + return -2; } } static int rsakem_recover(void *vprsactx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen) + const unsigned char *in, size_t inlen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; switch (prsactx->op) { - case KEM_OP_RSASVE: - return rsasve_recover(prsactx, out, outlen, in, inlen); - default: - return -2; + case KEM_OP_RSASVE: + return rsasve_recover(prsactx, out, outlen, in, inlen); + default: + return -2; } } const OSSL_DISPATCH ossl_rsa_asym_kem_functions[] = { { OSSL_FUNC_KEM_NEWCTX, (void (*)(void))rsakem_newctx }, { OSSL_FUNC_KEM_ENCAPSULATE_INIT, - (void (*)(void))rsakem_encapsulate_init }, + (void (*)(void))rsakem_encapsulate_init }, { OSSL_FUNC_KEM_ENCAPSULATE, (void (*)(void))rsakem_generate }, { OSSL_FUNC_KEM_DECAPSULATE_INIT, - (void (*)(void))rsakem_decapsulate_init }, + (void (*)(void))rsakem_decapsulate_init }, { OSSL_FUNC_KEM_DECAPSULATE, (void (*)(void))rsakem_recover }, { OSSL_FUNC_KEM_FREECTX, (void (*)(void))rsakem_freectx }, { OSSL_FUNC_KEM_DUPCTX, (void (*)(void))rsakem_dupctx }, { OSSL_FUNC_KEM_GET_CTX_PARAMS, - (void (*)(void))rsakem_get_ctx_params }, + (void (*)(void))rsakem_get_ctx_params }, { OSSL_FUNC_KEM_GETTABLE_CTX_PARAMS, - (void (*)(void))rsakem_gettable_ctx_params }, + (void (*)(void))rsakem_gettable_ctx_params }, { OSSL_FUNC_KEM_SET_CTX_PARAMS, - (void (*)(void))rsakem_set_ctx_params }, + (void (*)(void))rsakem_set_ctx_params }, { OSSL_FUNC_KEM_SETTABLE_CTX_PARAMS, - (void (*)(void))rsakem_settable_ctx_params }, + (void (*)(void))rsakem_settable_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index c14b9765d11b..36be25decd66 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -47,7 +47,7 @@ static OSSL_FUNC_keymgmt_export_fn dh_export; static OSSL_FUNC_keymgmt_export_types_fn dh_export_types; static OSSL_FUNC_keymgmt_dup_fn dh_dup; -#define DH_POSSIBLE_SELECTIONS \ +#define DH_POSSIBLE_SELECTIONS \ (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) struct dh_gen_ctx { @@ -202,8 +202,7 @@ static int dh_import(void *keydata, int selection, const OSSL_PARAM params[]) ok = ok && ossl_dh_params_fromdata(dh, params); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && ossl_dh_key_fromdata(dh, params, include_private); } @@ -212,7 +211,7 @@ static int dh_import(void *keydata, int selection, const OSSL_PARAM params[]) } static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, - void *cbarg) + void *cbarg) { DH *dh = keydata; OSSL_PARAM_BLD *tmpl = NULL; @@ -233,8 +232,7 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, ok = ok && ossl_dh_params_todata(dh, tmpl, NULL); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && ossl_dh_key_todata(dh, tmpl, NULL, include_private); } @@ -253,20 +251,20 @@ err: /* IMEXPORT = IMPORT + EXPORT */ -# define DH_IMEXPORTABLE_PARAMETERS \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_P, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_Q, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_G, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_COFACTOR, NULL, 0), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GINDEX, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_DH_PRIV_LEN, NULL), \ - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0) -# define DH_IMEXPORTABLE_PUBLIC_KEY \ +#define DH_IMEXPORTABLE_PARAMETERS \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_P, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_Q, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_G, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_COFACTOR, NULL, 0), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GINDEX, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_DH_PRIV_LEN, NULL), \ + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0) +#define DH_IMEXPORTABLE_PUBLIC_KEY \ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0) -# define DH_IMEXPORTABLE_PRIVATE_KEY \ +#define DH_IMEXPORTABLE_PRIVATE_KEY \ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0) static const OSSL_PARAM dh_all_types[] = { DH_IMEXPORTABLE_PARAMETERS, @@ -284,10 +282,10 @@ static const OSSL_PARAM dh_key_types[] = { OSSL_PARAM_END }; static const OSSL_PARAM *dh_types[] = { - NULL, /* Index 0 = none of them */ - dh_parameter_types, /* Index 1 = parameter types */ - dh_key_types, /* Index 2 = key types */ - dh_all_types /* Index 3 = 1 + 2 */ + NULL, /* Index 0 = none of them */ + dh_parameter_types, /* Index 1 = parameter types */ + dh_key_types, /* Index 2 = key types */ + dh_all_types /* Index 3 = 1 + 2 */ }; static const OSSL_PARAM *dh_imexport_types(int selection) @@ -329,7 +327,7 @@ static ossl_inline int dh_get_params(void *key, OSSL_PARAM params[]) if (p->data_type != OSSL_PARAM_OCTET_STRING) return 0; p->return_size = ossl_dh_key2buf(dh, (unsigned char **)&p->data, - p->data_size, 0); + p->data_size, 0); if (p->return_size == 0) return 0; } @@ -371,8 +369,8 @@ static int dh_set_params(void *key, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL - && (p->data_type != OSSL_PARAM_OCTET_STRING - || !ossl_dh_buf2key(dh, p->data, p->data_size))) + && (p->data_type != OSSL_PARAM_OCTET_STRING + || !ossl_dh_buf2key(dh, p->data, p->data_size))) return 0; return 1; @@ -403,7 +401,8 @@ static int dh_validate_private(const DH *dh) DH_get0_key(dh, NULL, &priv_key); if (priv_key == NULL) return 0; - return ossl_dh_check_priv_key(dh, priv_key, &status);; + return ossl_dh_check_priv_key(dh, priv_key, &status); + ; } static int dh_validate(const void *keydata, int selection, int checktype) @@ -436,13 +435,13 @@ static int dh_validate(const void *keydata, int selection, int checktype) ok = ok && dh_validate_private(dh); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) - == OSSL_KEYMGMT_SELECT_KEYPAIR) + == OSSL_KEYMGMT_SELECT_KEYPAIR) ok = ok && ossl_dh_check_pairwise(dh); return ok; } static void *dh_gen_init_base(void *provctx, int selection, - const OSSL_PARAM params[], int type) + const OSSL_PARAM params[], int type) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct dh_gen_ctx *gctx = NULL; @@ -450,8 +449,7 @@ static void *dh_gen_init_base(void *provctx, int selection, if (!ossl_prov_is_running()) return NULL; - if ((selection & (OSSL_KEYMGMT_SELECT_KEYPAIR - | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)) == 0) + if ((selection & (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)) == 0) return NULL; if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) { @@ -462,12 +460,12 @@ static void *dh_gen_init_base(void *provctx, int selection, gctx->mdname = NULL; #ifdef FIPS_MODULE gctx->gen_type = (type == DH_FLAG_TYPE_DHX) - ? DH_PARAMGEN_TYPE_FIPS_186_4 - : DH_PARAMGEN_TYPE_GROUP; + ? DH_PARAMGEN_TYPE_FIPS_186_4 + : DH_PARAMGEN_TYPE_GROUP; #else gctx->gen_type = (type == DH_FLAG_TYPE_DHX) - ? DH_PARAMGEN_TYPE_FIPS_186_2 - : DH_PARAMGEN_TYPE_GENERATOR; + ? DH_PARAMGEN_TYPE_FIPS_186_2 + : DH_PARAMGEN_TYPE_GENERATOR; #endif gctx->gindex = -1; gctx->hindex = 0; @@ -483,15 +481,15 @@ static void *dh_gen_init_base(void *provctx, int selection, } static void *dh_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return dh_gen_init_base(provctx, selection, params, DH_FLAG_TYPE_DH); } static void *dhx_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { - return dh_gen_init_base(provctx, selection, params, DH_FLAG_TYPE_DHX); + return dh_gen_init_base(provctx, selection, params, DH_FLAG_TYPE_DHX); } static int dh_gen_set_template(void *genctx, void *templ) @@ -506,7 +504,7 @@ static int dh_gen_set_template(void *genctx, void *templ) } static int dh_set_gen_seed(struct dh_gen_ctx *gctx, unsigned char *seed, - size_t seedlen) + size_t seedlen) { OPENSSL_clear_free(gctx->seed, gctx->seedlen); gctx->seed = NULL; @@ -533,8 +531,7 @@ static int dh_gen_common_set_params(void *genctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING - || ((gctx->gen_type = - dh_gen_type_name2id_w_default(p->data, gctx->dh_type)) == -1)) { + || ((gctx->gen_type = dh_gen_type_name2id_w_default(p->data, gctx->dh_type)) == -1)) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -546,8 +543,7 @@ static int dh_gen_common_set_params(void *genctx, const OSSL_PARAM params[]) if (p->data_type != OSSL_PARAM_UTF8_STRING || p->data == NULL || (group = ossl_ffc_name_to_dh_named_group(p->data)) == NULL - || ((gctx->group_nid = - ossl_ffc_named_group_get_uid(group)) == NID_undef)) { + || ((gctx->group_nid = ossl_ffc_named_group_get_uid(group)) == NID_undef)) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -562,7 +558,7 @@ static int dh_gen_common_set_params(void *genctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *dh_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM dh_gen_settable[] = { OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE, NULL, 0), @@ -576,7 +572,7 @@ static const OSSL_PARAM *dh_gen_settable_params(ossl_unused void *genctx, } static const OSSL_PARAM *dhx_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM dhx_gen_settable[] = { OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE, NULL, 0), @@ -617,7 +613,7 @@ static int dhx_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (p != NULL && (p->data_type != OSSL_PARAM_OCTET_STRING || !dh_set_gen_seed(gctx, p->data, p->data_size))) - return 0; + return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_QBITS)) != NULL && !OSSL_PARAM_get_size_t(p, &gctx->qbits)) return 0; @@ -669,7 +665,8 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[]) || OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_QBITS) != NULL || OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST) != NULL || OSSL_PARAM_locate_const(params, - OSSL_PKEY_PARAM_FFC_DIGEST_PROPS) != NULL) { + OSSL_PKEY_PARAM_FFC_DIGEST_PROPS) + != NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -708,7 +705,7 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) /* For parameter generation - If there is a group name just create it */ if (gctx->gen_type == DH_PARAMGEN_TYPE_GROUP - && gctx->ffc_params == NULL) { + && gctx->ffc_params == NULL) { /* Select a named group if there is not one already */ if (gctx->group_nid == NID_undef) gctx->group_nid = ossl_dh_get_named_group_uid_from_size(gctx->pbits); @@ -756,11 +753,11 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) */ if (gctx->gen_type == DH_PARAMGEN_TYPE_GENERATOR) ret = DH_generate_parameters_ex(dh, gctx->pbits, - gctx->generator, gencb); + gctx->generator, gencb); else ret = ossl_dh_generate_ffc_parameters(dh, gctx->gen_type, - gctx->pbits, gctx->qbits, - gencb); + gctx->pbits, gctx->qbits, + gencb); if (ret <= 0) goto end; } @@ -772,7 +769,7 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) if (gctx->priv_len > 0) DH_set_length(dh, (long)gctx->priv_len); ossl_ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY, - gctx->gen_type == DH_PARAMGEN_TYPE_FIPS_186_2); + gctx->gen_type == DH_PARAMGEN_TYPE_FIPS_186_2); if (DH_generate_key(dh) <= 0) goto end; } @@ -829,15 +826,15 @@ const OSSL_DISPATCH ossl_dh_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE, (void (*)(void))dh_gen_set_template }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))dh_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))dh_gen_settable_params }, + (void (*)(void))dh_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))dh_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))dh_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))dh_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dh_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dh_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dh_gettable_params }, - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))dh_set_params }, - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))dh_settable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))dh_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))dh_gettable_params }, + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))dh_set_params }, + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))dh_settable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))dh_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))dh_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))dh_validate }, @@ -861,15 +858,15 @@ const OSSL_DISPATCH ossl_dhx_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE, (void (*)(void))dh_gen_set_template }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))dhx_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))dhx_gen_settable_params }, + (void (*)(void))dhx_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))dh_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))dh_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))dh_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dh_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dh_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dh_gettable_params }, - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))dh_set_params }, - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))dh_settable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))dh_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))dh_gettable_params }, + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))dh_set_params }, + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))dh_settable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))dh_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))dh_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))dh_validate }, @@ -878,7 +875,7 @@ const OSSL_DISPATCH ossl_dhx_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))dh_export }, { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))dh_export_types }, { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, - (void (*)(void))dhx_query_operation_name }, + (void (*)(void))dhx_query_operation_name }, { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))dh_dup }, { 0, NULL } }; diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index e3c3fd6916ed..a34f6816b5c1 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -46,7 +46,7 @@ static OSSL_FUNC_keymgmt_export_types_fn dsa_export_types; static OSSL_FUNC_keymgmt_dup_fn dsa_dup; #define DSA_DEFAULT_MD "SHA256" -#define DSA_POSSIBLE_SELECTIONS \ +#define DSA_POSSIBLE_SELECTIONS \ (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) struct dsa_gen_ctx { @@ -68,13 +68,12 @@ struct dsa_gen_ctx { OSSL_CALLBACK *cb; void *cbarg; }; -typedef struct dh_name2id_st{ +typedef struct dh_name2id_st { const char *name; int id; } DSA_GENTYPE_NAME2ID; -static const DSA_GENTYPE_NAME2ID dsatype2id[]= -{ +static const DSA_GENTYPE_NAME2ID dsatype2id[] = { #ifdef FIPS_MODULE { "default", DSA_PARAMGEN_TYPE_FIPS_186_4 }, #else @@ -96,7 +95,7 @@ static int dsa_gen_type_name2id(const char *name) } static int dsa_key_todata(DSA *dsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[], - int include_private) + int include_private) { const BIGNUM *priv = NULL, *pub = NULL; @@ -203,8 +202,7 @@ static int dsa_import(void *keydata, int selection, const OSSL_PARAM params[]) ok = ok && ossl_dsa_ffc_params_fromdata(dsa, params); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && ossl_dsa_key_fromdata(dsa, params, include_private); } @@ -213,7 +211,7 @@ static int dsa_import(void *keydata, int selection, const OSSL_PARAM params[]) } static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, - void *cbarg) + void *cbarg) { DSA *dsa = keydata; OSSL_PARAM_BLD *tmpl; @@ -233,8 +231,7 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) ok = ok && ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), tmpl, NULL); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && dsa_key_todata(dsa, tmpl, NULL, include_private); } @@ -253,18 +250,18 @@ err: /* IMEXPORT = IMPORT + EXPORT */ -# define DSA_IMEXPORTABLE_PARAMETERS \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_P, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_Q, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_G, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_COFACTOR, NULL, 0), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GINDEX, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), \ - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED, NULL, 0) -# define DSA_IMEXPORTABLE_PUBLIC_KEY \ +#define DSA_IMEXPORTABLE_PARAMETERS \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_P, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_Q, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_G, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_COFACTOR, NULL, 0), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GINDEX, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), \ + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED, NULL, 0) +#define DSA_IMEXPORTABLE_PUBLIC_KEY \ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0) -# define DSA_IMEXPORTABLE_PRIVATE_KEY \ +#define DSA_IMEXPORTABLE_PRIVATE_KEY \ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0) static const OSSL_PARAM dsa_all_types[] = { DSA_IMEXPORTABLE_PARAMETERS, @@ -282,10 +279,10 @@ static const OSSL_PARAM dsa_key_types[] = { OSSL_PARAM_END }; static const OSSL_PARAM *dsa_types[] = { - NULL, /* Index 0 = none of them */ - dsa_parameter_types, /* Index 1 = parameter types */ - dsa_key_types, /* Index 2 = key types */ - dsa_all_types /* Index 3 = 1 + 2 */ + NULL, /* Index 0 = none of them */ + dsa_parameter_types, /* Index 1 = parameter types */ + dsa_key_types, /* Index 2 = key types */ + dsa_all_types /* Index 3 = 1 + 2 */ }; static const OSSL_PARAM *dsa_imexport_types(int selection) @@ -327,7 +324,7 @@ static ossl_inline int dsa_get_params(void *key, OSSL_PARAM params[]) && !OSSL_PARAM_set_utf8_string(p, DSA_DEFAULT_MD)) return 0; return ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), NULL, params) - && dsa_key_todata(dsa, NULL, params, 1); + && dsa_key_todata(dsa, NULL, params, 1); } static const OSSL_PARAM dsa_params[] = { @@ -403,7 +400,7 @@ static int dsa_validate(const void *keydata, int selection, int checktype) } static void *dsa_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct dsa_gen_ctx *gctx = NULL; @@ -444,7 +441,7 @@ static int dsa_gen_set_template(void *genctx, void *templ) } static int dsa_set_gen_seed(struct dsa_gen_ctx *gctx, unsigned char *seed, - size_t seedlen) + size_t seedlen) { OPENSSL_clear_free(gctx->seed, gctx->seedlen); gctx->seed = NULL; @@ -468,7 +465,6 @@ static int dsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (params == NULL) return 1; - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING @@ -493,7 +489,7 @@ static int dsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (p != NULL && (p->data_type != OSSL_PARAM_OCTET_STRING || !dsa_set_gen_seed(gctx, p->data, p->data_size))) - return 0; + return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_PBITS)) != NULL && !OSSL_PARAM_get_size_t(p, &gctx->pbits)) return 0; @@ -522,7 +518,7 @@ static int dsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *dsa_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE, NULL, 0), @@ -565,8 +561,7 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) return NULL; if (gctx->gen_type == DSA_PARAMGEN_TYPE_FIPS_DEFAULT) - gctx->gen_type = (gctx->pbits >= 2048 ? DSA_PARAMGEN_TYPE_FIPS_186_4 : - DSA_PARAMGEN_TYPE_FIPS_186_2); + gctx->gen_type = (gctx->pbits >= 2048 ? DSA_PARAMGEN_TYPE_FIPS_186_4 : DSA_PARAMGEN_TYPE_FIPS_186_2); gctx->cb = osslcb; gctx->cbarg = cbarg; @@ -596,13 +591,14 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) } if ((gctx->selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { - if (ossl_dsa_generate_ffc_parameters(dsa, gctx->gen_type, - gctx->pbits, gctx->qbits, - gencb) <= 0) - goto end; + if (ossl_dsa_generate_ffc_parameters(dsa, gctx->gen_type, + gctx->pbits, gctx->qbits, + gencb) + <= 0) + goto end; } ossl_ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY, - gctx->gen_type == DSA_PARAMGEN_TYPE_FIPS_186_2); + gctx->gen_type == DSA_PARAMGEN_TYPE_FIPS_186_2); if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { if (ffc->p == NULL || ffc->q == NULL @@ -661,13 +657,13 @@ const OSSL_DISPATCH ossl_dsa_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE, (void (*)(void))dsa_gen_set_template }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))dsa_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))dsa_gen_settable_params }, + (void (*)(void))dsa_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))dsa_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))dsa_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))dsa_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dsa_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dsa_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dsa_gettable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))dsa_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))dsa_gettable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))dsa_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))dsa_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))dsa_validate }, diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index a37cbbdba809..1a43eb7568d5 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -28,9 +28,9 @@ #include "internal/param_build_set.h" #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 -# include "crypto/sm2.h" -# endif +#ifndef OPENSSL_NO_SM2 +#include "crypto/sm2.h" +#endif #endif static OSSL_FUNC_keymgmt_new_fn ec_newdata; @@ -56,7 +56,7 @@ static OSSL_FUNC_keymgmt_export_types_fn ec_export_types; static OSSL_FUNC_keymgmt_query_operation_name_fn ec_query_operation_name; static OSSL_FUNC_keymgmt_dup_fn ec_dup; #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 static OSSL_FUNC_keymgmt_new_fn sm2_newdata; static OSSL_FUNC_keymgmt_gen_init_fn sm2_gen_init; static OSSL_FUNC_keymgmt_gen_fn sm2_gen; @@ -66,16 +66,15 @@ static OSSL_FUNC_keymgmt_settable_params_fn sm2_settable_params; static OSSL_FUNC_keymgmt_import_fn sm2_import; static OSSL_FUNC_keymgmt_query_operation_name_fn sm2_query_operation_name; static OSSL_FUNC_keymgmt_validate_fn sm2_validate; -# endif +#endif #endif #define EC_DEFAULT_MD "SHA256" -#define EC_POSSIBLE_SELECTIONS \ +#define EC_POSSIBLE_SELECTIONS \ (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) #define SM2_DEFAULT_MD "SM3" -static -const char *ec_query_operation_name(int operation_id) +static const char *ec_query_operation_name(int operation_id) { switch (operation_id) { case OSSL_OP_KEYEXCH: @@ -87,9 +86,8 @@ const char *ec_query_operation_name(int operation_id) } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 -static -const char *sm2_query_operation_name(int operation_id) +#ifndef OPENSSL_NO_SM2 +static const char *sm2_query_operation_name(int operation_id) { switch (operation_id) { case OSSL_OP_SIGNATURE: @@ -97,7 +95,7 @@ const char *sm2_query_operation_name(int operation_id) } return NULL; } -# endif +#endif #endif /* @@ -107,10 +105,9 @@ const char *sm2_query_operation_name(int operation_id) * This function only exports the bare keypair, domain parameters and other * parameters are exported separately. */ -static ossl_inline -int key_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[], int include_private, - unsigned char **pub_key) +static ossl_inline int key_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl, + OSSL_PARAM params[], int include_private, + unsigned char **pub_key) { BIGNUM *x = NULL, *y = NULL; const BIGNUM *priv_key = NULL; @@ -137,7 +134,6 @@ int key_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl, if (bnctx == NULL) goto err; - /* If we are doing a get then check first before decoding the point */ if (tmpl == NULL) { p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_PUB_KEY); @@ -150,11 +146,12 @@ int key_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl, point_conversion_form_t format = EC_KEY_get_conv_form(eckey); if ((pub_key_len = EC_POINT_point2buf(ecg, pub_point, - format, - pub_key, bnctx)) == 0 + format, + pub_key, bnctx)) + == 0 || !ossl_param_build_set_octet_string(tmpl, p, - OSSL_PKEY_PARAM_PUB_KEY, - *pub_key, pub_key_len)) + OSSL_PKEY_PARAM_PUB_KEY, + *pub_key, pub_key_len)) goto err; } if (px != NULL || py != NULL) { @@ -173,11 +170,11 @@ int key_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl, goto err; if (px != NULL && !ossl_param_build_set_bn(tmpl, px, - OSSL_PKEY_PARAM_EC_PUB_X, x)) + OSSL_PKEY_PARAM_EC_PUB_X, x)) goto err; if (py != NULL && !ossl_param_build_set_bn(tmpl, py, - OSSL_PKEY_PARAM_EC_PUB_Y, y)) + OSSL_PKEY_PARAM_EC_PUB_Y, y)) goto err; } } @@ -222,22 +219,21 @@ int key_to_params(const EC_KEY *eckey, OSSL_PARAM_BLD *tmpl, ecbits = EC_GROUP_order_bits(ecg); if (ecbits <= 0) goto err; - sz = (ecbits + 7 ) / 8; + sz = (ecbits + 7) / 8; if (!ossl_param_build_set_bn_pad(tmpl, params, - OSSL_PKEY_PARAM_PRIV_KEY, - priv_key, sz)) + OSSL_PKEY_PARAM_PRIV_KEY, + priv_key, sz)) goto err; } ret = 1; - err: +err: BN_CTX_free(bnctx); return ret; } -static ossl_inline -int otherparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[]) +static ossl_inline int otherparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl, + OSSL_PARAM params[]) { int ecdh_cofactor_mode = 0, group_check = 0; const char *name = NULL; @@ -250,32 +246,30 @@ int otherparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl, name = ossl_ec_pt_format_id2name((int)format); if (name != NULL && !ossl_param_build_set_utf8_string(tmpl, params, - OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, - name)) + OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, + name)) return 0; group_check = EC_KEY_get_flags(ec) & EC_FLAG_CHECK_NAMED_GROUP_MASK; name = ossl_ec_check_group_type_id2name(group_check); if (name != NULL && !ossl_param_build_set_utf8_string(tmpl, params, - OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE, - name)) + OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE, + name)) return 0; if ((EC_KEY_get_enc_flags(ec) & EC_PKEY_NO_PUBKEY) != 0 - && !ossl_param_build_set_int(tmpl, params, - OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, 0)) + && !ossl_param_build_set_int(tmpl, params, + OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, 0)) return 0; - ecdh_cofactor_mode = - (EC_KEY_get_flags(ec) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; + ecdh_cofactor_mode = (EC_KEY_get_flags(ec) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; return ossl_param_build_set_int(tmpl, params, - OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, - ecdh_cofactor_mode); + OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, + ecdh_cofactor_mode); } -static -void *ec_newdata(void *provctx) +static void *ec_newdata(void *provctx) { if (!ossl_prov_is_running()) return NULL; @@ -283,25 +277,22 @@ void *ec_newdata(void *provctx) } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 -static -void *sm2_newdata(void *provctx) +#ifndef OPENSSL_NO_SM2 +static void *sm2_newdata(void *provctx) { if (!ossl_prov_is_running()) return NULL; return EC_KEY_new_by_curve_name_ex(PROV_LIBCTX_OF(provctx), NULL, NID_sm2); } -# endif +#endif #endif -static -void ec_freedata(void *keydata) +static void ec_freedata(void *keydata) { EC_KEY_free(keydata); } -static -int ec_has(const void *keydata, int selection) +static int ec_has(const void *keydata, int selection) { const EC_KEY *ec = keydata; int ok = 1; @@ -386,9 +377,8 @@ static int common_check_sm2(const EC_KEY *ec, int sm2_wanted) return 1; } -static -int common_import(void *keydata, int selection, const OSSL_PARAM params[], - int sm2_wanted) +static int common_import(void *keydata, int selection, const OSSL_PARAM params[], + int sm2_wanted) { EC_KEY *ec = keydata; int ok = 1; @@ -418,8 +408,7 @@ int common_import(void *keydata, int selection, const OSSL_PARAM params[], return 0; if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && ossl_ec_key_fromdata(ec, params, include_private); } @@ -429,25 +418,22 @@ int common_import(void *keydata, int selection, const OSSL_PARAM params[], return ok; } -static -int ec_import(void *keydata, int selection, const OSSL_PARAM params[]) +static int ec_import(void *keydata, int selection, const OSSL_PARAM params[]) { return common_import(keydata, selection, params, 0); } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 -static -int sm2_import(void *keydata, int selection, const OSSL_PARAM params[]) +#ifndef OPENSSL_NO_SM2 +static int sm2_import(void *keydata, int selection, const OSSL_PARAM params[]) { return common_import(keydata, selection, params, 1); } -# endif +#endif #endif -static -int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, - void *cbarg) +static int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, + void *cbarg) { EC_KEY *ec = keydata; OSSL_PARAM_BLD *tmpl = NULL; @@ -475,7 +461,7 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0) return 0; if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 - && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) == 0) + && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) == 0) return 0; tmpl = OSSL_PARAM_BLD_new(); @@ -489,15 +475,11 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, goto end; } BN_CTX_start(bnctx); - ok = ok && ossl_ec_group_todata(EC_KEY_get0_group(ec), tmpl, NULL, - ossl_ec_key_get_libctx(ec), - ossl_ec_key_get0_propq(ec), - bnctx, &genbuf); + ok = ok && ossl_ec_group_todata(EC_KEY_get0_group(ec), tmpl, NULL, ossl_ec_key_get_libctx(ec), ossl_ec_key_get0_propq(ec), bnctx, &genbuf); } if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && key_to_params(ec, tmpl, NULL, include_private, &pub_key); } @@ -522,27 +504,27 @@ end: /* IMEXPORT = IMPORT + EXPORT */ -# define EC_IMEXPORTABLE_DOM_PARAMETERS \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, NULL, 0),\ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_FIELD_TYPE, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_P, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_A, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_B, NULL, 0), \ - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_GENERATOR, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_ORDER, NULL, 0), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_COFACTOR, NULL, 0), \ - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_SEED, NULL, 0), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, NULL) +#define EC_IMEXPORTABLE_DOM_PARAMETERS \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_ENCODING, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_FIELD_TYPE, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_P, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_A, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_B, NULL, 0), \ + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_GENERATOR, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_ORDER, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_COFACTOR, NULL, 0), \ + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_SEED, NULL, 0), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, NULL) -# define EC_IMEXPORTABLE_PUBLIC_KEY \ +#define EC_IMEXPORTABLE_PUBLIC_KEY \ OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0) -# define EC_IMEXPORTABLE_PRIVATE_KEY \ +#define EC_IMEXPORTABLE_PRIVATE_KEY \ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0) -# define EC_IMEXPORTABLE_OTHER_PARAMETERS \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, NULL) +#define EC_IMEXPORTABLE_OTHER_PARAMETERS \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC, NULL) /* * Include all the possible combinations of OSSL_PARAM arrays for @@ -553,8 +535,7 @@ end: */ #include "ec_kmgmt_imexport.inc" -static ossl_inline -const OSSL_PARAM *ec_imexport_types(int selection) +static ossl_inline const OSSL_PARAM *ec_imexport_types(int selection) { int type_select = 0; @@ -569,14 +550,12 @@ const OSSL_PARAM *ec_imexport_types(int selection) return ec_types[type_select]; } -static -const OSSL_PARAM *ec_import_types(int selection) +static const OSSL_PARAM *ec_import_types(int selection) { return ec_imexport_types(selection); } -static -const OSSL_PARAM *ec_export_types(int selection) +static const OSSL_PARAM *ec_export_types(int selection) { return ec_imexport_types(selection); } @@ -606,24 +585,24 @@ static int ec_get_ecm_params(const EC_GROUP *group, OSSL_PARAM params[]) m = EC_GROUP_get_degree(group); if (!ossl_param_build_set_int(NULL, params, OSSL_PKEY_PARAM_EC_CHAR2_M, m) || !ossl_param_build_set_utf8_string(NULL, params, - OSSL_PKEY_PARAM_EC_CHAR2_TYPE, - basis_name)) + OSSL_PKEY_PARAM_EC_CHAR2_TYPE, + basis_name)) goto err; if (basis_nid == NID_X9_62_tpBasis) { if (!EC_GROUP_get_trinomial_basis(group, &k1) || !ossl_param_build_set_int(NULL, params, - OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, - (int)k1)) + OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, + (int)k1)) goto err; } else { if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3) || !ossl_param_build_set_int(NULL, params, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, (int)k1) + OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, (int)k1) || !ossl_param_build_set_int(NULL, params, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, (int)k2) + OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, (int)k2) || !ossl_param_build_set_int(NULL, params, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, (int)k3)) + OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, (int)k3)) goto err; } ret = 1; @@ -632,8 +611,7 @@ err: #endif /* OPENSSL_NO_EC2M */ } -static -int common_get_params(void *key, OSSL_PARAM params[], int sm2) +static int common_get_params(void *key, OSSL_PARAM params[], int sm2) { int ret = 0; EC_KEY *eck = key; @@ -703,22 +681,22 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2) } if ((p = OSSL_PARAM_locate(params, - OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS)) - != NULL) { + OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS)) + != NULL) { int explicitparams = EC_KEY_decoded_from_explicit_params(eck); if (explicitparams < 0 - || !OSSL_PARAM_set_int(p, explicitparams)) + || !OSSL_PARAM_set_int(p, explicitparams)) goto err; } if (!sm2) { if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL - && !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD)) + && !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD)) goto err; } else { if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL - && !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD)) + && !OSSL_PARAM_set_utf8_string(p, SM2_DEFAULT_MD)) goto err; } @@ -728,15 +706,15 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2) if (p != NULL) { int ecdh_cofactor_mode = 0; - ecdh_cofactor_mode = - (EC_KEY_get_flags(eck) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; + ecdh_cofactor_mode = (EC_KEY_get_flags(eck) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0; if (!OSSL_PARAM_set_int(p, ecdh_cofactor_mode)) goto err; } } if ((p = OSSL_PARAM_locate(params, - OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) { + OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) + != NULL) { const EC_POINT *ecp = EC_KEY_get0_public_key(key); if (ecp == NULL) { @@ -744,17 +722,17 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2) goto err; } p->return_size = EC_POINT_point2oct(ecg, ecp, - POINT_CONVERSION_UNCOMPRESSED, - p->data, p->data_size, bnctx); + POINT_CONVERSION_UNCOMPRESSED, + p->data, p->data_size, bnctx); if (p->return_size == 0) goto err; } ret = ec_get_ecm_params(ecg, params) - && ossl_ec_group_todata(ecg, NULL, params, libctx, propq, bnctx, - &genbuf) - && key_to_params(eck, NULL, params, 1, &pub_key) - && otherparams_to_params(eck, NULL, params); + && ossl_ec_group_todata(ecg, NULL, params, libctx, propq, bnctx, + &genbuf) + && key_to_params(eck, NULL, params, 1, &pub_key) + && otherparams_to_params(eck, NULL, params); err: OPENSSL_free(genbuf); OPENSSL_free(pub_key); @@ -763,22 +741,21 @@ err: return ret; } -static -int ec_get_params(void *key, OSSL_PARAM params[]) +static int ec_get_params(void *key, OSSL_PARAM params[]) { return common_get_params(key, params, 0); } #ifndef OPENSSL_NO_EC2M -# define EC2M_GETTABLE_DOM_PARAMS \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_M, NULL), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_CHAR2_TYPE, NULL, 0), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, NULL), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, NULL), \ +#define EC2M_GETTABLE_DOM_PARAMS \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_M, NULL), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_CHAR2_TYPE, NULL, 0), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, NULL), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, NULL), \ OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, NULL), #else -# define EC2M_GETTABLE_DOM_PARAMS +#define EC2M_GETTABLE_DOM_PARAMS #endif static const OSSL_PARAM ec_known_gettable_params[] = { @@ -790,7 +767,7 @@ static const OSSL_PARAM ec_known_gettable_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, NULL), EC_IMEXPORTABLE_DOM_PARAMETERS, EC2M_GETTABLE_DOM_PARAMS - EC_IMEXPORTABLE_PUBLIC_KEY, + EC_IMEXPORTABLE_PUBLIC_KEY, OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0), OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_PUB_Y, NULL, 0), EC_IMEXPORTABLE_PRIVATE_KEY, @@ -798,8 +775,7 @@ static const OSSL_PARAM ec_known_gettable_params[] = { OSSL_PARAM_END }; -static -const OSSL_PARAM *ec_gettable_params(void *provctx) +static const OSSL_PARAM *ec_gettable_params(void *provctx) { return ec_known_gettable_params; } @@ -815,14 +791,12 @@ static const OSSL_PARAM ec_known_settable_params[] = { OSSL_PARAM_END }; -static -const OSSL_PARAM *ec_settable_params(void *provctx) +static const OSSL_PARAM *ec_settable_params(void *provctx) { return ec_known_settable_params; } -static -int ec_set_params(void *key, const OSSL_PARAM params[]) +static int ec_set_params(void *key, const OSSL_PARAM params[]) { EC_KEY *eck = key; const OSSL_PARAM *p; @@ -832,7 +806,6 @@ int ec_set_params(void *key, const OSSL_PARAM params[]) if (params == NULL) return 1; - if (!ossl_ec_group_set_params((EC_GROUP *)EC_KEY_get0_group(key), params)) return 0; @@ -842,8 +815,8 @@ int ec_set_params(void *key, const OSSL_PARAM params[]) int ret = 1; if (ctx == NULL - || p->data_type != OSSL_PARAM_OCTET_STRING - || !EC_KEY_oct2key(key, p->data, p->data_size, ctx)) + || p->data_type != OSSL_PARAM_OCTET_STRING + || !EC_KEY_oct2key(key, p->data, p->data_size, ctx)) ret = 0; BN_CTX_free(ctx); if (!ret) @@ -854,9 +827,8 @@ int ec_set_params(void *key, const OSSL_PARAM params[]) } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 -static -int sm2_get_params(void *key, OSSL_PARAM params[]) +#ifndef OPENSSL_NO_SM2 +static int sm2_get_params(void *key, OSSL_PARAM params[]) { return common_get_params(key, params, 1); } @@ -876,8 +848,7 @@ static const OSSL_PARAM sm2_known_gettable_params[] = { OSSL_PARAM_END }; -static -const OSSL_PARAM *sm2_gettable_params(ossl_unused void *provctx) +static const OSSL_PARAM *sm2_gettable_params(ossl_unused void *provctx) { return sm2_known_gettable_params; } @@ -887,14 +858,12 @@ static const OSSL_PARAM sm2_known_settable_params[] = { OSSL_PARAM_END }; -static -const OSSL_PARAM *sm2_settable_params(ossl_unused void *provctx) +static const OSSL_PARAM *sm2_settable_params(ossl_unused void *provctx) { return sm2_known_settable_params; } -static -int sm2_validate(const void *keydata, int selection, int checktype) +static int sm2_validate(const void *keydata, int selection, int checktype) { const EC_KEY *eck = keydata; int ok = 1; @@ -907,7 +876,7 @@ int sm2_validate(const void *keydata, int selection, int checktype) return 1; /* nothing to validate */ ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eck)); - if (ctx == NULL) + if (ctx == NULL) return 0; if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) @@ -929,11 +898,10 @@ int sm2_validate(const void *keydata, int selection, int checktype) BN_CTX_free(ctx); return ok; } -# endif +#endif #endif -static -int ec_validate(const void *keydata, int selection, int checktype) +static int ec_validate(const void *keydata, int selection, int checktype) { const EC_KEY *eck = keydata; int ok = 1; @@ -946,15 +914,14 @@ int ec_validate(const void *keydata, int selection, int checktype) return 1; /* nothing to validate */ ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(eck)); - if (ctx == NULL) + if (ctx == NULL) return 0; if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { int flags = EC_KEY_get_flags(eck); if ((flags & EC_FLAG_CHECK_NAMED_GROUP) != 0) - ok = ok && EC_GROUP_check_named_curve(EC_KEY_get0_group(eck), - (flags & EC_FLAG_CHECK_NAMED_GROUP_NIST) != 0, ctx) > 0; + ok = ok && EC_GROUP_check_named_curve(EC_KEY_get0_group(eck), (flags & EC_FLAG_CHECK_NAMED_GROUP_NIST) != 0, ctx) > 0; else ok = ok && EC_GROUP_check(EC_KEY_get0_group(eck), ctx); } @@ -992,7 +959,7 @@ struct ec_gen_ctx { }; static void *ec_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct ec_gen_ctx *gctx = NULL; @@ -1013,9 +980,9 @@ static void *ec_gen_init(void *provctx, int selection, } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 static void *sm2_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { struct ec_gen_ctx *gctx = ec_gen_init(provctx, selection, params); @@ -1029,7 +996,7 @@ static void *sm2_gen_init(void *provctx, int selection, } return NULL; } -# endif +#endif #endif static int ec_gen_set_group(void *genctx, const EC_GROUP *src) @@ -1060,42 +1027,42 @@ static int ec_gen_set_template(void *genctx, void *templ) return ec_gen_set_group(gctx, ec_group); } -#define COPY_INT_PARAM(params, key, val) \ -p = OSSL_PARAM_locate_const(params, key); \ -if (p != NULL && !OSSL_PARAM_get_int(p, &val)) \ - goto err; +#define COPY_INT_PARAM(params, key, val) \ + p = OSSL_PARAM_locate_const(params, key); \ + if (p != NULL && !OSSL_PARAM_get_int(p, &val)) \ + goto err; -#define COPY_UTF8_PARAM(params, key, val) \ -p = OSSL_PARAM_locate_const(params, key); \ -if (p != NULL) { \ - if (p->data_type != OSSL_PARAM_UTF8_STRING) \ - goto err; \ - OPENSSL_free(val); \ - val = OPENSSL_strdup(p->data); \ - if (val == NULL) \ - goto err; \ -} +#define COPY_UTF8_PARAM(params, key, val) \ + p = OSSL_PARAM_locate_const(params, key); \ + if (p != NULL) { \ + if (p->data_type != OSSL_PARAM_UTF8_STRING) \ + goto err; \ + OPENSSL_free(val); \ + val = OPENSSL_strdup(p->data); \ + if (val == NULL) \ + goto err; \ + } -#define COPY_OCTET_PARAM(params, key, val, len) \ -p = OSSL_PARAM_locate_const(params, key); \ -if (p != NULL) { \ - if (p->data_type != OSSL_PARAM_OCTET_STRING) \ - goto err; \ - OPENSSL_free(val); \ - len = p->data_size; \ - val = OPENSSL_memdup(p->data, p->data_size); \ - if (val == NULL) \ - goto err; \ -} +#define COPY_OCTET_PARAM(params, key, val, len) \ + p = OSSL_PARAM_locate_const(params, key); \ + if (p != NULL) { \ + if (p->data_type != OSSL_PARAM_OCTET_STRING) \ + goto err; \ + OPENSSL_free(val); \ + len = p->data_size; \ + val = OPENSSL_memdup(p->data, p->data_size); \ + if (val == NULL) \ + goto err; \ + } -#define COPY_BN_PARAM(params, key, bn) \ -p = OSSL_PARAM_locate_const(params, key); \ -if (p != NULL) { \ - if (bn == NULL) \ - bn = BN_new(); \ - if (bn == NULL || !OSSL_PARAM_get_BN(p, &bn)) \ - goto err; \ -} +#define COPY_BN_PARAM(params, key, bn) \ + p = OSSL_PARAM_locate_const(params, key); \ + if (p != NULL) { \ + if (bn == NULL) \ + bn = BN_new(); \ + if (bn == NULL || !OSSL_PARAM_get_BN(p, &bn)) \ + goto err; \ + } static int ec_gen_set_params(void *genctx, const OSSL_PARAM params[]) { @@ -1120,7 +1087,7 @@ static int ec_gen_set_params(void *genctx, const OSSL_PARAM params[]) COPY_OCTET_PARAM(params, OSSL_PKEY_PARAM_EC_SEED, gctx->seed, gctx->seed_len); COPY_OCTET_PARAM(params, OSSL_PKEY_PARAM_EC_GENERATOR, gctx->gen, - gctx->gen_len); + gctx->gen_len); ret = 1; err: @@ -1141,24 +1108,24 @@ static int ec_gen_set_group_from_params(struct ec_gen_ctx *gctx) if (gctx->encoding != NULL && !OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_ENCODING, - gctx->encoding, 0)) + gctx->encoding, 0)) goto err; if (gctx->pt_format != NULL && !OSSL_PARAM_BLD_push_utf8_string(bld, - OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, - gctx->pt_format, 0)) + OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, + gctx->pt_format, 0)) goto err; if (gctx->group_name != NULL) { if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME, - gctx->group_name, 0)) + gctx->group_name, 0)) goto err; /* Ignore any other parameters if there is a group name */ goto build; } else if (gctx->field_type != NULL) { if (!OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_FIELD_TYPE, - gctx->field_type, 0)) + gctx->field_type, 0)) goto err; } else { goto err; @@ -1175,17 +1142,17 @@ static int ec_gen_set_group_from_params(struct ec_gen_ctx *gctx) if (gctx->cofactor != NULL && !OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR, - gctx->cofactor)) + gctx->cofactor)) goto err; if (gctx->seed != NULL && !OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_EC_SEED, - gctx->seed, gctx->seed_len)) + gctx->seed, gctx->seed_len)) goto err; if (gctx->gen == NULL || !OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_EC_GENERATOR, - gctx->gen, gctx->gen_len)) + gctx->gen, gctx->gen_len)) goto err; build: params = OSSL_PARAM_BLD_to_param(bld); @@ -1206,7 +1173,7 @@ err: } static const OSSL_PARAM *ec_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0), @@ -1291,7 +1258,7 @@ err: } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 /* * The callback arguments (osslcb & cbarg) are not used by EC_KEY generation */ @@ -1339,7 +1306,7 @@ err: EC_KEY_free(ec); return NULL; } -# endif +#endif #endif static void ec_gen_cleanup(void *genctx) @@ -1365,7 +1332,7 @@ static void ec_gen_cleanup(void *genctx) } static void *common_load(const void *reference, size_t reference_sz, - int sm2_wanted) + int sm2_wanted) { EC_KEY *ec = NULL; @@ -1389,12 +1356,12 @@ static void *ec_load(const void *reference, size_t reference_sz) } #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 static void *sm2_load(const void *reference, size_t reference_sz) { return common_load(reference, reference_sz, 1); } -# endif +#endif #endif static void *ec_dup(const void *keydata_from, int selection) @@ -1408,18 +1375,18 @@ const OSSL_DISPATCH ossl_ec_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))ec_newdata }, { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))ec_gen_init }, { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE, - (void (*)(void))ec_gen_set_template }, + (void (*)(void))ec_gen_set_template }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))ec_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))ec_gen_settable_params }, + (void (*)(void))ec_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))ec_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ec_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))ec_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ec_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))ec_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))ec_gettable_params }, - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))ec_set_params }, - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))ec_settable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))ec_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))ec_gettable_params }, + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))ec_set_params }, + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))ec_settable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ec_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))ec_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))ec_validate }, @@ -1428,29 +1395,29 @@ const OSSL_DISPATCH ossl_ec_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))ec_export }, { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))ec_export_types }, { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, - (void (*)(void))ec_query_operation_name }, + (void (*)(void))ec_query_operation_name }, { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))ec_dup }, { 0, NULL } }; #ifndef FIPS_MODULE -# ifndef OPENSSL_NO_SM2 +#ifndef OPENSSL_NO_SM2 const OSSL_DISPATCH ossl_sm2_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))sm2_newdata }, { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))sm2_gen_init }, { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE, - (void (*)(void))ec_gen_set_template }, + (void (*)(void))ec_gen_set_template }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))ec_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))ec_gen_settable_params }, + (void (*)(void))ec_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))sm2_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ec_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))sm2_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ec_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))sm2_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))sm2_gettable_params }, - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))ec_set_params }, - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))sm2_settable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))sm2_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))sm2_gettable_params }, + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))ec_set_params }, + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))sm2_settable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ec_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))ec_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))sm2_validate }, @@ -1459,9 +1426,9 @@ const OSSL_DISPATCH ossl_sm2_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))ec_export }, { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))ec_export_types }, { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, - (void (*)(void))sm2_query_operation_name }, + (void (*)(void))sm2_query_operation_name }, { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))ec_dup }, { 0, NULL } }; -# endif +#endif #endif diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index d5dd01a314a2..0303aa456b5c 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -23,8 +23,8 @@ #include "prov/providercommon.h" #include "prov/provider_ctx.h" #ifdef S390X_EC_ASM -# include "s390x_arch.h" -# include <openssl/sha.h> /* For SHA512_DIGEST_LENGTH */ +#include "s390x_arch.h" +#include <openssl/sha.h> /* For SHA512_DIGEST_LENGTH */ #endif static OSSL_FUNC_keymgmt_new_fn x25519_new_key; @@ -92,7 +92,7 @@ static void *x25519_new_key(void *provctx) if (!ossl_prov_is_running()) return 0; return ossl_ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_X25519, 0, - NULL); + NULL); } static void *x448_new_key(void *provctx) @@ -100,7 +100,7 @@ static void *x448_new_key(void *provctx) if (!ossl_prov_is_running()) return 0; return ossl_ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_X448, 0, - NULL); + NULL); } static void *ed25519_new_key(void *provctx) @@ -108,7 +108,7 @@ static void *ed25519_new_key(void *provctx) if (!ossl_prov_is_running()) return 0; return ossl_ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_ED25519, 0, - NULL); + NULL); } static void *ed448_new_key(void *provctx) @@ -116,7 +116,7 @@ static void *ed448_new_key(void *provctx) if (!ossl_prov_is_running()) return 0; return ossl_ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_ED448, 0, - NULL); + NULL); } static int ecx_has(const void *keydata, int selection) @@ -207,28 +207,28 @@ static int ecx_import(void *keydata, int selection, const OSSL_PARAM params[]) } static int key_to_params(ECX_KEY *key, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[], int include_private) + OSSL_PARAM params[], int include_private) { if (key == NULL) return 0; if (!ossl_param_build_set_octet_string(tmpl, params, - OSSL_PKEY_PARAM_PUB_KEY, - key->pubkey, key->keylen)) + OSSL_PKEY_PARAM_PUB_KEY, + key->pubkey, key->keylen)) return 0; if (include_private && key->privkey != NULL && !ossl_param_build_set_octet_string(tmpl, params, - OSSL_PKEY_PARAM_PRIV_KEY, - key->privkey, key->keylen)) + OSSL_PKEY_PARAM_PRIV_KEY, + key->privkey, key->keylen)) return 0; return 1; } static int ecx_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, - void *cbarg) + void *cbarg) { ECX_KEY *key = keydata; OSSL_PARAM_BLD *tmpl; @@ -263,9 +263,9 @@ err: return ret; } -#define ECX_KEY_TYPES() \ -OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0), \ -OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0) +#define ECX_KEY_TYPES() \ + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0), \ + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0) static const OSSL_PARAM ecx_key_types[] = { ECX_KEY_TYPES(), @@ -279,7 +279,7 @@ static const OSSL_PARAM *ecx_imexport_types(int selection) } static int ecx_get_params(void *key, OSSL_PARAM params[], int bits, int secbits, - int size) + int size) { ECX_KEY *ecx = key; OSSL_PARAM *p; @@ -294,8 +294,8 @@ static int ecx_get_params(void *key, OSSL_PARAM params[], int bits, int secbits, && !OSSL_PARAM_set_int(p, size)) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL - && (ecx->type == ECX_KEY_TYPE_X25519 - || ecx->type == ECX_KEY_TYPE_X448)) { + && (ecx->type == ECX_KEY_TYPE_X25519 + || ecx->type == ECX_KEY_TYPE_X448)) { if (!OSSL_PARAM_set_octet_string(p, ecx->pubkey, ecx->keylen)) return 0; } @@ -308,7 +308,8 @@ static int ed_get_params(void *key, OSSL_PARAM params[]) OSSL_PARAM *p; if ((p = OSSL_PARAM_locate(params, - OSSL_PKEY_PARAM_MANDATORY_DIGEST)) != NULL + OSSL_PKEY_PARAM_MANDATORY_DIGEST)) + != NULL && !OSSL_PARAM_set_utf8_string(p, "")) return 0; return 1; @@ -317,26 +318,26 @@ static int ed_get_params(void *key, OSSL_PARAM params[]) static int x25519_get_params(void *key, OSSL_PARAM params[]) { return ecx_get_params(key, params, X25519_BITS, X25519_SECURITY_BITS, - X25519_KEYLEN); + X25519_KEYLEN); } static int x448_get_params(void *key, OSSL_PARAM params[]) { return ecx_get_params(key, params, X448_BITS, X448_SECURITY_BITS, - X448_KEYLEN); + X448_KEYLEN); } static int ed25519_get_params(void *key, OSSL_PARAM params[]) { return ecx_get_params(key, params, ED25519_BITS, ED25519_SECURITY_BITS, - ED25519_SIGSIZE) + ED25519_SIGSIZE) && ed_get_params(key, params); } static int ed448_get_params(void *key, OSSL_PARAM params[]) { return ecx_get_params(key, params, ED448_BITS, ED448_SECURITY_BITS, - ED448_SIGSIZE) + ED448_SIGSIZE) && ed_get_params(key, params); } @@ -405,8 +406,8 @@ static int ecx_set_params(void *key, const OSSL_PARAM params[]) void *buf = ecxkey->pubkey; if (p->data_size != ecxkey->keylen - || !OSSL_PARAM_get_octet_string(p, &buf, sizeof(ecxkey->pubkey), - NULL)) + || !OSSL_PARAM_get_octet_string(p, &buf, sizeof(ecxkey->pubkey), + NULL)) return 0; OPENSSL_clear_free(ecxkey->privkey, ecxkey->keylen); ecxkey->privkey = NULL; @@ -473,7 +474,7 @@ static const OSSL_PARAM *ed448_settable_params(void *provctx) } static void *ecx_gen_init(void *provctx, int selection, - const OSSL_PARAM params[], ECX_KEY_TYPE type) + const OSSL_PARAM params[], ECX_KEY_TYPE type) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct ecx_gen_ctx *gctx = NULL; @@ -496,25 +497,25 @@ static void *ecx_gen_init(void *provctx, int selection, } static void *x25519_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_X25519); } static void *x448_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_X448); } static void *ed25519_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_ED25519); } static void *ed448_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return ecx_gen_init(provctx, selection, params, ECX_KEY_TYPE_ED448); } @@ -537,19 +538,19 @@ static int ecx_gen_set_params(void *genctx, const OSSL_PARAM params[]) * expected. */ switch (gctx->type) { - case ECX_KEY_TYPE_X25519: - groupname = "x25519"; - break; - case ECX_KEY_TYPE_X448: - groupname = "x448"; - break; - default: - /* We only support this for key exchange at the moment */ - break; + case ECX_KEY_TYPE_X25519: + groupname = "x25519"; + break; + case ECX_KEY_TYPE_X448: + groupname = "x448"; + break; + default: + /* We only support this for key exchange at the moment */ + break; } if (p->data_type != OSSL_PARAM_UTF8_STRING - || groupname == NULL - || OPENSSL_strcasecmp(p->data, groupname) != 0) { + || groupname == NULL + || OPENSSL_strcasecmp(p->data, groupname) != 0) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -568,7 +569,7 @@ static int ecx_gen_set_params(void *genctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *ecx_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0), @@ -586,7 +587,8 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx) if (gctx == NULL) return NULL; if ((key = ossl_ecx_key_new(gctx->libctx, gctx->type, 0, - gctx->propq)) == NULL) { + gctx->propq)) + == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } @@ -615,12 +617,12 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx) break; case ECX_KEY_TYPE_ED25519: if (!ossl_ed25519_public_from_private(gctx->libctx, key->pubkey, privkey, - gctx->propq)) + gctx->propq)) goto err; break; case ECX_KEY_TYPE_ED448: if (!ossl_ed448_public_from_private(gctx->libctx, key->pubkey, privkey, - gctx->propq)) + gctx->propq)) goto err; break; } @@ -737,12 +739,12 @@ static int ecx_key_pairwise_check(const ECX_KEY *ecx, int type) break; case ECX_KEY_TYPE_ED25519: if (!ossl_ed25519_public_from_private(ecx->libctx, pub, ecx->privkey, - ecx->propq)) + ecx->propq)) return 0; break; case ECX_KEY_TYPE_ED448: if (!ossl_ed448_public_from_private(ecx->libctx, pub, ecx->privkey, - ecx->propq)) + ecx->propq)) return 0; break; default: @@ -799,30 +801,30 @@ static int ed448_validate(const void *keydata, int selection, int checktype) return ecx_validate(keydata, selection, ECX_KEY_TYPE_ED448, ED448_KEYLEN); } -#define MAKE_KEYMGMT_FUNCTIONS(alg) \ - const OSSL_DISPATCH ossl_##alg##_keymgmt_functions[] = { \ - { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))alg##_new_key }, \ - { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ossl_ecx_key_free }, \ - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))alg##_get_params }, \ - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))alg##_gettable_params }, \ - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))alg##_set_params }, \ - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))alg##_settable_params }, \ - { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ecx_has }, \ - { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))ecx_match }, \ - { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))alg##_validate }, \ - { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))ecx_import }, \ - { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))ecx_imexport_types }, \ - { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))ecx_export }, \ - { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))ecx_imexport_types }, \ - { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))alg##_gen_init }, \ - { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))ecx_gen_set_params }, \ - { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, \ - (void (*)(void))ecx_gen_settable_params }, \ - { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))alg##_gen }, \ - { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ecx_gen_cleanup }, \ - { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))ecx_load }, \ - { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))ecx_dup }, \ - { 0, NULL } \ +#define MAKE_KEYMGMT_FUNCTIONS(alg) \ + const OSSL_DISPATCH ossl_##alg##_keymgmt_functions[] = { \ + { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))alg##_new_key }, \ + { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))ossl_ecx_key_free }, \ + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))alg##_get_params }, \ + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))alg##_gettable_params }, \ + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))alg##_set_params }, \ + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))alg##_settable_params }, \ + { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))ecx_has }, \ + { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))ecx_match }, \ + { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))alg##_validate }, \ + { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))ecx_import }, \ + { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))ecx_imexport_types }, \ + { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))ecx_export }, \ + { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))ecx_imexport_types }, \ + { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))alg##_gen_init }, \ + { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))ecx_gen_set_params }, \ + { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, \ + (void (*)(void))ecx_gen_settable_params }, \ + { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))alg##_gen }, \ + { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))ecx_gen_cleanup }, \ + { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))ecx_load }, \ + { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))ecx_dup }, \ + { 0, NULL } \ }; MAKE_KEYMGMT_FUNCTIONS(x25519) @@ -831,7 +833,7 @@ MAKE_KEYMGMT_FUNCTIONS(ed25519) MAKE_KEYMGMT_FUNCTIONS(ed448) #ifdef S390X_EC_ASM -# include "s390x_arch.h" +#include "s390x_arch.h" static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) { @@ -841,7 +843,7 @@ static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; ECX_KEY *key = ossl_ecx_key_new(gctx->libctx, ECX_KEY_TYPE_X25519, 1, - gctx->propq); + gctx->propq); unsigned char *privkey = NULL, *pubkey; if (key == NULL) { @@ -872,7 +874,7 @@ static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) goto err; key->haspubkey = 1; return key; - err: +err: ossl_ecx_key_free(key); return NULL; } @@ -887,7 +889,7 @@ static void *s390x_ecx_keygen448(struct ecx_gen_ctx *gctx) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; ECX_KEY *key = ossl_ecx_key_new(gctx->libctx, ECX_KEY_TYPE_X448, 1, - gctx->propq); + gctx->propq); unsigned char *privkey = NULL, *pubkey; if (key == NULL) { @@ -917,7 +919,7 @@ static void *s390x_ecx_keygen448(struct ecx_gen_ctx *gctx) goto err; key->haspubkey = 1; return key; - err: +err: ossl_ecx_key_free(key); return NULL; } @@ -930,13 +932,42 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx) 0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21 }; static const unsigned char generator_y[] = { - 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, - 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, + 0x58, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, + 0x66, }; unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH]; ECX_KEY *key = ossl_ecx_key_new(gctx->libctx, ECX_KEY_TYPE_ED25519, 1, - gctx->propq); + gctx->propq); unsigned char *privkey = NULL, *pubkey; unsigned int sz; EVP_MD *sha = NULL; @@ -975,13 +1006,14 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx) buff[31] |= 64; if (s390x_ed25519_mul(x_dst, pubkey, - generator_x, generator_y, buff) != 1) + generator_x, generator_y, buff) + != 1) goto err; pubkey[31] |= ((x_dst[0] & 0x01) << 7); key->haspubkey = 1; return key; - err: +err: ossl_ecx_key_free(key); return NULL; } @@ -1004,7 +1036,7 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) }; unsigned char x_dst[57], buff[114]; ECX_KEY *key = ossl_ecx_key_new(gctx->libctx, ECX_KEY_TYPE_ED448, 1, - gctx->propq); + gctx->propq); unsigned char *privkey = NULL, *pubkey; EVP_MD_CTX *hashctx = NULL; EVP_MD *shake = NULL; @@ -1047,7 +1079,8 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) buff[56] = 0; if (s390x_ed448_mul(x_dst, pubkey, - generator_x, generator_y, buff) != 1) + generator_x, generator_y, buff) + != 1) goto err; pubkey[56] |= ((x_dst[0] & 0x01) << 7); @@ -1055,7 +1088,7 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) EVP_MD_free(shake); key->haspubkey = 1; return key; - err: +err: ossl_ecx_key_free(key); EVP_MD_CTX_free(hashctx); EVP_MD_free(shake); diff --git a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c index 0b301c333b09..681787e20411 100644 --- a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -69,7 +69,7 @@ int ossl_kdf_data_up_ref(KDF_DATA *kdfdata) /* This is effectively doing a new operation on the KDF_DATA and should be * adequately guarded again modules' error states. However, both current - * calls here are guarded propery in exchange/kdf_exch.c. Thus, it + * calls here are guarded properly in exchange/kdf_exch.c. Thus, it * could be removed here. The concern is that something in the future * might call this function without adequate guards. It's a cheap call, * it seems best to leave it even though it is currently redundant. diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 0b8cf9252c4b..900f998f6cc1 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -19,7 +19,7 @@ #include <openssl/proverr.h> #include <openssl/param_build.h> #ifndef FIPS_MODULE -# include <openssl/engine.h> +#include <openssl/engine.h> #endif #include "internal/param_build_set.h" #include "prov/implementations.h" @@ -108,7 +108,7 @@ int ossl_mac_key_up_ref(MAC_KEY *mackey) /* This is effectively doing a new operation on the MAC_KEY and should be * adequately guarded again modules' error states. However, both current - * calls here are guarded propery in signature/mac_legacy.c. Thus, it + * calls here are guarded properly in signature/mac_legacy.c. Thus, it * could be removed here. The concern is that something in the future * might call this function without adequate guards. It's a cheap call, * it seems best to leave it even though it is currently redundant. @@ -165,18 +165,16 @@ static int mac_match(const void *keydata1, const void *keydata2, int selection) if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { if ((key1->priv_key == NULL && key2->priv_key != NULL) - || (key1->priv_key != NULL && key2->priv_key == NULL) - || key1->priv_key_len != key2->priv_key_len - || (key1->cipher.cipher == NULL && key2->cipher.cipher != NULL) - || (key1->cipher.cipher != NULL && key2->cipher.cipher == NULL)) + || (key1->priv_key != NULL && key2->priv_key == NULL) + || key1->priv_key_len != key2->priv_key_len + || (key1->cipher.cipher == NULL && key2->cipher.cipher != NULL) + || (key1->cipher.cipher != NULL && key2->cipher.cipher == NULL)) ok = 0; else ok = ok && (key1->priv_key == NULL /* implies key2->privkey == NULL */ - || CRYPTO_memcmp(key1->priv_key, key2->priv_key, - key1->priv_key_len) == 0); + || CRYPTO_memcmp(key1->priv_key, key2->priv_key, key1->priv_key_len) == 0); if (key1->cipher.cipher != NULL) - ok = ok && EVP_CIPHER_is_a(key1->cipher.cipher, - EVP_CIPHER_get0_name(key2->cipher.cipher)); + ok = ok && EVP_CIPHER_is_a(key1->cipher.cipher, EVP_CIPHER_get0_name(key2->cipher.cipher)); } return ok; } @@ -216,8 +214,7 @@ static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[]) } } - if (key->cmac && !ossl_prov_cipher_load_from_params(&key->cipher, params, - key->libctx)) { + if (key->cmac && !ossl_prov_cipher_load_from_params(&key->cipher, params, key->libctx)) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -242,28 +239,28 @@ static int mac_import(void *keydata, int selection, const OSSL_PARAM params[]) } static int key_to_params(MAC_KEY *key, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[]) + OSSL_PARAM params[]) { if (key == NULL) return 0; if (key->priv_key != NULL && !ossl_param_build_set_octet_string(tmpl, params, - OSSL_PKEY_PARAM_PRIV_KEY, - key->priv_key, key->priv_key_len)) + OSSL_PKEY_PARAM_PRIV_KEY, + key->priv_key, key->priv_key_len)) return 0; if (key->cipher.cipher != NULL && !ossl_param_build_set_utf8_string(tmpl, params, - OSSL_PKEY_PARAM_CIPHER, - EVP_CIPHER_get0_name(key->cipher.cipher))) + OSSL_PKEY_PARAM_CIPHER, + EVP_CIPHER_get0_name(key->cipher.cipher))) return 0; #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) if (key->cipher.engine != NULL && !ossl_param_build_set_utf8_string(tmpl, params, - OSSL_PKEY_PARAM_ENGINE, - ENGINE_get_id(key->cipher.engine))) + OSSL_PKEY_PARAM_ENGINE, + ENGINE_get_id(key->cipher.engine))) return 0; #endif @@ -271,7 +268,7 @@ static int key_to_params(MAC_KEY *key, OSSL_PARAM_BLD *tmpl, } static int mac_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, - void *cbarg) + void *cbarg) { MAC_KEY *key = keydata; OSSL_PARAM_BLD *tmpl; @@ -289,7 +286,7 @@ static int mac_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, return 0; if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 - && !key_to_params(key, tmpl, NULL)) + && !key_to_params(key, tmpl, NULL)) goto err; params = OSSL_PARAM_BLD_to_param(tmpl); @@ -394,7 +391,7 @@ static void *mac_gen_init_common(void *provctx, int selection) } static void *mac_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { struct mac_gen_ctx *gctx = mac_gen_init_common(provctx, selection); @@ -406,7 +403,7 @@ static void *mac_gen_init(void *provctx, int selection, } static void *cmac_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { struct mac_gen_ctx *gctx = mac_gen_init_common(provctx, selection); @@ -451,7 +448,7 @@ static int cmac_gen_set_params(void *genctx, const OSSL_PARAM params[]) return 0; if (!ossl_prov_cipher_load_from_params(&gctx->cipher, params, - gctx->libctx)) { + gctx->libctx)) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -460,7 +457,7 @@ static int cmac_gen_set_params(void *genctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *mac_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0), @@ -470,7 +467,7 @@ static const OSSL_PARAM *mac_gen_settable_params(ossl_unused void *genctx, } static const OSSL_PARAM *cmac_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0), @@ -538,10 +535,10 @@ static void mac_gen_cleanup(void *genctx) const OSSL_DISPATCH ossl_mac_legacy_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))mac_new }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))mac_free }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))mac_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))mac_gettable_params }, - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))mac_set_params }, - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))mac_settable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))mac_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))mac_gettable_params }, + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))mac_set_params }, + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))mac_settable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))mac_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))mac_match }, { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))mac_import }, @@ -560,10 +557,10 @@ const OSSL_DISPATCH ossl_mac_legacy_keymgmt_functions[] = { const OSSL_DISPATCH ossl_cmac_legacy_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))mac_new_cmac }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))mac_free }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))mac_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))cmac_gettable_params }, - { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))mac_set_params }, - { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))mac_settable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))mac_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))cmac_gettable_params }, + { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*)(void))mac_set_params }, + { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*)(void))mac_settable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))mac_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))mac_match }, { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))mac_import }, @@ -578,4 +575,3 @@ const OSSL_DISPATCH ossl_cmac_legacy_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))mac_gen_cleanup }, { 0, NULL } }; - diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 3ba12c4889a8..dd5c3e926237 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -53,18 +53,18 @@ static OSSL_FUNC_keymgmt_dup_fn rsa_dup; #define RSA_DEFAULT_MD "SHA256" #define RSA_PSS_DEFAULT_MD OSSL_DIGEST_NAME_SHA1 -#define RSA_POSSIBLE_SELECTIONS \ +#define RSA_POSSIBLE_SELECTIONS \ (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) DEFINE_STACK_OF(BIGNUM) DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) static int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params, int *defaults_set, - const OSSL_PARAM params[], int rsa_type, - OSSL_LIB_CTX *libctx) + const OSSL_PARAM params[], int rsa_type, + OSSL_LIB_CTX *libctx) { if (!ossl_rsa_pss_params_30_fromdata(pss_params, defaults_set, - params, libctx)) + params, libctx)) return 0; /* If not a PSS type RSA, sending us PSS parameters is wrong */ @@ -186,13 +186,9 @@ static int rsa_import(void *keydata, int selection, const OSSL_PARAM params[]) rsa_type = RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK); if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && pss_params_fromdata(ossl_rsa_get0_pss_params_30(rsa), - &pss_defaults_set, - params, rsa_type, - ossl_rsa_get0_libctx(rsa)); + ok = ok && pss_params_fromdata(ossl_rsa_get0_pss_params_30(rsa), &pss_defaults_set, params, rsa_type, ossl_rsa_get0_libctx(rsa)); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && ossl_rsa_fromdata(rsa, params, include_private); } @@ -201,7 +197,7 @@ static int rsa_import(void *keydata, int selection, const OSSL_PARAM params[]) } static int rsa_export(void *keydata, int selection, - OSSL_CALLBACK *param_callback, void *cbarg) + OSSL_CALLBACK *param_callback, void *cbarg) { RSA *rsa = keydata; const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); @@ -220,11 +216,9 @@ static int rsa_export(void *keydata, int selection, return 0; if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params) - || ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL)); + ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params) || ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL)); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { - int include_private = - selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; + int include_private = selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; ok = ok && ossl_rsa_todata(rsa, tmpl, NULL, include_private); } @@ -243,54 +237,54 @@ err: #ifdef FIPS_MODULE /* In fips mode there are no multi-primes. */ -# define RSA_KEY_MP_TYPES() \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), +#define RSA_KEY_MP_TYPES() \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), #else /* * We allow up to 10 prime factors (starting with p, q). * NOTE: there is only 9 OSSL_PKEY_PARAM_RSA_COEFFICIENT */ -# define RSA_KEY_MP_TYPES() \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR3, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR4, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR5, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR6, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR7, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR8, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR9, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR10, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT3, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT4, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT5, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT6, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT7, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT8, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT9, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT10, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT2, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT3, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT4, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT5, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT6, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT7, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT8, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT9, NULL, 0), +#define RSA_KEY_MP_TYPES() \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR3, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR4, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR5, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR6, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR7, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR8, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR9, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR10, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT3, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT4, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT5, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT6, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT7, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT8, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT9, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT10, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT2, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT3, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT4, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT5, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT6, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT7, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT8, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT9, NULL, 0), #endif -#define RSA_KEY_TYPES() \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), \ -OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0), \ -RSA_KEY_MP_TYPES() +#define RSA_KEY_TYPES() \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0), \ + RSA_KEY_MP_TYPES() /* * This provider can export everything in an RSA key, so we use the exact @@ -301,7 +295,7 @@ RSA_KEY_MP_TYPES() */ static const OSSL_PARAM rsa_key_types[] = { RSA_KEY_TYPES() - OSSL_PARAM_END + OSSL_PARAM_END }; /* * We lied about the amount of factors, exponents and coefficients, the @@ -361,17 +355,17 @@ static int rsa_get_params(void *key, OSSL_PARAM params[]) * With RSA-OAEP keys, this may need to be amended. */ if ((p = OSSL_PARAM_locate(params, - OSSL_PKEY_PARAM_MANDATORY_DIGEST)) != NULL + OSSL_PKEY_PARAM_MANDATORY_DIGEST)) + != NULL && rsa_type == RSA_FLAG_TYPE_RSASSAPSS && !ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { - const char *mdname = - ossl_rsa_oaeppss_nid2name(ossl_rsa_pss_params_30_hashalg(pss_params)); + const char *mdname = ossl_rsa_oaeppss_nid2name(ossl_rsa_pss_params_30_hashalg(pss_params)); if (mdname == NULL || !OSSL_PARAM_set_utf8_string(p, mdname)) return 0; } return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS - || ossl_rsa_pss_params_30_todata(pss_params, NULL, params)) + || ossl_rsa_pss_params_30_todata(pss_params, NULL, params)) && ossl_rsa_todata(rsa, NULL, params, 1); } @@ -381,7 +375,7 @@ static const OSSL_PARAM rsa_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST, NULL, 0), RSA_KEY_TYPES() - OSSL_PARAM_END + OSSL_PARAM_END }; static const OSSL_PARAM *rsa_gettable_params(void *provctx) @@ -448,7 +442,7 @@ static int rsa_gencb(int p, int n, BN_GENCB *cb) } static void *gen_init(void *provctx, int selection, int rsa_type, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct rsa_gen_ctx *gctx = NULL; @@ -484,13 +478,13 @@ err: } static void *rsa_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return gen_init(provctx, selection, RSA_FLAG_TYPE_RSA, params); } static void *rsapss_gen_init(void *provctx, int selection, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return gen_init(provctx, selection, RSA_FLAG_TYPE_RSASSAPSS, params); } @@ -525,7 +519,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) /* Only attempt to get PSS parameters when generating an RSA-PSS key */ if (gctx->rsa_type == RSA_FLAG_TYPE_RSASSAPSS && !pss_params_fromdata(&gctx->pss_params, &gctx->pss_defaults_set, params, - gctx->rsa_type, gctx->libctx)) + gctx->rsa_type, gctx->libctx)) return 0; #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) /* Any ACVP test related parameters are copied into a params[] */ @@ -535,24 +529,24 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) return 1; } -#define rsa_gen_basic \ - OSSL_PARAM_size_t(OSSL_PKEY_PARAM_RSA_BITS, NULL), \ - OSSL_PARAM_size_t(OSSL_PKEY_PARAM_RSA_PRIMES, NULL), \ - OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0) +#define rsa_gen_basic \ + OSSL_PARAM_size_t(OSSL_PKEY_PARAM_RSA_BITS, NULL), \ + OSSL_PARAM_size_t(OSSL_PKEY_PARAM_RSA_PRIMES, NULL), \ + OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0) /* * The following must be kept in sync with ossl_rsa_pss_params_30_fromdata() * in crypto/rsa/rsa_backend.c */ -#define rsa_gen_pss \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST_PROPS, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MASKGENFUNC, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MGF1_DIGEST, NULL, 0), \ - OSSL_PARAM_int(OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, NULL) +#define rsa_gen_pss \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST_PROPS, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MASKGENFUNC, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MGF1_DIGEST, NULL, 0), \ + OSSL_PARAM_int(OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, NULL) static const OSSL_PARAM *rsa_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { rsa_gen_basic, @@ -563,7 +557,7 @@ static const OSSL_PARAM *rsa_gen_settable_params(ossl_unused void *genctx, } static const OSSL_PARAM *rsapss_gen_settable_params(ossl_unused void *genctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static OSSL_PARAM settable[] = { rsa_gen_basic, @@ -617,12 +611,12 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) #endif if (!RSA_generate_multi_prime_key(rsa_tmp, - (int)gctx->nbits, (int)gctx->primes, - gctx->pub_exp, gencb)) + (int)gctx->nbits, (int)gctx->primes, + gctx->pub_exp, gencb)) goto err; if (!ossl_rsa_pss_params_30_copy(ossl_rsa_get0_pss_params_30(rsa_tmp), - &gctx->pss_params)) + &gctx->pss_params)) goto err; RSA_clear_flags(rsa_tmp, RSA_FLAG_TYPE_MASK); @@ -630,7 +624,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) rsa = rsa_tmp; rsa_tmp = NULL; - err: +err: BN_GENCB_free(gencb); RSA_free(rsa_tmp); return rsa; @@ -651,7 +645,7 @@ static void rsa_gen_cleanup(void *genctx) } static void *common_load(const void *reference, size_t reference_sz, - int expected_rsa_type) + int expected_rsa_type) { RSA *rsa = NULL; @@ -698,15 +692,15 @@ const OSSL_DISPATCH ossl_rsa_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))rsa_newdata }, { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))rsa_gen_init }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, - (void (*)(void))rsa_gen_set_params }, + (void (*)(void))rsa_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))rsa_gen_settable_params }, + (void (*)(void))rsa_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))rsa_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))rsa_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))rsa_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))rsa_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))rsa_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))rsa_gettable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))rsa_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))rsa_gettable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))rsa_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))rsa_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))rsa_validate }, @@ -723,13 +717,13 @@ const OSSL_DISPATCH ossl_rsapss_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))rsapss_gen_init }, { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))rsa_gen_set_params }, { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, - (void (*)(void))rsapss_gen_settable_params }, + (void (*)(void))rsapss_gen_settable_params }, { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))rsa_gen }, { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))rsa_gen_cleanup }, { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))rsapss_load }, { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))rsa_freedata }, - { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))rsa_get_params }, - { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))rsa_gettable_params }, + { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*)(void))rsa_get_params }, + { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*)(void))rsa_gettable_params }, { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))rsa_has }, { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))rsa_match }, { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))rsa_validate }, @@ -738,7 +732,7 @@ const OSSL_DISPATCH ossl_rsapss_keymgmt_functions[] = { { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))rsa_export }, { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))rsa_export_types }, { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, - (void (*)(void))rsa_query_operation_name }, + (void (*)(void))rsa_query_operation_name }, { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))rsa_dup }, { 0, NULL } }; diff --git a/providers/implementations/macs/blake2_mac_impl.c b/providers/implementations/macs/blake2_mac_impl.c index 3c6b0c2c0c07..036ad04b6a5d 100644 --- a/providers/implementations/macs/blake2_mac_impl.c +++ b/providers/implementations/macs/blake2_mac_impl.c @@ -88,7 +88,7 @@ static size_t blake2_mac_size(void *vmacctx) } static int blake2_setkey(struct blake2_mac_data_st *macctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { if (keylen > BLAKE2_KEYBYTES || keylen == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); @@ -103,7 +103,7 @@ static int blake2_setkey(struct blake2_mac_data_st *macctx, } static int blake2_mac_init(void *vmacctx, const unsigned char *key, - size_t keylen, const OSSL_PARAM params[]) + size_t keylen, const OSSL_PARAM params[]) { struct blake2_mac_data_st *macctx = vmacctx; @@ -121,7 +121,7 @@ static int blake2_mac_init(void *vmacctx, const unsigned char *key, } static int blake2_mac_update(void *vmacctx, - const unsigned char *data, size_t datalen) + const unsigned char *data, size_t datalen) { struct blake2_mac_data_st *macctx = vmacctx; @@ -132,8 +132,8 @@ static int blake2_mac_update(void *vmacctx, } static int blake2_mac_final(void *vmacctx, - unsigned char *out, size_t *outl, - size_t outsize) + unsigned char *out, size_t *outl, + size_t outsize) { struct blake2_mac_data_st *macctx = vmacctx; @@ -150,7 +150,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *blake2_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -160,11 +160,11 @@ static int blake2_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) OSSL_PARAM *p; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx))) + && !OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx))) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, BLAKE2_BLOCKBYTES)) + && !OSSL_PARAM_set_size_t(p, BLAKE2_BLOCKBYTES)) return 0; return 1; @@ -178,7 +178,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *blake2_mac_settable_ctx_params( - ossl_unused void *ctx, ossl_unused void *p_ctx) + ossl_unused void *ctx, ossl_unused void *p_ctx) { return known_settable_ctx_params; } @@ -207,7 +207,7 @@ static int blake2_mac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) } if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL - && !blake2_setkey(macctx, p->data, p->data_size)) + && !blake2_setkey(macctx, p->data, p->data_size)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM)) @@ -245,10 +245,10 @@ const OSSL_DISPATCH BLAKE2_FUNCTIONS[] = { { OSSL_FUNC_MAC_UPDATE, (void (*)(void))blake2_mac_update }, { OSSL_FUNC_MAC_FINAL, (void (*)(void))blake2_mac_final }, { OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, - (void (*)(void))blake2_gettable_ctx_params }, + (void (*)(void))blake2_gettable_ctx_params }, { OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))blake2_get_ctx_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))blake2_mac_settable_ctx_params }, + (void (*)(void))blake2_mac_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))blake2_mac_set_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/macs/blake2b_mac.c b/providers/implementations/macs/blake2b_mac.c index b445cbd57875..5db1f1a2a6f3 100644 --- a/providers/implementations/macs/blake2b_mac.c +++ b/providers/implementations/macs/blake2b_mac.c @@ -29,5 +29,6 @@ /* OSSL_DISPATCH symbol */ #define BLAKE2_FUNCTIONS ossl_blake2bmac_functions +/* clang-format off */ #include "blake2_mac_impl.c" - +/* clang-format on */ diff --git a/providers/implementations/macs/blake2s_mac.c b/providers/implementations/macs/blake2s_mac.c index 6b3fa28bd36b..0d89267aa6c6 100644 --- a/providers/implementations/macs/blake2s_mac.c +++ b/providers/implementations/macs/blake2s_mac.c @@ -29,4 +29,6 @@ /* OSSL_DISPATCH symbol */ #define BLAKE2_FUNCTIONS ossl_blake2smac_functions +/* clang-format off */ #include "blake2_mac_impl.c" +/* clang-format on */ diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c index 56eac008b6e4..8015e113e4c3 100644 --- a/providers/implementations/macs/cmac_prov.c +++ b/providers/implementations/macs/cmac_prov.c @@ -108,17 +108,17 @@ static size_t cmac_size(void *vmacctx) } static int cmac_setkey(struct cmac_data_st *macctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { int rv = CMAC_Init(macctx->ctx, key, keylen, - ossl_prov_cipher_cipher(&macctx->cipher), - ossl_prov_cipher_engine(&macctx->cipher)); + ossl_prov_cipher_cipher(&macctx->cipher), + ossl_prov_cipher_engine(&macctx->cipher)); ossl_prov_cipher_reset(&macctx->cipher); return rv; } static int cmac_init(void *vmacctx, const unsigned char *key, - size_t keylen, const OSSL_PARAM params[]) + size_t keylen, const OSSL_PARAM params[]) { struct cmac_data_st *macctx = vmacctx; @@ -131,7 +131,7 @@ static int cmac_init(void *vmacctx, const unsigned char *key, } static int cmac_update(void *vmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { struct cmac_data_st *macctx = vmacctx; @@ -139,7 +139,7 @@ static int cmac_update(void *vmacctx, const unsigned char *data, } static int cmac_final(void *vmacctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { struct cmac_data_st *macctx = vmacctx; @@ -155,7 +155,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *cmac_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -165,11 +165,11 @@ static int cmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) OSSL_PARAM *p; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx))) + && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx))) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx))) + && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx))) return 0; return 1; @@ -182,7 +182,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *cmac_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -218,10 +218,10 @@ const OSSL_DISPATCH ossl_cmac_functions[] = { { OSSL_FUNC_MAC_UPDATE, (void (*)(void))cmac_update }, { OSSL_FUNC_MAC_FINAL, (void (*)(void))cmac_final }, { OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, - (void (*)(void))cmac_gettable_ctx_params }, + (void (*)(void))cmac_gettable_ctx_params }, { OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))cmac_get_ctx_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))cmac_settable_ctx_params }, + (void (*)(void))cmac_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))cmac_set_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c index 3dd38ecd7ca7..bcf10cba2bb6 100644 --- a/providers/implementations/macs/gmac_prov.c +++ b/providers/implementations/macs/gmac_prov.c @@ -40,7 +40,7 @@ static OSSL_FUNC_mac_final_fn gmac_final; struct gmac_data_st { void *provctx; - EVP_CIPHER_CTX *ctx; /* Cipher context */ + EVP_CIPHER_CTX *ctx; /* Cipher context */ PROV_CIPHER cipher; }; @@ -98,7 +98,7 @@ static size_t gmac_size(void) } static int gmac_setkey(struct gmac_data_st *macctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { EVP_CIPHER_CTX *ctx = macctx->ctx; @@ -112,7 +112,7 @@ static int gmac_setkey(struct gmac_data_st *macctx, } static int gmac_init(void *vmacctx, const unsigned char *key, - size_t keylen, const OSSL_PARAM params[]) + size_t keylen, const OSSL_PARAM params[]) { struct gmac_data_st *macctx = vmacctx; @@ -124,7 +124,7 @@ static int gmac_init(void *vmacctx, const unsigned char *key, } static int gmac_update(void *vmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { struct gmac_data_st *macctx = vmacctx; EVP_CIPHER_CTX *ctx = macctx->ctx; @@ -143,7 +143,7 @@ static int gmac_update(void *vmacctx, const unsigned char *data, } static int gmac_final(void *vmacctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; struct gmac_data_st *macctx = vmacctx; @@ -157,7 +157,7 @@ static int gmac_final(void *vmacctx, unsigned char *out, size_t *outl, hlen = gmac_size(); params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, - out, (size_t)hlen); + out, (size_t)hlen); if (!EVP_CIPHER_CTX_get_params(macctx->ctx, params)) return 0; @@ -192,7 +192,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *gmac_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -221,14 +221,14 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) return 0; } if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher), - ossl_prov_cipher_engine(&macctx->cipher), NULL, - NULL)) + ossl_prov_cipher_engine(&macctx->cipher), NULL, + NULL)) return 0; } if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) if (p->data_type != OSSL_PARAM_OCTET_STRING - || !gmac_setkey(macctx, p->data, p->data_size)) + || !gmac_setkey(macctx, p->data, p->data_size)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_IV)) != NULL) { @@ -236,7 +236,8 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) return 0; if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, - p->data_size, NULL) <= 0 + p->data_size, NULL) + <= 0 || !EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, p->data)) return 0; } @@ -253,7 +254,7 @@ const OSSL_DISPATCH ossl_gmac_functions[] = { { OSSL_FUNC_MAC_GETTABLE_PARAMS, (void (*)(void))gmac_gettable_params }, { OSSL_FUNC_MAC_GET_PARAMS, (void (*)(void))gmac_get_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))gmac_settable_ctx_params }, + (void (*)(void))gmac_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))gmac_set_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index 2dce0eb6b757..a3a858b62dd4 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -47,7 +47,7 @@ static OSSL_FUNC_mac_final_fn hmac_final; /* typedef EVP_MAC_IMPL */ struct hmac_data_st { void *provctx; - HMAC_CTX *ctx; /* HMAC context */ + HMAC_CTX *ctx; /* HMAC context */ PROV_DIGEST digest; unsigned char *key; size_t keylen; @@ -61,14 +61,14 @@ struct hmac_data_st { /* Defined in ssl/s3_cbc.c */ int ssl3_cbc_digest_record(const EVP_MD *md, - unsigned char *md_out, - size_t *md_out_size, - const unsigned char header[13], - const unsigned char *data, - size_t data_size, - size_t data_plus_mac_plus_padding_size, - const unsigned char *mac_secret, - size_t mac_secret_length, char is_sslv3); + unsigned char *md_out, + size_t *md_out_size, + const unsigned char header[13], + const unsigned char *data, + size_t data_size, + size_t data_plus_mac_plus_padding_size, + const unsigned char *mac_secret, + size_t mac_secret_length, char is_sslv3); static void *hmac_new(void *provctx) { @@ -149,7 +149,7 @@ static int hmac_block_size(struct hmac_data_st *macctx) } static int hmac_setkey(struct hmac_data_st *macctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { const EVP_MD *digest; @@ -168,12 +168,12 @@ static int hmac_setkey(struct hmac_data_st *macctx, /* HMAC_Init_ex doesn't tolerate all zero params, so we must be careful */ if (key != NULL || (macctx->tls_data_size == 0 && digest != NULL)) return HMAC_Init_ex(macctx->ctx, key, keylen, digest, - ossl_prov_digest_engine(&macctx->digest)); + ossl_prov_digest_engine(&macctx->digest)); return 1; } static int hmac_init(void *vmacctx, const unsigned char *key, - size_t keylen, const OSSL_PARAM params[]) + size_t keylen, const OSSL_PARAM params[]) { struct hmac_data_st *macctx = vmacctx; @@ -188,7 +188,7 @@ static int hmac_init(void *vmacctx, const unsigned char *key, } static int hmac_update(void *vmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { struct hmac_data_st *macctx = vmacctx; @@ -207,22 +207,22 @@ static int hmac_update(void *vmacctx, const unsigned char *data, return 0; return ssl3_cbc_digest_record(ossl_prov_digest_md(&macctx->digest), - macctx->tls_mac_out, - &macctx->tls_mac_out_size, - macctx->tls_header, - data, - datalen, - macctx->tls_data_size, - macctx->key, - macctx->keylen, - 0); + macctx->tls_mac_out, + &macctx->tls_mac_out_size, + macctx->tls_header, + data, + datalen, + macctx->tls_data_size, + macctx->key, + macctx->keylen, + 0); } return HMAC_Update(macctx->ctx, data, datalen); } static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { unsigned int hlen; struct hmac_data_st *macctx = vmacctx; @@ -249,7 +249,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *hmac_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -260,11 +260,11 @@ static int hmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) OSSL_PARAM *p; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, hmac_size(macctx))) + && !OSSL_PARAM_set_size_t(p, hmac_size(macctx))) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL - && !OSSL_PARAM_set_int(p, hmac_block_size(macctx))) + && !OSSL_PARAM_set_int(p, hmac_block_size(macctx))) return 0; return 1; @@ -280,13 +280,13 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *hmac_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } static int set_flag(const OSSL_PARAM params[], const char *key, int mask, - int *flags) + int *flags) { const OSSL_PARAM *p = OSSL_PARAM_locate_const(params, key); int flag = 0; @@ -319,10 +319,10 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) return 0; if (!set_flag(params, OSSL_MAC_PARAM_DIGEST_NOINIT, EVP_MD_CTX_FLAG_NO_INIT, - &flags)) + &flags)) return 0; if (!set_flag(params, OSSL_MAC_PARAM_DIGEST_ONESHOT, EVP_MD_CTX_FLAG_ONESHOT, - &flags)) + &flags)) return 0; if (flags) HMAC_CTX_set_flags(macctx->ctx, flags); @@ -335,7 +335,8 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) } if ((p = OSSL_PARAM_locate_const(params, - OSSL_MAC_PARAM_TLS_DATA_SIZE)) != NULL) { + OSSL_MAC_PARAM_TLS_DATA_SIZE)) + != NULL) { if (!OSSL_PARAM_get_size_t(p, &macctx->tls_data_size)) return 0; } @@ -350,10 +351,10 @@ const OSSL_DISPATCH ossl_hmac_functions[] = { { OSSL_FUNC_MAC_UPDATE, (void (*)(void))hmac_update }, { OSSL_FUNC_MAC_FINAL, (void (*)(void))hmac_final }, { OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, - (void (*)(void))hmac_gettable_ctx_params }, + (void (*)(void))hmac_gettable_ctx_params }, { OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))hmac_get_ctx_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))hmac_settable_ctx_params }, + (void (*)(void))hmac_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))hmac_set_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 99e7c60a74ce..2e86d2909fd8 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -112,10 +112,10 @@ static const unsigned char kmac_string[] = { 0x01, 0x20, 0x4B, 0x4D, 0x41, 0x43 }; -#define KMAC_FLAG_XOF_MODE 1 +#define KMAC_FLAG_XOF_MODE 1 struct kmac_data_st { - void *provctx; + void *provctx; EVP_MD_CTX *ctx; PROV_DIGEST digest; size_t out_len; @@ -129,17 +129,17 @@ struct kmac_data_st { }; static int encode_string(unsigned char *out, size_t out_max_len, size_t *out_len, - const unsigned char *in, size_t in_len); + const unsigned char *in, size_t in_len); static int right_encode(unsigned char *out, size_t out_max_len, size_t *out_len, - size_t bits); + size_t bits); static int bytepad(unsigned char *out, size_t *out_len, - const unsigned char *in1, size_t in1_len, - const unsigned char *in2, size_t in2_len, - size_t w); + const unsigned char *in1, size_t in1_len, + const unsigned char *in2, size_t in2_len, + size_t w); static int kmac_bytepad_encode_key(unsigned char *out, size_t out_max_len, - size_t *out_len, - const unsigned char *in, size_t in_len, - size_t w); + size_t *out_len, + const unsigned char *in, size_t in_len, + size_t w); static void kmac_free(void *vmacctx) { @@ -167,7 +167,7 @@ static struct kmac_data_st *kmac_new(void *provctx) return NULL; if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL - || (kctx->ctx = EVP_MD_CTX_new()) == NULL) { + || (kctx->ctx = EVP_MD_CTX_new()) == NULL) { kmac_free(kctx); return NULL; } @@ -182,7 +182,7 @@ static void *kmac_fetch_new(void *provctx, const OSSL_PARAM *params) if (kctx == NULL) return 0; if (!ossl_prov_digest_load_from_params(&kctx->digest, params, - PROV_LIBCTX_OF(provctx))) { + PROV_LIBCTX_OF(provctx))) { kmac_free(kctx); return 0; } @@ -195,7 +195,7 @@ static void *kmac128_new(void *provctx) { static const OSSL_PARAM kmac128_params[] = { OSSL_PARAM_utf8_string("digest", OSSL_DIGEST_NAME_KECCAK_KMAC128, - sizeof(OSSL_DIGEST_NAME_KECCAK_KMAC128)), + sizeof(OSSL_DIGEST_NAME_KECCAK_KMAC128)), OSSL_PARAM_END }; return kmac_fetch_new(provctx, kmac128_params); @@ -205,7 +205,7 @@ static void *kmac256_new(void *provctx) { static const OSSL_PARAM kmac256_params[] = { OSSL_PARAM_utf8_string("digest", OSSL_DIGEST_NAME_KECCAK_KMAC256, - sizeof(OSSL_DIGEST_NAME_KECCAK_KMAC256)), + sizeof(OSSL_DIGEST_NAME_KECCAK_KMAC256)), OSSL_PARAM_END }; return kmac_fetch_new(provctx, kmac256_params); @@ -240,7 +240,7 @@ static void *kmac_dup(void *vsrc) } static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key, - size_t keylen) + size_t keylen) { const EVP_MD *digest = ossl_prov_digest_md(&kctx->digest); int w = EVP_MD_get_block_size(digest); @@ -254,7 +254,7 @@ static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key, return 0; } if (!kmac_bytepad_encode_key(kctx->key, sizeof(kctx->key), &kctx->key_len, - key, keylen, (size_t)w)) + key, keylen, (size_t)w)) return 0; return 1; } @@ -265,7 +265,7 @@ static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key, * effect on the output mac. */ static int kmac_init(void *vmacctx, const unsigned char *key, - size_t keylen, const OSSL_PARAM params[]) + size_t keylen, const OSSL_PARAM params[]) { struct kmac_data_st *kctx = vmacctx; EVP_MD_CTX *ctx = kctx->ctx; @@ -285,7 +285,7 @@ static int kmac_init(void *vmacctx, const unsigned char *key, return 0; } if (!EVP_DigestInit_ex(kctx->ctx, ossl_prov_digest_md(&kctx->digest), - NULL)) + NULL)) return 0; t = EVP_MD_get_block_size(ossl_prov_digest_md(&kctx->digest)); @@ -305,7 +305,7 @@ static int kmac_init(void *vmacctx, const unsigned char *key, } if (!bytepad(NULL, &out_len, kmac_string, sizeof(kmac_string), - kctx->custom, kctx->custom_len, block_len)) { + kctx->custom, kctx->custom_len, block_len)) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); return 0; } @@ -315,15 +315,15 @@ static int kmac_init(void *vmacctx, const unsigned char *key, return 0; } res = bytepad(out, NULL, kmac_string, sizeof(kmac_string), - kctx->custom, kctx->custom_len, block_len) - && EVP_DigestUpdate(ctx, out, out_len) - && EVP_DigestUpdate(ctx, kctx->key, kctx->key_len); + kctx->custom, kctx->custom_len, block_len) + && EVP_DigestUpdate(ctx, out, out_len) + && EVP_DigestUpdate(ctx, kctx->key, kctx->key_len); OPENSSL_free(out); return res; } static int kmac_update(void *vmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { struct kmac_data_st *kctx = vmacctx; @@ -331,7 +331,7 @@ static int kmac_update(void *vmacctx, const unsigned char *data, } static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { struct kmac_data_st *kctx = vmacctx; EVP_MD_CTX *ctx = kctx->ctx; @@ -358,7 +358,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *kmac_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -370,7 +370,7 @@ static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) int sz; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, kctx->out_len)) + && !OSSL_PARAM_set_size_t(p, kctx->out_len)) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL) { @@ -390,7 +390,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *kmac_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -427,7 +427,7 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params) kctx->out_len = sz; } if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL - && !kmac_setkey(kctx, p->data, p->data_size)) + && !kmac_setkey(kctx, p->data, p->data_size)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM)) != NULL) { @@ -436,7 +436,7 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params) return 0; } if (!encode_string(kctx->custom, sizeof(kctx->custom), &kctx->custom_len, - p->data, p->data_size)) + p->data, p->data_size)) return 0; } return 1; @@ -467,7 +467,7 @@ static unsigned int get_encode_size(size_t bits) * e.g if bits = 32, out[2] = { 0x20, 0x01 } */ static int right_encode(unsigned char *out, size_t out_max_len, size_t *out_len, - size_t bits) + size_t bits) { unsigned int len = get_encode_size(bits); int i; @@ -498,7 +498,7 @@ static int right_encode(unsigned char *out, size_t out_max_len, size_t *out_len, * len bits K M A C */ static int encode_string(unsigned char *out, size_t out_max_len, size_t *out_len, - const unsigned char *in, size_t in_len) + const unsigned char *in, size_t in_len) { if (in == NULL) { *out_len = 0; @@ -534,8 +534,8 @@ static int encode_string(unsigned char *out, size_t out_max_len, size_t *out_len * zero_padded(multiple of w, (left_encode(w) || in1 [|| in2]) */ static int bytepad(unsigned char *out, size_t *out_len, - const unsigned char *in1, size_t in1_len, - const unsigned char *in2, size_t in2_len, size_t w) + const unsigned char *in1, size_t in1_len, + const unsigned char *in2, size_t in2_len, size_t w) { int len; unsigned char *p = out; @@ -578,9 +578,9 @@ static int bytepad(unsigned char *out, size_t *out_len, /* Returns out = bytepad(encode_string(in), w) */ static int kmac_bytepad_encode_key(unsigned char *out, size_t out_max_len, - size_t *out_len, - const unsigned char *in, size_t in_len, - size_t w) + size_t *out_len, + const unsigned char *in, size_t in_len, + size_t w) { unsigned char tmp[KMAC_MAX_KEY + KMAC_MAX_ENCODED_HEADER_LEN]; size_t tmp_len; @@ -602,10 +602,10 @@ const OSSL_DISPATCH ossl_kmac128_functions[] = { { OSSL_FUNC_MAC_UPDATE, (void (*)(void))kmac_update }, { OSSL_FUNC_MAC_FINAL, (void (*)(void))kmac_final }, { OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, - (void (*)(void))kmac_gettable_ctx_params }, + (void (*)(void))kmac_gettable_ctx_params }, { OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))kmac_get_ctx_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))kmac_settable_ctx_params }, + (void (*)(void))kmac_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))kmac_set_ctx_params }, { 0, NULL } }; @@ -618,10 +618,10 @@ const OSSL_DISPATCH ossl_kmac256_functions[] = { { OSSL_FUNC_MAC_UPDATE, (void (*)(void))kmac_update }, { OSSL_FUNC_MAC_FINAL, (void (*)(void))kmac_final }, { OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, - (void (*)(void))kmac_gettable_ctx_params }, + (void (*)(void))kmac_gettable_ctx_params }, { OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))kmac_get_ctx_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))kmac_settable_ctx_params }, + (void (*)(void))kmac_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))kmac_set_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/macs/poly1305_prov.c b/providers/implementations/macs/poly1305_prov.c index f922802ea79c..262510c59890 100644 --- a/providers/implementations/macs/poly1305_prov.c +++ b/providers/implementations/macs/poly1305_prov.c @@ -38,7 +38,7 @@ static OSSL_FUNC_mac_final_fn poly1305_final; struct poly1305_data_st { void *provctx; int updated; - POLY1305 poly1305; /* Poly1305 data */ + POLY1305 poly1305; /* Poly1305 data */ }; static void *poly1305_new(void *provctx) @@ -79,7 +79,7 @@ static size_t poly1305_size(void) } static int poly1305_setkey(struct poly1305_data_st *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { if (keylen != POLY1305_KEY_SIZE) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); @@ -91,7 +91,7 @@ static int poly1305_setkey(struct poly1305_data_st *ctx, } static int poly1305_init(void *vmacctx, const unsigned char *key, - size_t keylen, const OSSL_PARAM params[]) + size_t keylen, const OSSL_PARAM params[]) { struct poly1305_data_st *ctx = vmacctx; @@ -105,7 +105,7 @@ static int poly1305_init(void *vmacctx, const unsigned char *key, } static int poly1305_update(void *vmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { struct poly1305_data_st *ctx = vmacctx; @@ -119,7 +119,7 @@ static int poly1305_update(void *vmacctx, const unsigned char *data, } static int poly1305_final(void *vmacctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { struct poly1305_data_st *ctx = vmacctx; @@ -155,7 +155,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_END }; static const OSSL_PARAM *poly1305_settable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -166,7 +166,7 @@ static int poly1305_set_ctx_params(void *vmacctx, const OSSL_PARAM *params) const OSSL_PARAM *p; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL - && !poly1305_setkey(ctx, p->data, p->data_size)) + && !poly1305_setkey(ctx, p->data, p->data_size)) return 0; return 1; } @@ -181,7 +181,7 @@ const OSSL_DISPATCH ossl_poly1305_functions[] = { { OSSL_FUNC_MAC_GETTABLE_PARAMS, (void (*)(void))poly1305_gettable_params }, { OSSL_FUNC_MAC_GET_PARAMS, (void (*)(void))poly1305_get_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))poly1305_settable_ctx_params }, + (void (*)(void))poly1305_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))poly1305_set_ctx_params }, { 0, NULL } }; diff --git a/providers/implementations/macs/siphash_prov.c b/providers/implementations/macs/siphash_prov.c index a28cdb33ac20..d4130c01c5ed 100644 --- a/providers/implementations/macs/siphash_prov.c +++ b/providers/implementations/macs/siphash_prov.c @@ -38,8 +38,8 @@ static OSSL_FUNC_mac_final_fn siphash_final; struct siphash_data_st { void *provctx; - SIPHASH siphash; /* Siphash data */ - SIPHASH sipcopy; /* Siphash data copy for reinitialization */ + SIPHASH siphash; /* Siphash data */ + SIPHASH sipcopy; /* Siphash data copy for reinitialization */ unsigned int crounds, drounds; }; @@ -93,7 +93,7 @@ static size_t siphash_size(void *vmacctx) } static int siphash_setkey(struct siphash_data_st *ctx, - const unsigned char *key, size_t keylen) + const unsigned char *key, size_t keylen) { int ret; @@ -106,7 +106,7 @@ static int siphash_setkey(struct siphash_data_st *ctx, } static int siphash_init(void *vmacctx, const unsigned char *key, size_t keylen, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { struct siphash_data_st *ctx = vmacctx; @@ -124,7 +124,7 @@ static int siphash_init(void *vmacctx, const unsigned char *key, size_t keylen, } static int siphash_update(void *vmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { struct siphash_data_st *ctx = vmacctx; @@ -136,7 +136,7 @@ static int siphash_update(void *vmacctx, const unsigned char *data, } static int siphash_final(void *vmacctx, unsigned char *out, size_t *outl, - size_t outsize) + size_t outsize) { struct siphash_data_st *ctx = vmacctx; size_t hlen = siphash_size(ctx); @@ -149,7 +149,7 @@ static int siphash_final(void *vmacctx, unsigned char *out, size_t *outl, } static const OSSL_PARAM *siphash_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), @@ -179,7 +179,7 @@ static int siphash_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) } static const OSSL_PARAM *siphash_settable_ctx_params(ossl_unused void *ctx, - void *provctx) + void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), @@ -208,10 +208,10 @@ static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params) return 0; } if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_C_ROUNDS)) != NULL - && !OSSL_PARAM_get_uint(p, &ctx->crounds)) + && !OSSL_PARAM_get_uint(p, &ctx->crounds)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_D_ROUNDS)) != NULL - && !OSSL_PARAM_get_uint(p, &ctx->drounds)) + && !OSSL_PARAM_get_uint(p, &ctx->drounds)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) if (p->data_type != OSSL_PARAM_OCTET_STRING @@ -228,10 +228,10 @@ const OSSL_DISPATCH ossl_siphash_functions[] = { { OSSL_FUNC_MAC_UPDATE, (void (*)(void))siphash_update }, { OSSL_FUNC_MAC_FINAL, (void (*)(void))siphash_final }, { OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS, - (void (*)(void))siphash_gettable_ctx_params }, + (void (*)(void))siphash_gettable_ctx_params }, { OSSL_FUNC_MAC_GET_CTX_PARAMS, (void (*)(void))siphash_get_ctx_params }, { OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS, - (void (*)(void))siphash_settable_ctx_params }, + (void (*)(void))siphash_settable_ctx_params }, { OSSL_FUNC_MAC_SET_CTX_PARAMS, (void (*)(void))siphash_set_params }, { 0, NULL } }; diff --git a/providers/implementations/rands/crngt.c b/providers/implementations/rands/crngt.c index 4095994bda11..aa03adf7a60d 100644 --- a/providers/implementations/rands/crngt.c +++ b/providers/implementations/rands/crngt.c @@ -32,8 +32,8 @@ typedef struct crng_test_global_st { } CRNG_TEST_GLOBAL; static int crngt_get_entropy(PROV_CTX *provctx, const EVP_MD *digest, - unsigned char *buf, unsigned char *md, - unsigned int *md_size) + unsigned char *buf, unsigned char *md, + unsigned int *md_size) { int r; size_t n; @@ -89,8 +89,8 @@ static const OSSL_LIB_CTX_METHOD rand_crng_ossl_ctx_method = { }; static int prov_crngt_compare_previous(const unsigned char *prev, - const unsigned char *cur, - size_t sz) + const unsigned char *cur, + size_t sz) { const int res = memcmp(prev, cur, sz) != 0; @@ -100,9 +100,9 @@ static int prov_crngt_compare_previous(const unsigned char *prev, } size_t ossl_crngt_get_entropy(PROV_DRBG *drbg, - unsigned char **pout, - int entropy, size_t min_len, size_t max_len, - int prediction_resistance) + unsigned char **pout, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance) { unsigned char md[EVP_MAX_MD_SIZE]; unsigned char buf[CRNGT_BUFSIZ]; @@ -114,7 +114,7 @@ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg, OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(drbg->provctx); CRNG_TEST_GLOBAL *crngt_glob = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_RAND_CRNGT_INDEX, - &rand_crng_ossl_ctx_method); + &rand_crng_ossl_ctx_method); OSSL_CALLBACK *stcb = NULL; void *stcbarg = NULL; OSSL_SELF_TEST *st = NULL; @@ -127,7 +127,7 @@ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg, if (!crngt_glob->preloaded) { if (!crngt_get_entropy(drbg->provctx, crngt_glob->md, buf, - crngt_glob->crngt_prev, NULL)) { + crngt_glob->crngt_prev, NULL)) { OPENSSL_cleanse(buf, sizeof(buf)); goto unlock_return; } @@ -154,7 +154,7 @@ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg, if (st == NULL) goto err; OSSL_SELF_TEST_onbegin(st, OSSL_SELF_TEST_TYPE_CRNG, - OSSL_SELF_TEST_DESC_RNG); + OSSL_SELF_TEST_DESC_RNG); } for (t = bytes_needed; t > 0;) { @@ -181,18 +181,18 @@ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg, *pout = ent; ent = NULL; - err: +err: OSSL_SELF_TEST_onend(st, crng_test_pass); OSSL_SELF_TEST_free(st); OPENSSL_secure_clear_free(ent, bytes_needed); - unlock_return: +unlock_return: CRYPTO_THREAD_unlock(crngt_glob->lock); return r; } void ossl_crngt_cleanup_entropy(ossl_unused PROV_DRBG *drbg, - unsigned char *out, size_t outlen) + unsigned char *out, size_t outlen) { OPENSSL_secure_clear_free(out, outlen); } diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index 9ab18af900bc..396335883930 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -39,7 +39,7 @@ static const char ossl_pers_string[] = DRBG_DEFAULT_PERS_STRING; static const OSSL_DISPATCH *find_call(const OSSL_DISPATCH *dispatch, - int function); + int function); static int rand_drbg_restart(PROV_DRBG *drbg); @@ -65,8 +65,8 @@ static int ossl_drbg_lock_parent(PROV_DRBG *drbg) void *parent = drbg->parent; if (parent != NULL - && drbg->parent_lock != NULL - && !drbg->parent_lock(parent)) { + && drbg->parent_lock != NULL + && !drbg->parent_lock(parent)) { ERR_raise(ERR_LIB_PROV, PROV_R_PARENT_LOCKING_NOT_ENABLED); return 0; } @@ -122,7 +122,7 @@ static unsigned int get_parent_reseed_count(PROV_DRBG *drbg) ossl_drbg_unlock_parent(drbg); return r; - err: +err: r = tsan_load(&drbg->reseed_counter) - 2; if (r == 0) r = UINT_MAX; @@ -142,9 +142,9 @@ static unsigned int get_parent_reseed_count(PROV_DRBG *drbg) * its entropy will be used up first. */ size_t ossl_drbg_get_seed(void *vdrbg, unsigned char **pout, - int entropy, size_t min_len, - size_t max_len, int prediction_resistance, - const unsigned char *adin, size_t adin_len) + int entropy, size_t min_len, + size_t max_len, int prediction_resistance, + const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; size_t bytes_needed; @@ -174,8 +174,8 @@ size_t ossl_drbg_get_seed(void *vdrbg, unsigned char **pout, * intentional and correct here. */ if (!ossl_prov_drbg_generate(drbg, buffer, bytes_needed, - drbg->strength, prediction_resistance, - (unsigned char *)&drbg, sizeof(drbg))) { + drbg->strength, prediction_resistance, + (unsigned char *)&drbg, sizeof(drbg))) { OPENSSL_secure_clear_free(buffer, bytes_needed); ERR_raise(ERR_LIB_PROV, PROV_R_GENERATE_ERROR); return 0; @@ -186,14 +186,14 @@ size_t ossl_drbg_get_seed(void *vdrbg, unsigned char **pout, /* Implements the cleanup_entropy() callback */ void ossl_drbg_clear_seed(ossl_unused void *vdrbg, - unsigned char *out, size_t outlen) + unsigned char *out, size_t outlen) { OPENSSL_secure_clear_free(out, outlen); } static size_t get_entropy(PROV_DRBG *drbg, unsigned char **pout, int entropy, - size_t min_len, size_t max_len, - int prediction_resistance) + size_t min_len, size_t max_len, + int prediction_resistance) { size_t bytes; unsigned int p_str; @@ -201,7 +201,7 @@ static size_t get_entropy(PROV_DRBG *drbg, unsigned char **pout, int entropy, if (drbg->parent == NULL) #ifdef FIPS_MODULE return ossl_crngt_get_entropy(drbg, pout, entropy, min_len, max_len, - prediction_resistance); + prediction_resistance); #else /* * In normal use (i.e. OpenSSL's own uses), this is never called. @@ -209,7 +209,7 @@ static size_t get_entropy(PROV_DRBG *drbg, unsigned char **pout, int entropy, * they always have a parent. This remains purely for legacy reasons. */ return ossl_prov_get_entropy(drbg->provctx, pout, entropy, min_len, - max_len); + max_len); #endif if (drbg->parent_get_seed == NULL) { @@ -244,8 +244,8 @@ static size_t get_entropy(PROV_DRBG *drbg, unsigned char **pout, int entropy, * intentional and correct here. */ bytes = drbg->parent_get_seed(drbg->parent, pout, drbg->strength, - min_len, max_len, prediction_resistance, - (unsigned char *)&drbg, sizeof(drbg)); + min_len, max_len, prediction_resistance, + (unsigned char *)&drbg, sizeof(drbg)); ossl_drbg_unlock_parent(drbg); return bytes; } @@ -315,14 +315,14 @@ static const OSSL_LIB_CTX_METHOD drbg_nonce_ossl_ctx_method = { /* Get a nonce from the operating system */ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg, unsigned char **pout, - size_t min_len, size_t max_len) + size_t min_len, size_t max_len) { size_t ret = 0, n; unsigned char *buf = NULL; OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(drbg->provctx); PROV_DRBG_NONCE_GLOBAL *dngbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_DRBG_NONCE_INDEX, - &drbg_nonce_ossl_ctx_method); + &drbg_nonce_ossl_ctx_method); struct { void *drbg; int count; @@ -333,10 +333,10 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg, unsigned char **pout, if (drbg->parent != NULL && drbg->parent_nonce != NULL) { n = drbg->parent_nonce(drbg->parent, NULL, 0, drbg->min_noncelen, - drbg->max_noncelen); + drbg->max_noncelen); if (n > 0 && (buf = OPENSSL_malloc(n)) != NULL) { ret = drbg->parent_nonce(drbg->parent, buf, 0, - drbg->min_noncelen, drbg->max_noncelen); + drbg->min_noncelen, drbg->max_noncelen); if (ret == n) { *pout = buf; return ret; @@ -349,9 +349,9 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg, unsigned char **pout, memset(&data, 0, sizeof(data)); data.drbg = drbg; CRYPTO_atomic_add(&dngbl->rand_nonce_count, 1, &data.count, - dngbl->rand_nonce_lock); + dngbl->rand_nonce_lock); return ossl_prov_get_nonce(drbg->provctx, pout, min_len, max_len, - &data, sizeof(data)); + &data, sizeof(data)); } #endif /* PROV_RAND_GET_RANDOM_NONCE */ @@ -364,8 +364,8 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg, unsigned char **pout, * Returns 1 on success, 0 on failure. */ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, - int prediction_resistance, - const unsigned char *pers, size_t perslen) + int prediction_resistance, + const unsigned char *pers, size_t perslen) { unsigned char *nonce = NULL, *entropy = NULL; size_t noncelen = 0, entropylen = 0; @@ -401,8 +401,8 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, if (drbg->min_noncelen > 0) { if (drbg->parent_nonce != NULL) { noncelen = drbg->parent_nonce(drbg->parent, NULL, drbg->strength, - drbg->min_noncelen, - drbg->max_noncelen); + drbg->min_noncelen, + drbg->max_noncelen); if (noncelen == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_NONCE); goto end; @@ -412,10 +412,7 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_NONCE); goto end; } - if (noncelen != drbg->parent_nonce(drbg->parent, nonce, - drbg->strength, - drbg->min_noncelen, - drbg->max_noncelen)) { + if (noncelen != drbg->parent_nonce(drbg->parent, nonce, drbg->strength, drbg->min_noncelen, drbg->max_noncelen)) { ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_NONCE); goto end; } @@ -435,10 +432,10 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, } #ifndef PROV_RAND_GET_RANDOM_NONCE else { /* parent == NULL */ - noncelen = prov_drbg_get_nonce(drbg, &nonce, drbg->min_noncelen, - drbg->max_noncelen); + noncelen = prov_drbg_get_nonce(drbg, &nonce, drbg->min_noncelen, + drbg->max_noncelen); if (noncelen < drbg->min_noncelen - || noncelen > drbg->max_noncelen) { + || noncelen > drbg->max_noncelen) { ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_NONCE); goto end; } @@ -454,16 +451,16 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, } entropylen = get_entropy(drbg, &entropy, min_entropy, - min_entropylen, max_entropylen, - prediction_resistance); + min_entropylen, max_entropylen, + prediction_resistance); if (entropylen < min_entropylen - || entropylen > max_entropylen) { + || entropylen > max_entropylen) { ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_ENTROPY); goto end; } if (!drbg->instantiate(drbg, entropy, entropylen, nonce, noncelen, - pers, perslen)) { + pers, perslen)) { cleanup_entropy(drbg, entropy, entropylen); ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_INSTANTIATING_DRBG); goto end; @@ -475,7 +472,7 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, drbg->reseed_time = time(NULL); tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter); - end: +end: if (nonce != NULL) ossl_prov_cleanup_nonce(drbg->provctx, nonce, noncelen); if (drbg->state == EVP_RAND_STATE_READY) @@ -504,8 +501,8 @@ int ossl_prov_drbg_uninstantiate(PROV_DRBG *drbg) * Returns 1 on success, 0 on failure. */ int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adinlen) + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adinlen) { unsigned char *entropy = NULL; size_t entropylen = 0; @@ -582,10 +579,10 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance, /* Reseed using our sources in addition */ entropylen = get_entropy(drbg, &entropy, drbg->strength, - drbg->min_entropylen, drbg->max_entropylen, - prediction_resistance); + drbg->min_entropylen, drbg->max_entropylen, + prediction_resistance); if (entropylen < drbg->min_entropylen - || entropylen > drbg->max_entropylen) { + || entropylen > drbg->max_entropylen) { ERR_raise(ERR_LIB_PROV, PROV_R_ERROR_RETRIEVING_ENTROPY); goto end; } @@ -600,7 +597,7 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance, if (drbg->parent != NULL) drbg->parent_reseed_counter = get_parent_reseed_count(drbg); - end: +end: cleanup_entropy(drbg, entropy, entropylen); if (drbg->state == EVP_RAND_STATE_READY) return 1; @@ -618,8 +615,8 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance, * */ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen, - unsigned int strength, int prediction_resistance, - const unsigned char *adin, size_t adinlen) + unsigned int strength, int prediction_resistance, + const unsigned char *adin, size_t adinlen) { int fork_id; int reseed_required = 0; @@ -672,12 +669,12 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen, reseed_required = 1; } if (drbg->parent != NULL - && get_parent_reseed_count(drbg) != drbg->parent_reseed_counter) + && get_parent_reseed_count(drbg) != drbg->parent_reseed_counter) reseed_required = 1; if (reseed_required || prediction_resistance) { if (!ossl_prov_drbg_reseed(drbg, prediction_resistance, NULL, 0, - adin, adinlen)) { + adin, adinlen)) { ERR_raise(ERR_LIB_PROV, PROV_R_RESEED_ERROR); return 0; } @@ -729,7 +726,7 @@ static int rand_drbg_restart(PROV_DRBG *drbg) /* Provider support from here down */ static const OSSL_DISPATCH *find_call(const OSSL_DISPATCH *dispatch, - int function) + int function) { if (dispatch != NULL) while (dispatch->function_id != 0) { @@ -767,19 +764,18 @@ int ossl_drbg_enable_locking(void *vctx) * * Returns a pointer to the new DRBG instance on success, NULL on failure. */ -PROV_DRBG *ossl_rand_drbg_new - (void *provctx, void *parent, const OSSL_DISPATCH *p_dispatch, - int (*dnew)(PROV_DRBG *ctx), - void (*dfree)(void *vctx), - int (*instantiate)(PROV_DRBG *drbg, - const unsigned char *entropy, size_t entropylen, - const unsigned char *nonce, size_t noncelen, - const unsigned char *pers, size_t perslen), - int (*uninstantiate)(PROV_DRBG *ctx), - int (*reseed)(PROV_DRBG *drbg, const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len), - int (*generate)(PROV_DRBG *, unsigned char *out, size_t outlen, - const unsigned char *adin, size_t adin_len)) +PROV_DRBG *ossl_rand_drbg_new(void *provctx, void *parent, const OSSL_DISPATCH *p_dispatch, + int (*dnew)(PROV_DRBG *ctx), + void (*dfree)(void *vctx), + int (*instantiate)(PROV_DRBG *drbg, + const unsigned char *entropy, size_t entropylen, + const unsigned char *nonce, size_t noncelen, + const unsigned char *pers, size_t perslen), + int (*uninstantiate)(PROV_DRBG *ctx), + int (*reseed)(PROV_DRBG *drbg, const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len), + int (*generate)(PROV_DRBG *, unsigned char *out, size_t outlen, + const unsigned char *adin, size_t adin_len)) { PROV_DRBG *drbg; unsigned int p_str; @@ -849,7 +845,7 @@ PROV_DRBG *ossl_rand_drbg_new #endif return drbg; - err: +err: dfree(drbg); return NULL; } @@ -917,7 +913,7 @@ int ossl_drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_COUNTER); if (p != NULL - && !OSSL_PARAM_set_uint(p, tsan_load(&drbg->reseed_counter))) + && !OSSL_PARAM_set_uint(p, tsan_load(&drbg->reseed_counter))) return 0; return 1; } diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 269459c1cf09..0ce2dce12936 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -101,7 +101,7 @@ static void ctr_XOR(PROV_DRBG_CTR *ctr, const unsigned char *in, size_t inlen) * Process a complete block using BCC algorithm of SP 800-90A 10.3.3 */ __owur static int ctr_BCC_block(PROV_DRBG_CTR *ctr, unsigned char *out, - const unsigned char *in, int len) + const unsigned char *in, int len) { int i, outlen = AES_BLOCK_SIZE; @@ -114,7 +114,6 @@ __owur static int ctr_BCC_block(PROV_DRBG_CTR *ctr, unsigned char *out, return 1; } - /* * Handle several BCC operations for as much data as we need for K and X */ @@ -138,7 +137,7 @@ __owur static int ctr_BCC_blocks(PROV_DRBG_CTR *ctr, const unsigned char *in) */ __owur static int ctr_BCC_init(PROV_DRBG_CTR *ctr) { - unsigned char bltmp[48] = {0}; + unsigned char bltmp[48] = { 0 }; unsigned char num_of_blk; memset(ctr->KX, 0, 48); @@ -152,7 +151,7 @@ __owur static int ctr_BCC_init(PROV_DRBG_CTR *ctr) * Process several blocks into BCC algorithm, some possibly partial */ __owur static int ctr_BCC_update(PROV_DRBG_CTR *ctr, - const unsigned char *in, size_t inlen) + const unsigned char *in, size_t inlen) { if (in == NULL || inlen == 0) return 1; @@ -197,9 +196,9 @@ __owur static int ctr_BCC_final(PROV_DRBG_CTR *ctr) } __owur static int ctr_df(PROV_DRBG_CTR *ctr, - const unsigned char *in1, size_t in1len, - const unsigned char *in2, size_t in2len, - const unsigned char *in3, size_t in3len) + const unsigned char *in1, size_t in1len, + const unsigned char *in2, size_t in2len, + const unsigned char *in3, size_t in3len) { static unsigned char c80 = 0x80; size_t inlen; @@ -238,16 +237,16 @@ __owur static int ctr_df(PROV_DRBG_CTR *ctr, return 0; /* X follows key K */ if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX, &outlen, ctr->KX + ctr->keylen, - AES_BLOCK_SIZE) + AES_BLOCK_SIZE) || outlen != AES_BLOCK_SIZE) return 0; if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 16, &outlen, ctr->KX, - AES_BLOCK_SIZE) + AES_BLOCK_SIZE) || outlen != AES_BLOCK_SIZE) return 0; if (ctr->keylen != 16) if (!EVP_CipherUpdate(ctr->ctx_ecb, ctr->KX + 32, &outlen, - ctr->KX + 16, AES_BLOCK_SIZE) + ctr->KX + 16, AES_BLOCK_SIZE) || outlen != AES_BLOCK_SIZE) return 0; return 1; @@ -260,9 +259,9 @@ __owur static int ctr_df(PROV_DRBG_CTR *ctr, * so we handle both cases in this function instead. */ __owur static int ctr_update(PROV_DRBG *drbg, - const unsigned char *in1, size_t in1len, - const unsigned char *in2, size_t in2len, - const unsigned char *nonce, size_t noncelen) + const unsigned char *in1, size_t in1len, + const unsigned char *in2, size_t in2len, + const unsigned char *nonce, size_t noncelen) { PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; int outlen = AES_BLOCK_SIZE; @@ -281,7 +280,7 @@ __owur static int ctr_update(PROV_DRBG *drbg, len = 48; } if (!EVP_CipherUpdate(ctr->ctx_ecb, out, &outlen, V_tmp, len) - || outlen != len) + || outlen != len) return 0; memcpy(ctr->K, out, ctr->keylen); memcpy(ctr->V, out + ctr->keylen, 16); @@ -306,9 +305,9 @@ __owur static int ctr_update(PROV_DRBG *drbg, } static int drbg_ctr_instantiate(PROV_DRBG *drbg, - const unsigned char *entropy, size_t entropylen, - const unsigned char *nonce, size_t noncelen, - const unsigned char *pers, size_t perslen) + const unsigned char *entropy, size_t entropylen, + const unsigned char *nonce, size_t noncelen, + const unsigned char *pers, size_t perslen) { PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; @@ -327,22 +326,22 @@ static int drbg_ctr_instantiate(PROV_DRBG *drbg, } static int drbg_ctr_instantiate_wrapper(void *vdrbg, unsigned int strength, - int prediction_resistance, - const unsigned char *pstr, - size_t pstr_len, - const OSSL_PARAM params[]) + int prediction_resistance, + const unsigned char *pstr, + size_t pstr_len, + const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; if (!ossl_prov_is_running() || !drbg_ctr_set_ctx_params(drbg, params)) return 0; return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance, - pstr, pstr_len); + pstr, pstr_len); } static int drbg_ctr_reseed(PROV_DRBG *drbg, - const unsigned char *entropy, size_t entropylen, - const unsigned char *adin, size_t adinlen) + const unsigned char *entropy, size_t entropylen, + const unsigned char *adin, size_t adinlen) { PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; @@ -356,13 +355,13 @@ static int drbg_ctr_reseed(PROV_DRBG *drbg, } static int drbg_ctr_reseed_wrapper(void *vdrbg, int prediction_resistance, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; return ossl_prov_drbg_reseed(drbg, prediction_resistance, ent, ent_len, - adin, adin_len); + adin, adin_len); } static void ctr96_inc(unsigned char *counter) @@ -378,8 +377,8 @@ static void ctr96_inc(unsigned char *counter) } static int drbg_ctr_generate(PROV_DRBG *drbg, - unsigned char *out, size_t outlen, - const unsigned char *adin, size_t adinlen) + unsigned char *out, size_t outlen, + const unsigned char *adin, size_t adinlen) { PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data; unsigned int ctr32, blocks; @@ -413,7 +412,7 @@ static int drbg_ctr_generate(PROV_DRBG *drbg, do { if (!EVP_CipherInit_ex(ctr->ctx_ctr, - NULL, NULL, NULL, ctr->V, -1)) + NULL, NULL, NULL, ctr->V, -1)) return 0; /*- @@ -451,15 +450,14 @@ static int drbg_ctr_generate(PROV_DRBG *drbg, return 1; } -static int drbg_ctr_generate_wrapper - (void *vdrbg, unsigned char *out, size_t outlen, - unsigned int strength, int prediction_resistance, - const unsigned char *adin, size_t adin_len) +static int drbg_ctr_generate_wrapper(void *vdrbg, unsigned char *out, size_t outlen, + unsigned int strength, int prediction_resistance, + const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; return ossl_prov_drbg_generate(drbg, out, outlen, strength, - prediction_resistance, adin, adin_len); + prediction_resistance, adin, adin_len); } static int drbg_ctr_uninstantiate(PROV_DRBG *drbg) @@ -546,9 +544,9 @@ static int drbg_ctr_init(PROV_DRBG *drbg) } if (!EVP_CipherInit_ex(ctr->ctx_ecb, - ctr->cipher_ecb, NULL, NULL, NULL, 1) + ctr->cipher_ecb, NULL, NULL, NULL, 1) || !EVP_CipherInit_ex(ctr->ctx_ctr, - ctr->cipher_ctr, NULL, NULL, NULL, 1)) { + ctr->cipher_ctr, NULL, NULL, NULL, 1)) { ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_INITIALISE_CIPHERS); goto err; } @@ -573,7 +571,7 @@ static int drbg_ctr_init(PROV_DRBG *drbg) } /* Set key schedule for df_key */ if (!EVP_CipherInit_ex(ctr->ctx_df, - ctr->cipher_ecb, NULL, df_key, NULL, 1)) { + ctr->cipher_ecb, NULL, df_key, NULL, 1)) { ERR_raise(ERR_LIB_PROV, PROV_R_DERIVATION_FUNCTION_INIT_FAILED); goto err; } @@ -603,12 +601,12 @@ static int drbg_ctr_new(PROV_DRBG *drbg) } static void *drbg_ctr_new_wrapper(void *provctx, void *parent, - const OSSL_DISPATCH *parent_dispatch) + const OSSL_DISPATCH *parent_dispatch) { return ossl_rand_drbg_new(provctx, parent, parent_dispatch, - &drbg_ctr_new, &drbg_ctr_free, - &drbg_ctr_instantiate, &drbg_ctr_uninstantiate, - &drbg_ctr_reseed, &drbg_ctr_generate); + &drbg_ctr_new, &drbg_ctr_free, + &drbg_ctr_instantiate, &drbg_ctr_uninstantiate, + &drbg_ctr_reseed, &drbg_ctr_generate); } static void drbg_ctr_free(void *vdrbg) @@ -642,7 +640,7 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) if (p != NULL) { if (ctr->cipher_ctr == NULL || !OSSL_PARAM_set_utf8_string(p, - EVP_CIPHER_get0_name(ctr->cipher_ctr))) + EVP_CIPHER_get0_name(ctr->cipher_ctr))) return 0; } @@ -650,7 +648,7 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) } static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(ossl_unused void *vctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_CIPHER, NULL, 0), @@ -672,14 +670,15 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) int i, cipher_init = 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_USE_DF)) != NULL - && OSSL_PARAM_get_int(p, &i)) { + && OSSL_PARAM_get_int(p, &i)) { /* FIPS errors out in the drbg_ctr_init() call later */ ctr->use_df = i != 0; cipher_init = 1; } if ((p = OSSL_PARAM_locate_const(params, - OSSL_DRBG_PARAM_PROPERTIES)) != NULL) { + OSSL_DRBG_PARAM_PROPERTIES)) + != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; propquery = (const char *)p->data; @@ -691,7 +690,7 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) size_t ecb_str_len = sizeof("ECB") - 1; if (p->data_type != OSSL_PARAM_UTF8_STRING - || p->data_size < ctr_str_len) + || p->data_size < ctr_str_len) return 0; if (OPENSSL_strcasecmp("CTR", base + p->data_size - ctr_str_len) != 0) { ERR_raise(ERR_LIB_PROV, PROV_R_REQUIRE_CTR_MODE_CIPHER); @@ -721,7 +720,7 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *drbg_ctr_settable_ctx_params(ossl_unused void *vctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0), @@ -734,26 +733,26 @@ static const OSSL_PARAM *drbg_ctr_settable_ctx_params(ossl_unused void *vctx, } const OSSL_DISPATCH ossl_drbg_ctr_functions[] = { - { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))drbg_ctr_new_wrapper }, - { OSSL_FUNC_RAND_FREECTX, (void(*)(void))drbg_ctr_free }, + { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))drbg_ctr_new_wrapper }, + { OSSL_FUNC_RAND_FREECTX, (void (*)(void))drbg_ctr_free }, { OSSL_FUNC_RAND_INSTANTIATE, - (void(*)(void))drbg_ctr_instantiate_wrapper }, + (void (*)(void))drbg_ctr_instantiate_wrapper }, { OSSL_FUNC_RAND_UNINSTANTIATE, - (void(*)(void))drbg_ctr_uninstantiate_wrapper }, - { OSSL_FUNC_RAND_GENERATE, (void(*)(void))drbg_ctr_generate_wrapper }, - { OSSL_FUNC_RAND_RESEED, (void(*)(void))drbg_ctr_reseed_wrapper }, - { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))ossl_drbg_enable_locking }, - { OSSL_FUNC_RAND_LOCK, (void(*)(void))ossl_drbg_lock }, - { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))ossl_drbg_unlock }, + (void (*)(void))drbg_ctr_uninstantiate_wrapper }, + { OSSL_FUNC_RAND_GENERATE, (void (*)(void))drbg_ctr_generate_wrapper }, + { OSSL_FUNC_RAND_RESEED, (void (*)(void))drbg_ctr_reseed_wrapper }, + { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))ossl_drbg_enable_locking }, + { OSSL_FUNC_RAND_LOCK, (void (*)(void))ossl_drbg_lock }, + { OSSL_FUNC_RAND_UNLOCK, (void (*)(void))ossl_drbg_unlock }, { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS, - (void(*)(void))drbg_ctr_settable_ctx_params }, - { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))drbg_ctr_set_ctx_params }, + (void (*)(void))drbg_ctr_settable_ctx_params }, + { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void (*)(void))drbg_ctr_set_ctx_params }, { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, - (void(*)(void))drbg_ctr_gettable_ctx_params }, - { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_ctr_get_ctx_params }, + (void (*)(void))drbg_ctr_gettable_ctx_params }, + { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void (*)(void))drbg_ctr_get_ctx_params }, { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, - (void(*)(void))drbg_ctr_verify_zeroization }, - { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))ossl_drbg_get_seed }, - { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))ossl_drbg_clear_seed }, + (void (*)(void))drbg_ctr_verify_zeroization }, + { OSSL_FUNC_RAND_GET_SEED, (void (*)(void))ossl_drbg_get_seed }, + { OSSL_FUNC_RAND_CLEAR_SEED, (void (*)(void))ossl_drbg_clear_seed }, { 0, NULL } }; diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index de9375793d5a..60ba33356ecf 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -1,5 +1,5 @@ /* - * Copyright 2011-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2011-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -36,13 +36,13 @@ static OSSL_FUNC_rand_get_ctx_params_fn drbg_hash_get_ctx_params; static OSSL_FUNC_rand_verify_zeroization_fn drbg_hash_verify_zeroization; /* 888 bits from SP800-90Ar1 10.1 table 2 */ -#define HASH_PRNG_MAX_SEEDLEN (888/8) +#define HASH_PRNG_MAX_SEEDLEN (888 / 8) /* 440 bits from SP800-90Ar1 10.1 table 2 */ -#define HASH_PRNG_SMALL_SEEDLEN (440/8) +#define HASH_PRNG_SMALL_SEEDLEN (440 / 8) /* Determine what seedlen to use based on the block length */ -#define MAX_BLOCKLEN_USING_SMALL_SEEDLEN (256/8) +#define MAX_BLOCKLEN_USING_SMALL_SEEDLEN (256 / 8) #define INBYTE_IGNORE ((unsigned char)0xFF) typedef struct rand_drbg_hash_st { @@ -65,10 +65,10 @@ typedef struct rand_drbg_hash_st { * These are concatenated as part of the DigestUpdate process. */ static int hash_df(PROV_DRBG *drbg, unsigned char *out, - const unsigned char inbyte, - const unsigned char *in, size_t inlen, - const unsigned char *in2, size_t in2len, - const unsigned char *in3, size_t in3len) + const unsigned char inbyte, + const unsigned char *in, size_t inlen, + const unsigned char *in2, size_t in2len, + const unsigned char *in3, size_t in3len) { PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)drbg->data; EVP_MD_CTX *ctx = hash->ctx; @@ -113,7 +113,7 @@ static int hash_df(PROV_DRBG *drbg, unsigned char *out, memcpy(out, vtmp, outlen); OPENSSL_cleanse(vtmp, hash->blocklen); break; - } else if(!EVP_DigestFinal(ctx, out, NULL)) { + } else if (!EVP_DigestFinal(ctx, out, NULL)) { return 0; } @@ -129,8 +129,8 @@ static int hash_df(PROV_DRBG *drbg, unsigned char *out, /* Helper function that just passes 2 input parameters to hash_df() */ static int hash_df1(PROV_DRBG *drbg, unsigned char *out, - const unsigned char in_byte, - const unsigned char *in1, size_t in1len) + const unsigned char in_byte, + const unsigned char *in1, size_t in1len) { return hash_df(drbg, out, in_byte, in1, in1len, NULL, 0, NULL, 0); } @@ -142,7 +142,7 @@ static int hash_df1(PROV_DRBG *drbg, unsigned char *out, * where dst size is drbg->seedlen, and inlen <= drbg->seedlen. */ static int add_bytes(PROV_DRBG *drbg, unsigned char *dst, - unsigned char *in, size_t inlen) + unsigned char *in, size_t inlen) { size_t i; int result; @@ -163,8 +163,8 @@ static int add_bytes(PROV_DRBG *drbg, unsigned char *dst, if (carry != 0) { /* Add the carry to the top of the dst if inlen is not the same size */ for (i = drbg->seedlen - inlen; i > 0; --i, d--) { - *d += 1; /* Carry can only be 1 */ - if (*d != 0) /* exit if carry doesnt propagate to the next byte */ + *d += 1; /* Carry can only be 1 */ + if (*d != 0) /* exit if carry doesn't propagate to the next byte */ break; } } @@ -173,17 +173,17 @@ static int add_bytes(PROV_DRBG *drbg, unsigned char *dst, /* V = (V + Hash(inbyte || V || [additional_input]) mod (2^seedlen) */ static int add_hash_to_v(PROV_DRBG *drbg, unsigned char inbyte, - const unsigned char *adin, size_t adinlen) + const unsigned char *adin, size_t adinlen) { PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)drbg->data; EVP_MD_CTX *ctx = hash->ctx; return EVP_DigestInit_ex(ctx, ossl_prov_digest_md(&hash->digest), NULL) - && EVP_DigestUpdate(ctx, &inbyte, 1) - && EVP_DigestUpdate(ctx, hash->V, drbg->seedlen) - && (adin == NULL || EVP_DigestUpdate(ctx, adin, adinlen)) - && EVP_DigestFinal(ctx, hash->vtmp, NULL) - && add_bytes(drbg, hash->V, hash->vtmp, hash->blocklen); + && EVP_DigestUpdate(ctx, &inbyte, 1) + && EVP_DigestUpdate(ctx, hash->V, drbg->seedlen) + && (adin == NULL || EVP_DigestUpdate(ctx, adin, adinlen)) + && EVP_DigestFinal(ctx, hash->vtmp, NULL) + && add_bytes(drbg, hash->V, hash->vtmp, hash->blocklen); } /* @@ -212,10 +212,10 @@ static int hash_gen(PROV_DRBG *drbg, unsigned char *out, size_t outlen) if (outlen == 0) return 1; memcpy(hash->vtmp, hash->V, drbg->seedlen); - for(;;) { + for (;;) { if (!EVP_DigestInit_ex(hash->ctx, ossl_prov_digest_md(&hash->digest), - NULL) - || !EVP_DigestUpdate(hash->ctx, hash->vtmp, drbg->seedlen)) + NULL) + || !EVP_DigestUpdate(hash->ctx, hash->vtmp, drbg->seedlen)) return 0; if (outlen < hash->blocklen) { @@ -246,9 +246,9 @@ static int hash_gen(PROV_DRBG *drbg, unsigned char *out, size_t outlen) * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hash_instantiate(PROV_DRBG *drbg, - const unsigned char *ent, size_t ent_len, - const unsigned char *nonce, size_t nonce_len, - const unsigned char *pstr, size_t pstr_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *nonce, size_t nonce_len, + const unsigned char *pstr, size_t pstr_len) { PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)drbg->data; @@ -257,24 +257,24 @@ static int drbg_hash_instantiate(PROV_DRBG *drbg, /* (Step 1-3) V = Hash_df(entropy||nonce||pers, seedlen) */ return hash->ctx != NULL - && hash_df(drbg, hash->V, INBYTE_IGNORE, - ent, ent_len, nonce, nonce_len, pstr, pstr_len) - /* (Step 4) C = Hash_df(0x00||V, seedlen) */ - && hash_df1(drbg, hash->C, 0x00, hash->V, drbg->seedlen); + && hash_df(drbg, hash->V, INBYTE_IGNORE, + ent, ent_len, nonce, nonce_len, pstr, pstr_len) + /* (Step 4) C = Hash_df(0x00||V, seedlen) */ + && hash_df1(drbg, hash->C, 0x00, hash->V, drbg->seedlen); } static int drbg_hash_instantiate_wrapper(void *vdrbg, unsigned int strength, - int prediction_resistance, - const unsigned char *pstr, - size_t pstr_len, - const OSSL_PARAM params[]) + int prediction_resistance, + const unsigned char *pstr, + size_t pstr_len, + const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; if (!ossl_prov_is_running() || !drbg_hash_set_ctx_params(drbg, params)) return 0; return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance, - pstr, pstr_len); + pstr, pstr_len); } /* @@ -286,15 +286,15 @@ static int drbg_hash_instantiate_wrapper(void *vdrbg, unsigned int strength, * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hash_reseed(PROV_DRBG *drbg, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len) { PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)drbg->data; /* (Step 1-2) V = Hash_df(0x01 || V || entropy_input || additional_input) */ /* V about to be updated so use C as output instead */ if (!hash_df(drbg, hash->C, 0x01, hash->V, drbg->seedlen, ent, ent_len, - adin, adin_len)) + adin, adin_len)) return 0; memcpy(hash->V, hash->C, drbg->seedlen); /* (Step 4) C = Hash_df(0x00||V, seedlen) */ @@ -302,13 +302,13 @@ static int drbg_hash_reseed(PROV_DRBG *drbg, } static int drbg_hash_reseed_wrapper(void *vdrbg, int prediction_resistance, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; return ossl_prov_drbg_reseed(drbg, prediction_resistance, ent, ent_len, - adin, adin_len); + adin, adin_len); } /* @@ -321,8 +321,8 @@ static int drbg_hash_reseed_wrapper(void *vdrbg, int prediction_resistance, * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hash_generate(PROV_DRBG *drbg, - unsigned char *out, size_t outlen, - const unsigned char *adin, size_t adin_len) + unsigned char *out, size_t outlen, + const unsigned char *adin, size_t adin_len) { PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)drbg->data; unsigned char counter[4]; @@ -334,29 +334,28 @@ static int drbg_hash_generate(PROV_DRBG *drbg, counter[3] = (unsigned char)(reseed_counter & 0xff); return hash->ctx != NULL - && (adin == NULL - /* (Step 2) if adin != NULL then V = V + Hash(0x02||V||adin) */ - || adin_len == 0 - || add_hash_to_v(drbg, 0x02, adin, adin_len)) - /* (Step 3) Hashgen(outlen, V) */ - && hash_gen(drbg, out, outlen) - /* (Step 4/5) H = V = (V + Hash(0x03||V) mod (2^seedlen_bits) */ - && add_hash_to_v(drbg, 0x03, NULL, 0) - /* (Step 5) V = (V + H + C + reseed_counter) mod (2^seedlen_bits) */ - /* V = (V + C) mod (2^seedlen_bits) */ - && add_bytes(drbg, hash->V, hash->C, drbg->seedlen) - /* V = (V + reseed_counter) mod (2^seedlen_bits) */ - && add_bytes(drbg, hash->V, counter, 4); + && (adin == NULL + /* (Step 2) if adin != NULL then V = V + Hash(0x02||V||adin) */ + || adin_len == 0 + || add_hash_to_v(drbg, 0x02, adin, adin_len)) + /* (Step 3) Hashgen(outlen, V) */ + && hash_gen(drbg, out, outlen) + /* (Step 4/5) H = V = (V + Hash(0x03||V) mod (2^seedlen_bits) */ + && add_hash_to_v(drbg, 0x03, NULL, 0) + /* (Step 5) V = (V + H + C + reseed_counter) mod (2^seedlen_bits) */ + /* V = (V + C) mod (2^seedlen_bits) */ + && add_bytes(drbg, hash->V, hash->C, drbg->seedlen) + /* V = (V + reseed_counter) mod (2^seedlen_bits) */ + && add_bytes(drbg, hash->V, counter, 4); } -static int drbg_hash_generate_wrapper - (void *vdrbg, unsigned char *out, size_t outlen, unsigned int strength, - int prediction_resistance, const unsigned char *adin, size_t adin_len) +static int drbg_hash_generate_wrapper(void *vdrbg, unsigned char *out, size_t outlen, unsigned int strength, + int prediction_resistance, const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; return ossl_prov_drbg_generate(drbg, out, outlen, strength, - prediction_resistance, adin, adin_len); + prediction_resistance, adin, adin_len); } static int drbg_hash_uninstantiate(PROV_DRBG *drbg) @@ -408,12 +407,12 @@ static int drbg_hash_new(PROV_DRBG *ctx) } static void *drbg_hash_new_wrapper(void *provctx, void *parent, - const OSSL_DISPATCH *parent_dispatch) + const OSSL_DISPATCH *parent_dispatch) { return ossl_rand_drbg_new(provctx, parent, parent_dispatch, - &drbg_hash_new, &drbg_hash_free, - &drbg_hash_instantiate, &drbg_hash_uninstantiate, - &drbg_hash_reseed, &drbg_hash_generate); + &drbg_hash_new, &drbg_hash_free, + &drbg_hash_instantiate, &drbg_hash_uninstantiate, + &drbg_hash_reseed, &drbg_hash_generate); } static void drbg_hash_free(void *vdrbg) @@ -447,7 +446,7 @@ static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) } static const OSSL_PARAM *drbg_hash_gettable_ctx_params(ossl_unused void *vctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0), @@ -493,7 +492,7 @@ static int drbg_hash_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *drbg_hash_settable_ctx_params(ossl_unused void *vctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0), @@ -505,26 +504,26 @@ static const OSSL_PARAM *drbg_hash_settable_ctx_params(ossl_unused void *vctx, } const OSSL_DISPATCH ossl_drbg_hash_functions[] = { - { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))drbg_hash_new_wrapper }, - { OSSL_FUNC_RAND_FREECTX, (void(*)(void))drbg_hash_free }, + { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))drbg_hash_new_wrapper }, + { OSSL_FUNC_RAND_FREECTX, (void (*)(void))drbg_hash_free }, { OSSL_FUNC_RAND_INSTANTIATE, - (void(*)(void))drbg_hash_instantiate_wrapper }, + (void (*)(void))drbg_hash_instantiate_wrapper }, { OSSL_FUNC_RAND_UNINSTANTIATE, - (void(*)(void))drbg_hash_uninstantiate_wrapper }, - { OSSL_FUNC_RAND_GENERATE, (void(*)(void))drbg_hash_generate_wrapper }, - { OSSL_FUNC_RAND_RESEED, (void(*)(void))drbg_hash_reseed_wrapper }, - { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))ossl_drbg_enable_locking }, - { OSSL_FUNC_RAND_LOCK, (void(*)(void))ossl_drbg_lock }, - { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))ossl_drbg_unlock }, + (void (*)(void))drbg_hash_uninstantiate_wrapper }, + { OSSL_FUNC_RAND_GENERATE, (void (*)(void))drbg_hash_generate_wrapper }, + { OSSL_FUNC_RAND_RESEED, (void (*)(void))drbg_hash_reseed_wrapper }, + { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))ossl_drbg_enable_locking }, + { OSSL_FUNC_RAND_LOCK, (void (*)(void))ossl_drbg_lock }, + { OSSL_FUNC_RAND_UNLOCK, (void (*)(void))ossl_drbg_unlock }, { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS, - (void(*)(void))drbg_hash_settable_ctx_params }, - { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))drbg_hash_set_ctx_params }, + (void (*)(void))drbg_hash_settable_ctx_params }, + { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void (*)(void))drbg_hash_set_ctx_params }, { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, - (void(*)(void))drbg_hash_gettable_ctx_params }, - { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_hash_get_ctx_params }, + (void (*)(void))drbg_hash_gettable_ctx_params }, + { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void (*)(void))drbg_hash_get_ctx_params }, { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, - (void(*)(void))drbg_hash_verify_zeroization }, - { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))ossl_drbg_get_seed }, - { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))ossl_drbg_clear_seed }, + (void (*)(void))drbg_hash_verify_zeroization }, + { OSSL_FUNC_RAND_GET_SEED, (void (*)(void))ossl_drbg_get_seed }, + { OSSL_FUNC_RAND_CLEAR_SEED, (void (*)(void))ossl_drbg_clear_seed }, { 0, NULL } }; diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c index 4eb78de0653d..6a4c7f477e90 100644 --- a/providers/implementations/rands/drbg_hmac.c +++ b/providers/implementations/rands/drbg_hmac.c @@ -33,8 +33,8 @@ static OSSL_FUNC_rand_get_ctx_params_fn drbg_hmac_get_ctx_params; static OSSL_FUNC_rand_verify_zeroization_fn drbg_hmac_verify_zeroization; typedef struct rand_drbg_hmac_st { - EVP_MAC_CTX *ctx; /* H(x) = HMAC_hash OR H(x) = KMAC */ - PROV_DIGEST digest; /* H(x) = hash(x) */ + EVP_MAC_CTX *ctx; /* H(x) = HMAC_hash OR H(x) = KMAC */ + PROV_DIGEST digest; /* H(x) = hash(x) */ size_t blocklen; unsigned char K[EVP_MAX_MD_SIZE]; unsigned char V[EVP_MAX_MD_SIZE]; @@ -55,26 +55,26 @@ typedef struct rand_drbg_hmac_st { * Returns zero if an error occurs otherwise it returns 1. */ static int do_hmac(PROV_DRBG_HMAC *hmac, unsigned char inbyte, - const unsigned char *in1, size_t in1len, - const unsigned char *in2, size_t in2len, - const unsigned char *in3, size_t in3len) + const unsigned char *in1, size_t in1len, + const unsigned char *in2, size_t in2len, + const unsigned char *in3, size_t in3len) { EVP_MAC_CTX *ctx = hmac->ctx; if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL) - /* K = HMAC(K, V || inbyte || [in1] || [in2] || [in3]) */ - || !EVP_MAC_update(ctx, hmac->V, hmac->blocklen) - || !EVP_MAC_update(ctx, &inbyte, 1) - || !(in1 == NULL || in1len == 0 || EVP_MAC_update(ctx, in1, in1len)) - || !(in2 == NULL || in2len == 0 || EVP_MAC_update(ctx, in2, in2len)) - || !(in3 == NULL || in3len == 0 || EVP_MAC_update(ctx, in3, in3len)) - || !EVP_MAC_final(ctx, hmac->K, NULL, sizeof(hmac->K))) + /* K = HMAC(K, V || inbyte || [in1] || [in2] || [in3]) */ + || !EVP_MAC_update(ctx, hmac->V, hmac->blocklen) + || !EVP_MAC_update(ctx, &inbyte, 1) + || !(in1 == NULL || in1len == 0 || EVP_MAC_update(ctx, in1, in1len)) + || !(in2 == NULL || in2len == 0 || EVP_MAC_update(ctx, in2, in2len)) + || !(in3 == NULL || in3len == 0 || EVP_MAC_update(ctx, in3, in3len)) + || !EVP_MAC_final(ctx, hmac->K, NULL, sizeof(hmac->K))) return 0; - /* V = HMAC(K, V) */ + /* V = HMAC(K, V) */ return EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL) - && EVP_MAC_update(ctx, hmac->V, hmac->blocklen) - && EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V)); + && EVP_MAC_update(ctx, hmac->V, hmac->blocklen) + && EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V)); } /* @@ -92,9 +92,9 @@ static int do_hmac(PROV_DRBG_HMAC *hmac, unsigned char inbyte, * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hmac_update(PROV_DRBG *drbg, - const unsigned char *in1, size_t in1len, - const unsigned char *in2, size_t in2len, - const unsigned char *in3, size_t in3len) + const unsigned char *in1, size_t in1len, + const unsigned char *in2, size_t in2len, + const unsigned char *in3, size_t in3len) { PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data; @@ -120,9 +120,9 @@ static int drbg_hmac_update(PROV_DRBG *drbg, * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hmac_instantiate(PROV_DRBG *drbg, - const unsigned char *ent, size_t ent_len, - const unsigned char *nonce, size_t nonce_len, - const unsigned char *pstr, size_t pstr_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *nonce, size_t nonce_len, + const unsigned char *pstr, size_t pstr_len) { PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data; @@ -137,21 +137,21 @@ static int drbg_hmac_instantiate(PROV_DRBG *drbg, memset(hmac->V, 0x01, hmac->blocklen); /* (Step 4) (K,V) = HMAC_DRBG_Update(entropy||nonce||pers string, K, V) */ return drbg_hmac_update(drbg, ent, ent_len, nonce, nonce_len, pstr, - pstr_len); + pstr_len); } static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength, - int prediction_resistance, - const unsigned char *pstr, - size_t pstr_len, - const OSSL_PARAM params[]) + int prediction_resistance, + const unsigned char *pstr, + size_t pstr_len, + const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; if (!ossl_prov_is_running() || !drbg_hmac_set_ctx_params(drbg, params)) return 0; return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance, - pstr, pstr_len); + pstr, pstr_len); } /* @@ -165,21 +165,21 @@ static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength, * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hmac_reseed(PROV_DRBG *drbg, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len) { /* (Step 2) (K,V) = HMAC_DRBG_Update(entropy||additional_input, K, V) */ return drbg_hmac_update(drbg, ent, ent_len, adin, adin_len, NULL, 0); } static int drbg_hmac_reseed_wrapper(void *vdrbg, int prediction_resistance, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len) + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; return ossl_prov_drbg_reseed(drbg, prediction_resistance, ent, ent_len, - adin, adin_len); + adin, adin_len); } /* @@ -192,8 +192,8 @@ static int drbg_hmac_reseed_wrapper(void *vdrbg, int prediction_resistance, * Returns zero if an error occurs otherwise it returns 1. */ static int drbg_hmac_generate(PROV_DRBG *drbg, - unsigned char *out, size_t outlen, - const unsigned char *adin, size_t adin_len) + unsigned char *out, size_t outlen, + const unsigned char *adin, size_t adin_len) { PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data; EVP_MAC_CTX *ctx = hmac->ctx; @@ -201,8 +201,8 @@ static int drbg_hmac_generate(PROV_DRBG *drbg, /* (Step 2) if adin != NULL then (K,V) = HMAC_DRBG_Update(adin, K, V) */ if (adin != NULL - && adin_len > 0 - && !drbg_hmac_update(drbg, adin, adin_len, NULL, 0, NULL, 0)) + && adin_len > 0 + && !drbg_hmac_update(drbg, adin, adin_len, NULL, 0, NULL, 0)) return 0; /* @@ -237,14 +237,13 @@ static int drbg_hmac_generate(PROV_DRBG *drbg, return 1; } -static int drbg_hmac_generate_wrapper - (void *vdrbg, unsigned char *out, size_t outlen, unsigned int strength, - int prediction_resistance, const unsigned char *adin, size_t adin_len) +static int drbg_hmac_generate_wrapper(void *vdrbg, unsigned char *out, size_t outlen, unsigned int strength, + int prediction_resistance, const unsigned char *adin, size_t adin_len) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; return ossl_prov_drbg_generate(drbg, out, outlen, strength, - prediction_resistance, adin, adin_len); + prediction_resistance, adin, adin_len); } static int drbg_hmac_uninstantiate(PROV_DRBG *drbg) @@ -294,12 +293,12 @@ static int drbg_hmac_new(PROV_DRBG *drbg) } static void *drbg_hmac_new_wrapper(void *provctx, void *parent, - const OSSL_DISPATCH *parent_dispatch) + const OSSL_DISPATCH *parent_dispatch) { return ossl_rand_drbg_new(provctx, parent, parent_dispatch, - &drbg_hmac_new, &drbg_hmac_free, - &drbg_hmac_instantiate, &drbg_hmac_uninstantiate, - &drbg_hmac_reseed, &drbg_hmac_generate); + &drbg_hmac_new, &drbg_hmac_free, + &drbg_hmac_instantiate, &drbg_hmac_uninstantiate, + &drbg_hmac_reseed, &drbg_hmac_generate); } static void drbg_hmac_free(void *vdrbg) @@ -343,7 +342,7 @@ static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) } static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(ossl_unused void *vctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0), @@ -376,7 +375,7 @@ static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } if (!ossl_prov_macctx_load_from_params(&hmac->ctx, params, - NULL, NULL, NULL, libctx)) + NULL, NULL, NULL, libctx)) return 0; if (hmac->ctx != NULL) { @@ -395,7 +394,7 @@ static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *drbg_hmac_settable_ctx_params(ossl_unused void *vctx, - ossl_unused void *p_ctx) + ossl_unused void *p_ctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0), @@ -408,26 +407,26 @@ static const OSSL_PARAM *drbg_hmac_settable_ctx_params(ossl_unused void *vctx, } const OSSL_DISPATCH ossl_drbg_ossl_hmac_functions[] = { - { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))drbg_hmac_new_wrapper }, - { OSSL_FUNC_RAND_FREECTX, (void(*)(void))drbg_hmac_free }, + { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))drbg_hmac_new_wrapper }, + { OSSL_FUNC_RAND_FREECTX, (void (*)(void))drbg_hmac_free }, { OSSL_FUNC_RAND_INSTANTIATE, - (void(*)(void))drbg_hmac_instantiate_wrapper }, + (void (*)(void))drbg_hmac_instantiate_wrapper }, { OSSL_FUNC_RAND_UNINSTANTIATE, - (void(*)(void))drbg_hmac_uninstantiate_wrapper }, - { OSSL_FUNC_RAND_GENERATE, (void(*)(void))drbg_hmac_generate_wrapper }, - { OSSL_FUNC_RAND_RESEED, (void(*)(void))drbg_hmac_reseed_wrapper }, - { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))ossl_drbg_enable_locking }, - { OSSL_FUNC_RAND_LOCK, (void(*)(void))ossl_drbg_lock }, - { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))ossl_drbg_unlock }, + (void (*)(void))drbg_hmac_uninstantiate_wrapper }, + { OSSL_FUNC_RAND_GENERATE, (void (*)(void))drbg_hmac_generate_wrapper }, + { OSSL_FUNC_RAND_RESEED, (void (*)(void))drbg_hmac_reseed_wrapper }, + { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))ossl_drbg_enable_locking }, + { OSSL_FUNC_RAND_LOCK, (void (*)(void))ossl_drbg_lock }, + { OSSL_FUNC_RAND_UNLOCK, (void (*)(void))ossl_drbg_unlock }, { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS, - (void(*)(void))drbg_hmac_settable_ctx_params }, - { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))drbg_hmac_set_ctx_params }, + (void (*)(void))drbg_hmac_settable_ctx_params }, + { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void (*)(void))drbg_hmac_set_ctx_params }, { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, - (void(*)(void))drbg_hmac_gettable_ctx_params }, - { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_hmac_get_ctx_params }, + (void (*)(void))drbg_hmac_gettable_ctx_params }, + { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void (*)(void))drbg_hmac_get_ctx_params }, { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, - (void(*)(void))drbg_hmac_verify_zeroization }, - { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))ossl_drbg_get_seed }, - { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))ossl_drbg_clear_seed }, + (void (*)(void))drbg_hmac_verify_zeroization }, + { OSSL_FUNC_RAND_GET_SEED, (void (*)(void))ossl_drbg_get_seed }, + { OSSL_FUNC_RAND_CLEAR_SEED, (void (*)(void))ossl_drbg_clear_seed }, { 0, NULL } }; diff --git a/providers/implementations/rands/drbg_local.h b/providers/implementations/rands/drbg_local.h index 2f3aacdea871..6fd753ddedf8 100644 --- a/providers/implementations/rands/drbg_local.h +++ b/providers/implementations/rands/drbg_local.h @@ -8,27 +8,27 @@ */ #ifndef OSSL_CRYPTO_PROV_LOCAL_H -# define OSSL_CRYPTO_PROV_LOCAL_H +#define OSSL_CRYPTO_PROV_LOCAL_H -# include <openssl/evp.h> -# include <openssl/core_dispatch.h> -# include <openssl/core_names.h> -# include <openssl/params.h> -# include "internal/tsan_assist.h" -# include "internal/nelem.h" -# include "internal/numbers.h" -# include "prov/provider_ctx.h" +#include <openssl/evp.h> +#include <openssl/core_dispatch.h> +#include <openssl/core_names.h> +#include <openssl/params.h> +#include "internal/tsan_assist.h" +#include "internal/nelem.h" +#include "internal/numbers.h" +#include "prov/provider_ctx.h" /* How many times to read the TSC as a randomness source. */ -# define TSC_READ_COUNT 4 +#define TSC_READ_COUNT 4 /* Maximum reseed intervals */ -# define MAX_RESEED_INTERVAL (1 << 24) -# define MAX_RESEED_TIME_INTERVAL (1 << 20) /* approx. 12 days */ +#define MAX_RESEED_INTERVAL (1 << 24) +#define MAX_RESEED_TIME_INTERVAL (1 << 20) /* approx. 12 days */ /* Default reseed intervals */ -# define RESEED_INTERVAL (1 << 8) -# define TIME_INTERVAL (60*60) /* 1 hour */ +#define RESEED_INTERVAL (1 << 8) +#define TIME_INTERVAL (60 * 60) /* 1 hour */ /* * The number of bytes that constitutes an atomic lump of entropy with respect @@ -38,7 +38,7 @@ * * The value is in bytes. */ -#define CRNGT_BUFSIZ 16 +#define CRNGT_BUFSIZ 16 /* * Maximum input size for the DRBG (entropy, nonce, personalization string) @@ -47,15 +47,15 @@ * * We lower it to 'only' INT32_MAX bytes, which is equivalent to 2 gigabytes. */ -# define DRBG_MAX_LENGTH INT32_MAX +#define DRBG_MAX_LENGTH INT32_MAX /* The default nonce */ #ifdef CHARSET_EBCDIC -# define DRBG_DEFAULT_PERS_STRING { 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53, \ - 0x4c, 0x20, 0x4e, 0x49, 0x53, 0x54, 0x20, 0x53, 0x50, 0x20, 0x38, 0x30, \ - 0x30, 0x2d, 0x39, 0x30, 0x41, 0x20, 0x44, 0x52, 0x42, 0x47, 0x00}; +#define DRBG_DEFAULT_PERS_STRING { 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53, \ + 0x4c, 0x20, 0x4e, 0x49, 0x53, 0x54, 0x20, 0x53, 0x50, 0x20, 0x38, 0x30, \ + 0x30, 0x2d, 0x39, 0x30, 0x41, 0x20, 0x44, 0x52, 0x42, 0x47, 0x00 }; #else -# define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG" +#define DRBG_DEFAULT_PERS_STRING "OpenSSL NIST SP 800-90A DRBG" #endif typedef struct prov_drbg_st PROV_DRBG; @@ -76,14 +76,14 @@ struct prov_drbg_st { /* Virtual functions are cache here */ int (*instantiate)(PROV_DRBG *drbg, - const unsigned char *entropy, size_t entropylen, - const unsigned char *nonce, size_t noncelen, - const unsigned char *pers, size_t perslen); + const unsigned char *entropy, size_t entropylen, + const unsigned char *nonce, size_t noncelen, + const unsigned char *pers, size_t perslen); int (*uninstantiate)(PROV_DRBG *ctx); int (*reseed)(PROV_DRBG *drbg, const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len); + const unsigned char *adin, size_t adin_len); int (*generate)(PROV_DRBG *, unsigned char *out, size_t outlen, - const unsigned char *adin, size_t adin_len); + const unsigned char *adin, size_t adin_len); /* Parent PROV_RAND and its dispatch table functions */ void *parent; @@ -178,34 +178,33 @@ struct prov_drbg_st { OSSL_CALLBACK *cleanup_nonce_fn; }; -PROV_DRBG *ossl_rand_drbg_new - (void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch, - int (*dnew)(PROV_DRBG *ctx), - void (*dfree)(void *vctx), - int (*instantiate)(PROV_DRBG *drbg, - const unsigned char *entropy, size_t entropylen, - const unsigned char *nonce, size_t noncelen, - const unsigned char *pers, size_t perslen), - int (*uninstantiate)(PROV_DRBG *ctx), - int (*reseed)(PROV_DRBG *drbg, const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adin_len), - int (*generate)(PROV_DRBG *, unsigned char *out, size_t outlen, - const unsigned char *adin, size_t adin_len)); +PROV_DRBG *ossl_rand_drbg_new(void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch, + int (*dnew)(PROV_DRBG *ctx), + void (*dfree)(void *vctx), + int (*instantiate)(PROV_DRBG *drbg, + const unsigned char *entropy, size_t entropylen, + const unsigned char *nonce, size_t noncelen, + const unsigned char *pers, size_t perslen), + int (*uninstantiate)(PROV_DRBG *ctx), + int (*reseed)(PROV_DRBG *drbg, const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adin_len), + int (*generate)(PROV_DRBG *, unsigned char *out, size_t outlen, + const unsigned char *adin, size_t adin_len)); void ossl_rand_drbg_free(PROV_DRBG *drbg); int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, - int prediction_resistance, - const unsigned char *pers, size_t perslen); + int prediction_resistance, + const unsigned char *pers, size_t perslen); int ossl_prov_drbg_uninstantiate(PROV_DRBG *drbg); int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance, - const unsigned char *ent, size_t ent_len, - const unsigned char *adin, size_t adinlen); + const unsigned char *ent, size_t ent_len, + const unsigned char *adin, size_t adinlen); int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen, - unsigned int strength, int prediction_resistance, - const unsigned char *adin, size_t adinlen); + unsigned int strength, int prediction_resistance, + const unsigned char *adin, size_t adinlen); /* Seeding api */ OSSL_FUNC_rand_get_seed_fn ossl_drbg_get_seed; @@ -230,31 +229,31 @@ OSSL_FUNC_rand_unlock_fn ossl_drbg_unlock; int ossl_drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[]); int ossl_drbg_set_ctx_params(PROV_DRBG *drbg, const OSSL_PARAM params[]); -#define OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON \ - OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL), \ - OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL) +#define OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON \ + OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL), \ + OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL) -#define OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON \ - OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL), \ - OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL), \ - OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL), \ - OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_ENTROPYLEN, NULL), \ - OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ENTROPYLEN, NULL), \ - OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_NONCELEN, NULL), \ - OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_NONCELEN, NULL), \ - OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_PERSLEN, NULL), \ - OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ADINLEN, NULL), \ - OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_COUNTER, NULL), \ - OSSL_PARAM_time_t(OSSL_DRBG_PARAM_RESEED_TIME, NULL), \ - OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL), \ - OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL) +#define OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON \ + OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL), \ + OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL), \ + OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL), \ + OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_ENTROPYLEN, NULL), \ + OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ENTROPYLEN, NULL), \ + OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_NONCELEN, NULL), \ + OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_NONCELEN, NULL), \ + OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_PERSLEN, NULL), \ + OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ADINLEN, NULL), \ + OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_COUNTER, NULL), \ + OSSL_PARAM_time_t(OSSL_DRBG_PARAM_RESEED_TIME, NULL), \ + OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL), \ + OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL) /* Continuous test "entropy" calls */ size_t ossl_crngt_get_entropy(PROV_DRBG *drbg, - unsigned char **pout, - int entropy, size_t min_len, size_t max_len, - int prediction_resistance); + unsigned char **pout, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance); void ossl_crngt_cleanup_entropy(PROV_DRBG *drbg, - unsigned char *out, size_t outlen); + unsigned char *out, size_t outlen); #endif diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c index 7a4b780bb469..c6a7f46fd994 100644 --- a/providers/implementations/rands/seed_src.c +++ b/providers/implementations/rands/seed_src.c @@ -43,7 +43,7 @@ typedef struct { } PROV_SEED_SRC; static void *seed_src_new(void *provctx, void *parent, - const OSSL_DISPATCH *parent_dispatch) + const OSSL_DISPATCH *parent_dispatch) { PROV_SEED_SRC *s; @@ -69,9 +69,9 @@ static void seed_src_free(void *vseed) } static int seed_src_instantiate(void *vseed, unsigned int strength, - int prediction_resistance, - const unsigned char *pstr, size_t pstr_len, - ossl_unused const OSSL_PARAM params[]) + int prediction_resistance, + const unsigned char *pstr, size_t pstr_len, + ossl_unused const OSSL_PARAM params[]) { PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; @@ -88,10 +88,10 @@ static int seed_src_uninstantiate(void *vseed) } static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, - unsigned int strength, - ossl_unused int prediction_resistance, - ossl_unused const unsigned char *adin, - ossl_unused size_t adin_len) + unsigned int strength, + ossl_unused int prediction_resistance, + ossl_unused const unsigned char *adin, + ossl_unused size_t adin_len) { PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; size_t entropy_available; @@ -99,8 +99,8 @@ static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, if (s->state != EVP_RAND_STATE_READY) { ERR_raise(ERR_LIB_PROV, - s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE - : PROV_R_NOT_INSTANTIATED); + s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE + : PROV_R_NOT_INSTANTIATED); return 0; } @@ -121,18 +121,18 @@ static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, } static int seed_src_reseed(void *vseed, - ossl_unused int prediction_resistance, - ossl_unused const unsigned char *ent, - ossl_unused size_t ent_len, - ossl_unused const unsigned char *adin, - ossl_unused size_t adin_len) + ossl_unused int prediction_resistance, + ossl_unused const unsigned char *ent, + ossl_unused size_t ent_len, + ossl_unused const unsigned char *adin, + ossl_unused size_t adin_len) { PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; if (s->state != EVP_RAND_STATE_READY) { ERR_raise(ERR_LIB_PROV, - s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE - : PROV_R_NOT_INSTANTIATED); + s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE + : PROV_R_NOT_INSTANTIATED); return 0; } return 1; @@ -158,7 +158,7 @@ static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[]) } static const OSSL_PARAM *seed_src_gettable_ctx_params(ossl_unused void *vseed, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL), @@ -175,9 +175,9 @@ static int seed_src_verify_zeroization(ossl_unused void *vseed) } static size_t seed_get_seed(void *vseed, unsigned char **pout, - int entropy, size_t min_len, size_t max_len, - int prediction_resistance, - const unsigned char *adin, size_t adin_len) + int entropy, size_t min_len, size_t max_len, + int prediction_resistance, + const unsigned char *adin, size_t adin_len) { size_t bytes_needed; unsigned char *p; @@ -202,7 +202,8 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout, return 0; } if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, - adin, adin_len) != 0) { + adin, adin_len) + != 0) { *pout = p; return bytes_needed; } @@ -211,7 +212,7 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout, } static void seed_clear_seed(ossl_unused void *vdrbg, - unsigned char *out, size_t outlen) + unsigned char *out, size_t outlen) { OPENSSL_secure_clear_free(out, outlen); } @@ -231,23 +232,23 @@ void seed_src_unlock(ossl_unused void *vctx) } const OSSL_DISPATCH ossl_seed_src_functions[] = { - { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))seed_src_new }, - { OSSL_FUNC_RAND_FREECTX, (void(*)(void))seed_src_free }, + { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))seed_src_new }, + { OSSL_FUNC_RAND_FREECTX, (void (*)(void))seed_src_free }, { OSSL_FUNC_RAND_INSTANTIATE, - (void(*)(void))seed_src_instantiate }, + (void (*)(void))seed_src_instantiate }, { OSSL_FUNC_RAND_UNINSTANTIATE, - (void(*)(void))seed_src_uninstantiate }, - { OSSL_FUNC_RAND_GENERATE, (void(*)(void))seed_src_generate }, - { OSSL_FUNC_RAND_RESEED, (void(*)(void))seed_src_reseed }, - { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))seed_src_enable_locking }, - { OSSL_FUNC_RAND_LOCK, (void(*)(void))seed_src_lock }, - { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))seed_src_unlock }, + (void (*)(void))seed_src_uninstantiate }, + { OSSL_FUNC_RAND_GENERATE, (void (*)(void))seed_src_generate }, + { OSSL_FUNC_RAND_RESEED, (void (*)(void))seed_src_reseed }, + { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))seed_src_enable_locking }, + { OSSL_FUNC_RAND_LOCK, (void (*)(void))seed_src_lock }, + { OSSL_FUNC_RAND_UNLOCK, (void (*)(void))seed_src_unlock }, { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, - (void(*)(void))seed_src_gettable_ctx_params }, - { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))seed_src_get_ctx_params }, + (void (*)(void))seed_src_gettable_ctx_params }, + { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void (*)(void))seed_src_get_ctx_params }, { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, - (void(*)(void))seed_src_verify_zeroization }, - { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))seed_get_seed }, - { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))seed_clear_seed }, + (void (*)(void))seed_src_verify_zeroization }, + { OSSL_FUNC_RAND_GET_SEED, (void (*)(void))seed_get_seed }, + { OSSL_FUNC_RAND_CLEAR_SEED, (void (*)(void))seed_clear_seed }, { 0, NULL } }; diff --git a/providers/implementations/rands/seeding/rand_cpu_x86.c b/providers/implementations/rands/seeding/rand_cpu_x86.c index 0e062fa45aa2..f2021ed10905 100644 --- a/providers/implementations/rands/seeding/rand_cpu_x86.c +++ b/providers/implementations/rands/seeding/rand_cpu_x86.c @@ -13,13 +13,13 @@ #include "prov/seeding.h" #ifdef OPENSSL_RAND_SEED_RDCPU -# if defined(OPENSSL_SYS_TANDEM) && defined(_TNS_X_TARGET) -# include <builtin.h> /* _rdrand64 */ -# include <string.h> /* memcpy */ -# else +#if defined(OPENSSL_SYS_TANDEM) && defined(_TNS_X_TARGET) +#include <builtin.h> /* _rdrand64 */ +#include <string.h> /* memcpy */ +#else size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len); size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len); -# endif +#endif static size_t get_hardware_random_value(unsigned char *buf, size_t len); @@ -88,16 +88,17 @@ static size_t get_hardware_random_value(unsigned char *buf, size_t len) return 0; } #else -static size_t get_hardware_random_value(unsigned char *buf, size_t len) { +static size_t get_hardware_random_value(unsigned char *buf, size_t len) +{ /* Whichever comes first, use RDSEED, RDRAND or nothing */ if ((OPENSSL_ia32cap_P[2] & (1 << 18)) != 0) { - if (OPENSSL_ia32_rdseed_bytes(buf, len) != len) - return 0; + if (OPENSSL_ia32_rdseed_bytes(buf, len) != len) + return 0; } else if ((OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0) { - if (OPENSSL_ia32_rdrand_bytes(buf, len) != len) - return 0; + if (OPENSSL_ia32_rdrand_bytes(buf, len) != len) + return 0; } else - return 0; + return 0; return len; } #endif diff --git a/providers/implementations/rands/seeding/rand_tsc.c b/providers/implementations/rands/seeding/rand_tsc.c index 98dd836b24d9..568e35b5359b 100644 --- a/providers/implementations/rands/seeding/rand_tsc.c +++ b/providers/implementations/rands/seeding/rand_tsc.c @@ -19,7 +19,7 @@ * Some SP800-90B tests have been run, but there is internal skepticism. * So for now this code is not used. */ -# error "RDTSC enabled? Should not be possible!" +#error "RDTSC enabled? Should not be possible!" /* * Acquire entropy from high-speed clock diff --git a/providers/implementations/rands/seeding/rand_unix.c b/providers/implementations/rands/seeding/rand_unix.c index 750afca58ed7..d12789d4d4c2 100644 --- a/providers/implementations/rands/seeding/rand_unix.c +++ b/providers/implementations/rands/seeding/rand_unix.c @@ -8,7 +8,7 @@ */ #ifndef _GNU_SOURCE -# define _GNU_SOURCE +#define _GNU_SOURCE #endif #include "../e_os.h" #include <stdio.h> @@ -22,38 +22,38 @@ #include "prov/seeding.h" #ifdef __linux -# include <sys/syscall.h> -# ifdef DEVRANDOM_WAIT -# include <sys/shm.h> -# include <sys/utsname.h> -# endif +#include <sys/syscall.h> +#ifdef DEVRANDOM_WAIT +#include <sys/shm.h> +#include <sys/utsname.h> +#endif #endif #if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(OPENSSL_SYS_UEFI) -# include <sys/types.h> -# include <sys/sysctl.h> -# include <sys/param.h> +#include <sys/types.h> +#include <sys/sysctl.h> +#include <sys/param.h> #endif #if defined(__OpenBSD__) -# include <sys/param.h> +#include <sys/param.h> #endif #if defined(__DragonFly__) -# include <sys/param.h> -# include <sys/random.h> +#include <sys/param.h> +#include <sys/random.h> #endif #if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \ - || defined(__DJGPP__) -# include <sys/types.h> -# include <sys/stat.h> -# include <fcntl.h> -# include <unistd.h> -# include <sys/time.h> + || defined(__DJGPP__) +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> +#include <sys/time.h> static uint64_t get_time_stamp(void); static uint64_t get_timer_bits(void); /* Macro to convert two thirty two bit values into a sixty four bit one */ -# define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b)) +#define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b)) /* * Check for the existence and support of POSIX timers. The standard @@ -75,54 +75,54 @@ static uint64_t get_timer_bits(void); * The nested #if sequences are required to avoid using a parameterised * macro that might be undefined. */ -# undef OSSL_POSIX_TIMER_OKAY +#undef OSSL_POSIX_TIMER_OKAY /* On some systems, _POSIX_TIMERS is defined but empty. * Subtracting by 0 when comparing avoids an error in this case. */ -# if defined(_POSIX_TIMERS) && _POSIX_TIMERS -0 > 0 -# if defined(__GLIBC__) -# if defined(__GLIBC_PREREQ) -# if __GLIBC_PREREQ(2, 17) -# define OSSL_POSIX_TIMER_OKAY -# endif -# endif -# else -# define OSSL_POSIX_TIMER_OKAY -# endif -# endif -#endif /* (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) +#if defined(_POSIX_TIMERS) && _POSIX_TIMERS - 0 > 0 +#if defined(__GLIBC__) +#if defined(__GLIBC_PREREQ) +#if __GLIBC_PREREQ(2, 17) +#define OSSL_POSIX_TIMER_OKAY +#endif +#endif +#else +#define OSSL_POSIX_TIMER_OKAY +#endif +#endif +#endif /* (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \ || defined(__DJGPP__) */ #if defined(OPENSSL_RAND_SEED_NONE) /* none means none. this simplifies the following logic */ -# undef OPENSSL_RAND_SEED_OS -# undef OPENSSL_RAND_SEED_GETRANDOM -# undef OPENSSL_RAND_SEED_LIBRANDOM -# undef OPENSSL_RAND_SEED_DEVRANDOM -# undef OPENSSL_RAND_SEED_RDTSC -# undef OPENSSL_RAND_SEED_RDCPU -# undef OPENSSL_RAND_SEED_EGD +#undef OPENSSL_RAND_SEED_OS +#undef OPENSSL_RAND_SEED_GETRANDOM +#undef OPENSSL_RAND_SEED_LIBRANDOM +#undef OPENSSL_RAND_SEED_DEVRANDOM +#undef OPENSSL_RAND_SEED_RDTSC +#undef OPENSSL_RAND_SEED_RDCPU +#undef OPENSSL_RAND_SEED_EGD #endif #if defined(OPENSSL_SYS_UEFI) && !defined(OPENSSL_RAND_SEED_NONE) -# error "UEFI only supports seeding NONE" +#error "UEFI only supports seeding NONE" #endif #if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) \ - || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VXWORKS) \ + || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VXWORKS) \ || defined(OPENSSL_SYS_UEFI)) -# if defined(OPENSSL_SYS_VOS) +#if defined(OPENSSL_SYS_VOS) -# ifndef OPENSSL_RAND_SEED_OS -# error "Unsupported seeding method configured; must be os" -# endif +#ifndef OPENSSL_RAND_SEED_OS +#error "Unsupported seeding method configured; must be os" +#endif -# if defined(OPENSSL_SYS_VOS_HPPA) && defined(OPENSSL_SYS_VOS_IA32) -# error "Unsupported HP-PA and IA32 at the same time." -# endif -# if !defined(OPENSSL_SYS_VOS_HPPA) && !defined(OPENSSL_SYS_VOS_IA32) -# error "Must have one of HP-PA or IA32" -# endif +#if defined(OPENSSL_SYS_VOS_HPPA) && defined(OPENSSL_SYS_VOS_IA32) +#error "Unsupported HP-PA and IA32 at the same time." +#endif +#if !defined(OPENSSL_SYS_VOS_HPPA) && !defined(OPENSSL_SYS_VOS_IA32) +#error "Must have one of HP-PA or IA32" +#endif /* * The following algorithm repeatedly samples the real-time clock (RTC) to @@ -145,13 +145,13 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) size_t bytes_needed; struct timespec ts; unsigned char v; -# ifdef OPENSSL_SYS_VOS_HPPA +#ifdef OPENSSL_SYS_VOS_HPPA long duration; extern void s$sleep(long *_duration, short int *_code); -# else +#else long long duration; extern void s$sleep2(long long *_duration, short int *_code); -# endif +#endif bytes_needed = ossl_rand_pool_bytes_needed(pool, 4 /*entropy_factor*/); @@ -163,20 +163,20 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) for (k = 0; k < 99; k++) ts.tv_nsec = random(); -# ifdef OPENSSL_SYS_VOS_HPPA +#ifdef OPENSSL_SYS_VOS_HPPA /* sleep for 1/1024 of a second (976 us). */ duration = 1; s$sleep(&duration, &code); -# else +#else /* sleep for 1/65536 of a second (15 us). */ duration = 1; s$sleep2(&duration, &code); -# endif +#endif /* Get wall clock time, take 8 bits. */ clock_gettime(CLOCK_REALTIME, &ts); v = (unsigned char)(ts.tv_nsec & 0xFF); - ossl_rand_pool_add(pool, arg, &v, sizeof(v) , 2); + ossl_rand_pool_add(pool, arg, &v, sizeof(v), 2); } return ossl_rand_pool_entropy_available(pool); } @@ -189,30 +189,29 @@ void ossl_rand_pool_keep_random_devices_open(int keep) { } -# else +#else -# if defined(OPENSSL_RAND_SEED_EGD) && \ - (defined(OPENSSL_NO_EGD) || !defined(DEVRANDOM_EGD)) -# error "Seeding uses EGD but EGD is turned off or no device given" -# endif +#if defined(OPENSSL_RAND_SEED_EGD) && (defined(OPENSSL_NO_EGD) || !defined(DEVRANDOM_EGD)) +#error "Seeding uses EGD but EGD is turned off or no device given" +#endif -# if defined(OPENSSL_RAND_SEED_DEVRANDOM) && !defined(DEVRANDOM) -# error "Seeding uses urandom but DEVRANDOM is not configured" -# endif +#if defined(OPENSSL_RAND_SEED_DEVRANDOM) && !defined(DEVRANDOM) +#error "Seeding uses urandom but DEVRANDOM is not configured" +#endif -# if defined(OPENSSL_RAND_SEED_OS) -# if !defined(DEVRANDOM) -# error "OS seeding requires DEVRANDOM to be configured" -# endif -# define OPENSSL_RAND_SEED_GETRANDOM -# define OPENSSL_RAND_SEED_DEVRANDOM -# endif +#if defined(OPENSSL_RAND_SEED_OS) +#if !defined(DEVRANDOM) +#error "OS seeding requires DEVRANDOM to be configured" +#endif +#define OPENSSL_RAND_SEED_GETRANDOM +#define OPENSSL_RAND_SEED_DEVRANDOM +#endif -# if defined(OPENSSL_RAND_SEED_LIBRANDOM) -# error "librandom not (yet) supported" -# endif +#if defined(OPENSSL_RAND_SEED_LIBRANDOM) +#error "librandom not (yet) supported" +#endif -# if (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) +#if (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) /* * sysctl_random(): Use sysctl() to read a random number from the kernel * Returns the number of bytes returned in buf on success, -1 on failure. @@ -234,7 +233,7 @@ static ssize_t sysctl_random(char *buf, size_t buflen) * when the sysctl returns long and we want to request something not a * multiple of longs, which should never be the case. */ -#if defined(__FreeBSD__) +#if defined(__FreeBSD__) if (!ossl_assert(buflen % sizeof(long) == 0)) { errno = EINVAL; return -1; @@ -248,7 +247,7 @@ static ssize_t sysctl_random(char *buf, size_t buflen) * up to 256 bytes. * Just return an error on older NetBSD versions. */ -#if defined(__NetBSD__) && __NetBSD_Version__ < 400000000 +#if defined(__NetBSD__) && __NetBSD_Version__ < 400000000 errno = ENOSYS; return -1; #endif @@ -267,65 +266,65 @@ static ssize_t sysctl_random(char *buf, size_t buflen) return done; } -# endif +#endif -# if defined(OPENSSL_RAND_SEED_GETRANDOM) +#if defined(OPENSSL_RAND_SEED_GETRANDOM) -# if defined(__linux) && !defined(__NR_getrandom) -# if defined(__arm__) -# define __NR_getrandom (__NR_SYSCALL_BASE+384) -# elif defined(__i386__) -# define __NR_getrandom 355 -# elif defined(__x86_64__) -# if defined(__ILP32__) -# define __NR_getrandom (__X32_SYSCALL_BIT + 318) -# else -# define __NR_getrandom 318 -# endif -# elif defined(__xtensa__) -# define __NR_getrandom 338 -# elif defined(__s390__) || defined(__s390x__) -# define __NR_getrandom 349 -# elif defined(__bfin__) -# define __NR_getrandom 389 -# elif defined(__powerpc__) -# define __NR_getrandom 359 -# elif defined(__mips__) || defined(__mips64) -# if _MIPS_SIM == _MIPS_SIM_ABI32 -# define __NR_getrandom (__NR_Linux + 353) -# elif _MIPS_SIM == _MIPS_SIM_ABI64 -# define __NR_getrandom (__NR_Linux + 313) -# elif _MIPS_SIM == _MIPS_SIM_NABI32 -# define __NR_getrandom (__NR_Linux + 317) -# endif -# elif defined(__hppa__) -# define __NR_getrandom (__NR_Linux + 339) -# elif defined(__sparc__) -# define __NR_getrandom 347 -# elif defined(__ia64__) -# define __NR_getrandom 1339 -# elif defined(__alpha__) -# define __NR_getrandom 511 -# elif defined(__sh__) -# if defined(__SH5__) -# define __NR_getrandom 373 -# else -# define __NR_getrandom 384 -# endif -# elif defined(__avr32__) -# define __NR_getrandom 317 -# elif defined(__microblaze__) -# define __NR_getrandom 385 -# elif defined(__m68k__) -# define __NR_getrandom 352 -# elif defined(__cris__) -# define __NR_getrandom 356 -# elif defined(__aarch64__) -# define __NR_getrandom 278 -# else /* generic */ -# define __NR_getrandom 278 -# endif -# endif +#if defined(__linux) && !defined(__NR_getrandom) +#if defined(__arm__) +#define __NR_getrandom (__NR_SYSCALL_BASE + 384) +#elif defined(__i386__) +#define __NR_getrandom 355 +#elif defined(__x86_64__) +#if defined(__ILP32__) +#define __NR_getrandom (__X32_SYSCALL_BIT + 318) +#else +#define __NR_getrandom 318 +#endif +#elif defined(__xtensa__) +#define __NR_getrandom 338 +#elif defined(__s390__) || defined(__s390x__) +#define __NR_getrandom 349 +#elif defined(__bfin__) +#define __NR_getrandom 389 +#elif defined(__powerpc__) +#define __NR_getrandom 359 +#elif defined(__mips__) || defined(__mips64) +#if _MIPS_SIM == _MIPS_SIM_ABI32 +#define __NR_getrandom (__NR_Linux + 353) +#elif _MIPS_SIM == _MIPS_SIM_ABI64 +#define __NR_getrandom (__NR_Linux + 313) +#elif _MIPS_SIM == _MIPS_SIM_NABI32 +#define __NR_getrandom (__NR_Linux + 317) +#endif +#elif defined(__hppa__) +#define __NR_getrandom (__NR_Linux + 339) +#elif defined(__sparc__) +#define __NR_getrandom 347 +#elif defined(__ia64__) +#define __NR_getrandom 1339 +#elif defined(__alpha__) +#define __NR_getrandom 511 +#elif defined(__sh__) +#if defined(__SH5__) +#define __NR_getrandom 373 +#else +#define __NR_getrandom 384 +#endif +#elif defined(__avr32__) +#define __NR_getrandom 317 +#elif defined(__microblaze__) +#define __NR_getrandom 385 +#elif defined(__m68k__) +#define __NR_getrandom 352 +#elif defined(__cris__) +#define __NR_getrandom 356 +#elif defined(__aarch64__) +#define __NR_getrandom 278 +#else /* generic */ +#define __NR_getrandom 278 +#endif +#endif /* * syscall_random(): Try to get random data using a system call @@ -356,8 +355,8 @@ static ssize_t syscall_random(void *buf, size_t buflen) * Note: Sometimes getentropy() can be provided but not implemented * internally. So we need to check errno for ENOSYS */ -# if !defined(__DragonFly__) && !defined(__NetBSD__) -# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) +#if !defined(__DragonFly__) && !defined(__NetBSD__) +#if defined(__GNUC__) && __GNUC__ >= 2 && defined(__ELF__) && !defined(__hpux) extern int getentropy(void *buffer, size_t length) __attribute__((weak)); if (getentropy != NULL) { @@ -366,13 +365,13 @@ static ssize_t syscall_random(void *buf, size_t buflen) if (errno != ENOSYS) return -1; } -# elif defined(OPENSSL_APPLE_CRYPTO_RANDOM) +#elif defined(OPENSSL_APPLE_CRYPTO_RANDOM) if (CCRandomGenerateBytes(buf, buflen) == kCCSuccess) - return (ssize_t)buflen; + return (ssize_t)buflen; return -1; -# else +#else union { void *p; int (*f)(void *buffer, size_t length); @@ -387,25 +386,25 @@ static ssize_t syscall_random(void *buf, size_t buflen) ERR_pop_to_mark(); if (p_getentropy.p != NULL) return p_getentropy.f(buf, buflen) == 0 ? (ssize_t)buflen : -1; -# endif -# endif /* !__DragonFly__ */ +#endif +#endif /* !__DragonFly__ */ /* Linux supports this since version 3.17 */ -# if defined(__linux) && defined(__NR_getrandom) +#if defined(__linux) && defined(__NR_getrandom) return syscall(__NR_getrandom, buf, buflen, 0); -# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) +#elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) return sysctl_random(buf, buflen); -# elif (defined(__DragonFly__) && __DragonFly_version >= 500700) \ - || (defined(__NetBSD__) && __NetBSD_Version >= 1000000000) +#elif (defined(__DragonFly__) && __DragonFly_version >= 500700) \ + || (defined(__NetBSD__) && __NetBSD_Version >= 1000000000) return getrandom(buf, buflen, 0); -# else +#else errno = ENOSYS; return -1; -# endif +#endif } -# endif /* defined(OPENSSL_RAND_SEED_GETRANDOM) */ +#endif /* defined(OPENSSL_RAND_SEED_GETRANDOM) */ -# if defined(OPENSSL_RAND_SEED_DEVRANDOM) +#if defined(OPENSSL_RAND_SEED_DEVRANDOM) static const char *random_device_paths[] = { DEVRANDOM }; static struct random_device { int fd; @@ -416,8 +415,8 @@ static struct random_device { } random_devices[OSSL_NELEM(random_device_paths)]; static int keep_random_devices_open = 1; -# if defined(__linux) && defined(DEVRANDOM_WAIT) \ - && defined(OPENSSL_RAND_SEED_GETRANDOM) +#if defined(__linux) && defined(DEVRANDOM_WAIT) \ + && defined(OPENSSL_RAND_SEED_GETRANDOM) static void *shm_addr; static void cleanup_shm(void) @@ -469,16 +468,18 @@ static int wait_random_seeded(void) FD_ZERO(&fds); FD_SET(fd, &fds); while ((r = select(fd + 1, &fds, NULL, NULL, NULL)) < 0 - && errno == EINTR); + && errno == EINTR) + ; } else { - while ((r = read(fd, &c, 1)) < 0 && errno == EINTR); + while ((r = read(fd, &c, 1)) < 0 && errno == EINTR) + ; } close(fd); if (r == 1) { seeded = 1; /* Create the shared memory indicator */ shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1, - IPC_CREAT | S_IRUSR | S_IRGRP | S_IROTH); + IPC_CREAT | S_IRUSR | S_IRGRP | S_IROTH); } } } @@ -495,12 +496,12 @@ static int wait_random_seeded(void) } return seeded; } -# else /* defined __linux && DEVRANDOM_WAIT && OPENSSL_RAND_SEED_GETRANDOM */ +#else /* defined __linux && DEVRANDOM_WAIT && OPENSSL_RAND_SEED_GETRANDOM */ static int wait_random_seeded(void) { return 1; } -# endif +#endif /* * Verify that the file descriptor associated with the random source is @@ -509,16 +510,16 @@ static int wait_random_seeded(void) * So the handle might have been closed or even reused for opening * another file. */ -static int check_random_device(struct random_device * rd) +static int check_random_device(struct random_device *rd) { struct stat st; return rd->fd != -1 - && fstat(rd->fd, &st) != -1 - && rd->dev == st.st_dev - && rd->ino == st.st_ino - && ((rd->mode ^ st.st_mode) & ~(S_IRWXU | S_IRWXG | S_IRWXO)) == 0 - && rd->rdev == st.st_rdev; + && fstat(rd->fd, &st) != -1 + && rd->dev == st.st_dev + && rd->ino == st.st_ino + && ((rd->mode ^ st.st_mode) & ~(S_IRWXU | S_IRWXG | S_IRWXO)) == 0 + && rd->rdev == st.st_rdev; } /* @@ -527,7 +528,7 @@ static int check_random_device(struct random_device * rd) static int get_random_device(size_t n) { struct stat st; - struct random_device * rd = &random_devices[n]; + struct random_device *rd = &random_devices[n]; /* reuse existing file descriptor if it is (still) valid */ if (check_random_device(rd)) @@ -556,7 +557,7 @@ static int get_random_device(size_t n) */ static void close_random_device(size_t n) { - struct random_device * rd = &random_devices[n]; + struct random_device *rd = &random_devices[n]; if (check_random_device(rd)) close(rd->fd); @@ -589,7 +590,7 @@ void ossl_rand_pool_keep_random_devices_open(int keep) keep_random_devices_open = keep; } -# else /* !defined(OPENSSL_RAND_SEED_DEVRANDOM) */ +#else /* !defined(OPENSSL_RAND_SEED_DEVRANDOM) */ int ossl_rand_pool_init(void) { @@ -604,7 +605,7 @@ void ossl_rand_pool_keep_random_devices_open(int keep) { } -# endif /* defined(OPENSSL_RAND_SEED_DEVRANDOM) */ +#endif /* defined(OPENSSL_RAND_SEED_DEVRANDOM) */ /* * Try the various seeding methods in turn, exit when successful. @@ -625,14 +626,14 @@ void ossl_rand_pool_keep_random_devices_open(int keep) */ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) { -# if defined(OPENSSL_RAND_SEED_NONE) +#if defined(OPENSSL_RAND_SEED_NONE) return ossl_rand_pool_entropy_available(pool); -# else +#else size_t entropy_available = 0; - (void)entropy_available; /* avoid compiler warning */ + (void)entropy_available; /* avoid compiler warning */ -# if defined(OPENSSL_RAND_SEED_GETRANDOM) +#if defined(OPENSSL_RAND_SEED_GETRANDOM) { size_t bytes_needed; unsigned char *buffer; @@ -656,15 +657,15 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) entropy_available = ossl_rand_pool_entropy_available(pool); if (entropy_available > 0) return entropy_available; -# endif +#endif -# if defined(OPENSSL_RAND_SEED_LIBRANDOM) +#if defined(OPENSSL_RAND_SEED_LIBRANDOM) { /* Not yet implemented. */ } -# endif +#endif -# if defined(OPENSSL_RAND_SEED_DEVRANDOM) +#if defined(OPENSSL_RAND_SEED_DEVRANDOM) if (wait_random_seeded()) { size_t bytes_needed; unsigned char *buffer; @@ -672,7 +673,7 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths); - i++) { + i++) { ssize_t bytes = 0; /* Maximum number of consecutive unsuccessful attempts */ int attempts = 3; @@ -702,21 +703,21 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) if (entropy_available > 0) return entropy_available; } -# endif +#endif -# if defined(OPENSSL_RAND_SEED_RDTSC) +#if defined(OPENSSL_RAND_SEED_RDTSC) entropy_available = ossl_prov_acquire_entropy_from_tsc(pool); if (entropy_available > 0) return entropy_available; -# endif +#endif -# if defined(OPENSSL_RAND_SEED_RDCPU) +#if defined(OPENSSL_RAND_SEED_RDCPU) entropy_available = ossl_prov_acquire_entropy_from_cpu(pool); if (entropy_available > 0) return entropy_available; -# endif +#endif -# if defined(OPENSSL_RAND_SEED_EGD) +#if defined(OPENSSL_RAND_SEED_EGD) { static const char *paths[] = { DEVRANDOM_EGD, NULL }; size_t bytes_needed; @@ -730,7 +731,7 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) buffer = ossl_rand_pool_add_begin(pool, bytes_needed); num = RAND_query_egd_bytes(paths[i], - buffer, (int)bytes_needed); + buffer, (int)bytes_needed); if (num == (int)bytes_needed) bytes = bytes_needed; @@ -741,16 +742,16 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) if (entropy_available > 0) return entropy_available; } -# endif +#endif return ossl_rand_pool_entropy_available(pool); -# endif +#endif } -# endif +#endif #endif #if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \ - || defined(__DJGPP__) + || defined(__DJGPP__) int ossl_pool_add_nonce_data(RAND_POOL *pool) { struct { @@ -798,7 +799,6 @@ int ossl_rand_pool_add_additional_data(RAND_POOL *pool) return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); } - /* * Get the current time with the highest possible resolution * @@ -808,23 +808,23 @@ int ossl_rand_pool_add_additional_data(RAND_POOL *pool) */ static uint64_t get_time_stamp(void) { -# if defined(OSSL_POSIX_TIMER_OKAY) +#if defined(OSSL_POSIX_TIMER_OKAY) { struct timespec ts; if (clock_gettime(CLOCK_REALTIME, &ts) == 0) return TWO32TO64(ts.tv_sec, ts.tv_nsec); } -# endif -# if defined(__unix__) \ - || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) +#endif +#if defined(__unix__) \ + || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) { struct timeval tv; if (gettimeofday(&tv, NULL) == 0) return TWO32TO64(tv.tv_sec, tv.tv_usec); } -# endif +#endif return time(NULL); } @@ -842,41 +842,41 @@ static uint64_t get_timer_bits(void) if (res != 0) return res; -# if defined(__sun) || defined(__hpux) +#if defined(__sun) || defined(__hpux) return gethrtime(); -# elif defined(_AIX) +#elif defined(_AIX) { timebasestruct_t t; read_wall_time(&t, TIMEBASE_SZ); return TWO32TO64(t.tb_high, t.tb_low); } -# elif defined(OSSL_POSIX_TIMER_OKAY) +#elif defined(OSSL_POSIX_TIMER_OKAY) { struct timespec ts; -# ifdef CLOCK_BOOTTIME -# define CLOCK_TYPE CLOCK_BOOTTIME -# elif defined(_POSIX_MONOTONIC_CLOCK) -# define CLOCK_TYPE CLOCK_MONOTONIC -# else -# define CLOCK_TYPE CLOCK_REALTIME -# endif +#ifdef CLOCK_BOOTTIME +#define CLOCK_TYPE CLOCK_BOOTTIME +#elif defined(_POSIX_MONOTONIC_CLOCK) +#define CLOCK_TYPE CLOCK_MONOTONIC +#else +#define CLOCK_TYPE CLOCK_REALTIME +#endif if (clock_gettime(CLOCK_TYPE, &ts) == 0) return TWO32TO64(ts.tv_sec, ts.tv_nsec); } -# endif -# if defined(__unix__) \ - || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) +#endif +#if defined(__unix__) \ + || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L) { struct timeval tv; if (gettimeofday(&tv, NULL) == 0) return TWO32TO64(tv.tv_sec, tv.tv_usec); } -# endif +#endif return time(NULL); } -#endif /* (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) +#endif /* (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \ || defined(__DJGPP__) */ diff --git a/providers/implementations/rands/seeding/rand_vms.c b/providers/implementations/rands/seeding/rand_vms.c index f12ecb3b075e..57ed70913fe5 100644 --- a/providers/implementations/rands/seeding/rand_vms.c +++ b/providers/implementations/rands/seeding/rand_vms.c @@ -9,7 +9,7 @@ #include "e_os.h" -#define __NEW_STARLET 1 /* New starlet definitions since VMS 7.0 */ +#define __NEW_STARLET 1 /* New starlet definitions since VMS 7.0 */ #include <unistd.h> #include "internal/cryptlib.h" #include <openssl/rand.h> @@ -29,13 +29,13 @@ #include <iledef.h> #include <lib$routines.h> #ifdef __DECC -# pragma message disable DOLLARID +#pragma message disable DOLLARID #endif -#include <dlfcn.h> /* SYS$GET_ENTROPY presence */ +#include <dlfcn.h> /* SYS$GET_ENTROPY presence */ #ifndef OPENSSL_RAND_SEED_OS -# error "Unsupported seeding method configured; must be os" +#error "Unsupported seeding method configured; must be os" #endif /* @@ -49,221 +49,221 @@ /* We need to make sure we have the right size pointer in some cases */ #if __INITIAL_POINTER_SIZE == 64 -# pragma pointer_size save -# pragma pointer_size 32 +#pragma pointer_size save +#pragma pointer_size 32 #endif typedef uint32_t *uint32_t__ptr32; #if __INITIAL_POINTER_SIZE == 64 -# pragma pointer_size restore +#pragma pointer_size restore #endif struct item_st { - short length, code; /* length is number of bytes */ + short length, code; /* length is number of bytes */ }; static const struct item_st DVI_item_data[] = { - {4, DVI$_ERRCNT}, - {4, DVI$_REFCNT}, + { 4, DVI$_ERRCNT }, + { 4, DVI$_REFCNT }, }; static const struct item_st JPI_item_data[] = { - {4, JPI$_BUFIO}, - {4, JPI$_CPUTIM}, - {4, JPI$_DIRIO}, - {4, JPI$_IMAGECOUNT}, - {4, JPI$_PAGEFLTS}, - {4, JPI$_PID}, - {4, JPI$_PPGCNT}, - {4, JPI$_WSPEAK}, + { 4, JPI$_BUFIO }, + { 4, JPI$_CPUTIM }, + { 4, JPI$_DIRIO }, + { 4, JPI$_IMAGECOUNT }, + { 4, JPI$_PAGEFLTS }, + { 4, JPI$_PID }, + { 4, JPI$_PPGCNT }, + { 4, JPI$_WSPEAK }, /* * Note: the direct result is just a 32-bit address. However, it points * to a list of 4 32-bit words, so we make extra space for them so we can * do in-place replacement of values */ - {16, JPI$_FINALEXC}, + { 16, JPI$_FINALEXC }, }; static const struct item_st JPI_item_data_64bit[] = { - {8, JPI$_LAST_LOGIN_I}, - {8, JPI$_LOGINTIM}, + { 8, JPI$_LAST_LOGIN_I }, + { 8, JPI$_LOGINTIM }, }; static const struct item_st RMI_item_data[] = { - {4, RMI$_COLPG}, - {4, RMI$_MWAIT}, - {4, RMI$_CEF}, - {4, RMI$_PFW}, - {4, RMI$_LEF}, - {4, RMI$_LEFO}, - {4, RMI$_HIB}, - {4, RMI$_HIBO}, - {4, RMI$_SUSP}, - {4, RMI$_SUSPO}, - {4, RMI$_FPG}, - {4, RMI$_COM}, - {4, RMI$_COMO}, - {4, RMI$_CUR}, + { 4, RMI$_COLPG }, + { 4, RMI$_MWAIT }, + { 4, RMI$_CEF }, + { 4, RMI$_PFW }, + { 4, RMI$_LEF }, + { 4, RMI$_LEFO }, + { 4, RMI$_HIB }, + { 4, RMI$_HIBO }, + { 4, RMI$_SUSP }, + { 4, RMI$_SUSPO }, + { 4, RMI$_FPG }, + { 4, RMI$_COM }, + { 4, RMI$_COMO }, + { 4, RMI$_CUR }, #if defined __alpha - {4, RMI$_FRLIST}, - {4, RMI$_MODLIST}, + { 4, RMI$_FRLIST }, + { 4, RMI$_MODLIST }, #endif - {4, RMI$_FAULTS}, - {4, RMI$_PREADS}, - {4, RMI$_PWRITES}, - {4, RMI$_PWRITIO}, - {4, RMI$_PREADIO}, - {4, RMI$_GVALFLTS}, - {4, RMI$_WRTINPROG}, - {4, RMI$_FREFLTS}, - {4, RMI$_DZROFLTS}, - {4, RMI$_SYSFAULTS}, - {4, RMI$_ISWPCNT}, - {4, RMI$_DIRIO}, - {4, RMI$_BUFIO}, - {4, RMI$_MBREADS}, - {4, RMI$_MBWRITES}, - {4, RMI$_LOGNAM}, - {4, RMI$_FCPCALLS}, - {4, RMI$_FCPREAD}, - {4, RMI$_FCPWRITE}, - {4, RMI$_FCPCACHE}, - {4, RMI$_FCPCPU}, - {4, RMI$_FCPHIT}, - {4, RMI$_FCPSPLIT}, - {4, RMI$_FCPFAULT}, - {4, RMI$_ENQNEW}, - {4, RMI$_ENQCVT}, - {4, RMI$_DEQ}, - {4, RMI$_BLKAST}, - {4, RMI$_ENQWAIT}, - {4, RMI$_ENQNOTQD}, - {4, RMI$_DLCKSRCH}, - {4, RMI$_DLCKFND}, - {4, RMI$_NUMLOCKS}, - {4, RMI$_NUMRES}, - {4, RMI$_ARRLOCPK}, - {4, RMI$_DEPLOCPK}, - {4, RMI$_ARRTRAPK}, - {4, RMI$_TRCNGLOS}, - {4, RMI$_RCVBUFFL}, - {4, RMI$_ENQNEWLOC}, - {4, RMI$_ENQNEWIN}, - {4, RMI$_ENQNEWOUT}, - {4, RMI$_ENQCVTLOC}, - {4, RMI$_ENQCVTIN}, - {4, RMI$_ENQCVTOUT}, - {4, RMI$_DEQLOC}, - {4, RMI$_DEQIN}, - {4, RMI$_DEQOUT}, - {4, RMI$_BLKLOC}, - {4, RMI$_BLKIN}, - {4, RMI$_BLKOUT}, - {4, RMI$_DIRIN}, - {4, RMI$_DIROUT}, - /* We currently get a fault when trying these */ + { 4, RMI$_FAULTS }, + { 4, RMI$_PREADS }, + { 4, RMI$_PWRITES }, + { 4, RMI$_PWRITIO }, + { 4, RMI$_PREADIO }, + { 4, RMI$_GVALFLTS }, + { 4, RMI$_WRTINPROG }, + { 4, RMI$_FREFLTS }, + { 4, RMI$_DZROFLTS }, + { 4, RMI$_SYSFAULTS }, + { 4, RMI$_ISWPCNT }, + { 4, RMI$_DIRIO }, + { 4, RMI$_BUFIO }, + { 4, RMI$_MBREADS }, + { 4, RMI$_MBWRITES }, + { 4, RMI$_LOGNAM }, + { 4, RMI$_FCPCALLS }, + { 4, RMI$_FCPREAD }, + { 4, RMI$_FCPWRITE }, + { 4, RMI$_FCPCACHE }, + { 4, RMI$_FCPCPU }, + { 4, RMI$_FCPHIT }, + { 4, RMI$_FCPSPLIT }, + { 4, RMI$_FCPFAULT }, + { 4, RMI$_ENQNEW }, + { 4, RMI$_ENQCVT }, + { 4, RMI$_DEQ }, + { 4, RMI$_BLKAST }, + { 4, RMI$_ENQWAIT }, + { 4, RMI$_ENQNOTQD }, + { 4, RMI$_DLCKSRCH }, + { 4, RMI$_DLCKFND }, + { 4, RMI$_NUMLOCKS }, + { 4, RMI$_NUMRES }, + { 4, RMI$_ARRLOCPK }, + { 4, RMI$_DEPLOCPK }, + { 4, RMI$_ARRTRAPK }, + { 4, RMI$_TRCNGLOS }, + { 4, RMI$_RCVBUFFL }, + { 4, RMI$_ENQNEWLOC }, + { 4, RMI$_ENQNEWIN }, + { 4, RMI$_ENQNEWOUT }, + { 4, RMI$_ENQCVTLOC }, + { 4, RMI$_ENQCVTIN }, + { 4, RMI$_ENQCVTOUT }, + { 4, RMI$_DEQLOC }, + { 4, RMI$_DEQIN }, + { 4, RMI$_DEQOUT }, + { 4, RMI$_BLKLOC }, + { 4, RMI$_BLKIN }, + { 4, RMI$_BLKOUT }, + { 4, RMI$_DIRIN }, + { 4, RMI$_DIROUT }, +/* We currently get a fault when trying these */ #if 0 {140, RMI$_MSCP_EVERYTHING}, /* 35 32-bit words */ {152, RMI$_DDTM_ALL}, /* 38 32-bit words */ {80, RMI$_TMSCP_EVERYTHING} /* 20 32-bit words */ #endif - {4, RMI$_LPZ_PAGCNT}, - {4, RMI$_LPZ_HITS}, - {4, RMI$_LPZ_MISSES}, - {4, RMI$_LPZ_EXPCNT}, - {4, RMI$_LPZ_ALLOCF}, - {4, RMI$_LPZ_ALLOC2}, - {4, RMI$_ACCESS}, - {4, RMI$_ALLOC}, - {4, RMI$_FCPCREATE}, - {4, RMI$_VOLWAIT}, - {4, RMI$_FCPTURN}, - {4, RMI$_FCPERASE}, - {4, RMI$_OPENS}, - {4, RMI$_FIDHIT}, - {4, RMI$_FIDMISS}, - {4, RMI$_FILHDR_HIT}, - {4, RMI$_DIRFCB_HIT}, - {4, RMI$_DIRFCB_MISS}, - {4, RMI$_DIRDATA_HIT}, - {4, RMI$_EXTHIT}, - {4, RMI$_EXTMISS}, - {4, RMI$_QUOHIT}, - {4, RMI$_QUOMISS}, - {4, RMI$_STORAGMAP_HIT}, - {4, RMI$_VOLLCK}, - {4, RMI$_SYNCHLCK}, - {4, RMI$_SYNCHWAIT}, - {4, RMI$_ACCLCK}, - {4, RMI$_XQPCACHEWAIT}, - {4, RMI$_DIRDATA_MISS}, - {4, RMI$_FILHDR_MISS}, - {4, RMI$_STORAGMAP_MISS}, - {4, RMI$_PROCCNTMAX}, - {4, RMI$_PROCBATCNT}, - {4, RMI$_PROCINTCNT}, - {4, RMI$_PROCNETCNT}, - {4, RMI$_PROCSWITCHCNT}, - {4, RMI$_PROCBALSETCNT}, - {4, RMI$_PROCLOADCNT}, - {4, RMI$_BADFLTS}, - {4, RMI$_EXEFAULTS}, - {4, RMI$_HDRINSWAPS}, - {4, RMI$_HDROUTSWAPS}, - {4, RMI$_IOPAGCNT}, - {4, RMI$_ISWPCNTPG}, - {4, RMI$_OSWPCNT}, - {4, RMI$_OSWPCNTPG}, - {4, RMI$_RDFAULTS}, - {4, RMI$_TRANSFLTS}, - {4, RMI$_WRTFAULTS}, + { 4, RMI$_LPZ_PAGCNT }, + { 4, RMI$_LPZ_HITS }, + { 4, RMI$_LPZ_MISSES }, + { 4, RMI$_LPZ_EXPCNT }, + { 4, RMI$_LPZ_ALLOCF }, + { 4, RMI$_LPZ_ALLOC2 }, + { 4, RMI$_ACCESS }, + { 4, RMI$_ALLOC }, + { 4, RMI$_FCPCREATE }, + { 4, RMI$_VOLWAIT }, + { 4, RMI$_FCPTURN }, + { 4, RMI$_FCPERASE }, + { 4, RMI$_OPENS }, + { 4, RMI$_FIDHIT }, + { 4, RMI$_FIDMISS }, + { 4, RMI$_FILHDR_HIT }, + { 4, RMI$_DIRFCB_HIT }, + { 4, RMI$_DIRFCB_MISS }, + { 4, RMI$_DIRDATA_HIT }, + { 4, RMI$_EXTHIT }, + { 4, RMI$_EXTMISS }, + { 4, RMI$_QUOHIT }, + { 4, RMI$_QUOMISS }, + { 4, RMI$_STORAGMAP_HIT }, + { 4, RMI$_VOLLCK }, + { 4, RMI$_SYNCHLCK }, + { 4, RMI$_SYNCHWAIT }, + { 4, RMI$_ACCLCK }, + { 4, RMI$_XQPCACHEWAIT }, + { 4, RMI$_DIRDATA_MISS }, + { 4, RMI$_FILHDR_MISS }, + { 4, RMI$_STORAGMAP_MISS }, + { 4, RMI$_PROCCNTMAX }, + { 4, RMI$_PROCBATCNT }, + { 4, RMI$_PROCINTCNT }, + { 4, RMI$_PROCNETCNT }, + { 4, RMI$_PROCSWITCHCNT }, + { 4, RMI$_PROCBALSETCNT }, + { 4, RMI$_PROCLOADCNT }, + { 4, RMI$_BADFLTS }, + { 4, RMI$_EXEFAULTS }, + { 4, RMI$_HDRINSWAPS }, + { 4, RMI$_HDROUTSWAPS }, + { 4, RMI$_IOPAGCNT }, + { 4, RMI$_ISWPCNTPG }, + { 4, RMI$_OSWPCNT }, + { 4, RMI$_OSWPCNTPG }, + { 4, RMI$_RDFAULTS }, + { 4, RMI$_TRANSFLTS }, + { 4, RMI$_WRTFAULTS }, #if defined __alpha - {4, RMI$_USERPAGES}, + { 4, RMI$_USERPAGES }, #endif - {4, RMI$_VMSPAGES}, - {4, RMI$_TTWRITES}, - {4, RMI$_BUFOBJPAG}, - {4, RMI$_BUFOBJPAGPEAK}, - {4, RMI$_BUFOBJPAGS01}, - {4, RMI$_BUFOBJPAGS2}, - {4, RMI$_BUFOBJPAGMAXS01}, - {4, RMI$_BUFOBJPAGMAXS2}, - {4, RMI$_BUFOBJPAGPEAKS01}, - {4, RMI$_BUFOBJPAGPEAKS2}, - {4, RMI$_BUFOBJPGLTMAXS01}, - {4, RMI$_BUFOBJPGLTMAXS2}, - {4, RMI$_DLCK_INCMPLT}, - {4, RMI$_DLCKMSGS_IN}, - {4, RMI$_DLCKMSGS_OUT}, - {4, RMI$_MCHKERRS}, - {4, RMI$_MEMERRS}, + { 4, RMI$_VMSPAGES }, + { 4, RMI$_TTWRITES }, + { 4, RMI$_BUFOBJPAG }, + { 4, RMI$_BUFOBJPAGPEAK }, + { 4, RMI$_BUFOBJPAGS01 }, + { 4, RMI$_BUFOBJPAGS2 }, + { 4, RMI$_BUFOBJPAGMAXS01 }, + { 4, RMI$_BUFOBJPAGMAXS2 }, + { 4, RMI$_BUFOBJPAGPEAKS01 }, + { 4, RMI$_BUFOBJPAGPEAKS2 }, + { 4, RMI$_BUFOBJPGLTMAXS01 }, + { 4, RMI$_BUFOBJPGLTMAXS2 }, + { 4, RMI$_DLCK_INCMPLT }, + { 4, RMI$_DLCKMSGS_IN }, + { 4, RMI$_DLCKMSGS_OUT }, + { 4, RMI$_MCHKERRS }, + { 4, RMI$_MEMERRS }, }; static const struct item_st RMI_item_data_64bit[] = { #if defined __ia64 - {8, RMI$_FRLIST}, - {8, RMI$_MODLIST}, + { 8, RMI$_FRLIST }, + { 8, RMI$_MODLIST }, #endif - {8, RMI$_LCKMGR_REQCNT}, - {8, RMI$_LCKMGR_REQTIME}, - {8, RMI$_LCKMGR_SPINCNT}, - {8, RMI$_LCKMGR_SPINTIME}, - {8, RMI$_CPUINTSTK}, - {8, RMI$_CPUMPSYNCH}, - {8, RMI$_CPUKERNEL}, - {8, RMI$_CPUEXEC}, - {8, RMI$_CPUSUPER}, - {8, RMI$_CPUUSER}, + { 8, RMI$_LCKMGR_REQCNT }, + { 8, RMI$_LCKMGR_REQTIME }, + { 8, RMI$_LCKMGR_SPINCNT }, + { 8, RMI$_LCKMGR_SPINTIME }, + { 8, RMI$_CPUINTSTK }, + { 8, RMI$_CPUMPSYNCH }, + { 8, RMI$_CPUKERNEL }, + { 8, RMI$_CPUEXEC }, + { 8, RMI$_CPUSUPER }, + { 8, RMI$_CPUUSER }, #if defined __ia64 - {8, RMI$_USERPAGES}, + { 8, RMI$_USERPAGES }, #endif - {8, RMI$_TQETOTAL}, - {8, RMI$_TQESYSUB}, - {8, RMI$_TQEUSRTIMR}, - {8, RMI$_TQEUSRWAKE}, + { 8, RMI$_TQETOTAL }, + { 8, RMI$_TQESYSUB }, + { 8, RMI$_TQEUSRTIMR }, + { 8, RMI$_TQEUSRWAKE }, }; static const struct item_st SYI_item_data[] = { - {4, SYI$_PAGEFILE_FREE}, + { 4, SYI$_PAGEFILE_FREE }, }; /* @@ -280,9 +280,9 @@ static const struct item_st SYI_item_data[] = { * Returns the number of elements used in databuffer */ static size_t prepare_item_list(const struct item_st *items_input, - size_t items_input_num, - ILE3 *items, - uint32_t__ptr32 databuffer) + size_t items_input_num, + ILE3 *items, + uint32_t__ptr32 databuffer) { size_t data_sz = 0; @@ -339,7 +339,7 @@ static void massage_JPI(ILE3 *items) * For the moment, we assume about 0.05 entropy bits per data bit, or 1 * bit of entropy per 20 data bits. */ -#define ENTROPY_FACTOR 20 +#define ENTROPY_FACTOR 20 size_t data_collect_method(RAND_POOL *pool) { @@ -353,12 +353,12 @@ size_t data_collect_method(RAND_POOL *pool) /* This ensures buffer starts at 64 bit boundary */ uint64_t dummy; uint32_t buffer[OSSL_NELEM(JPI_item_data_64bit) * 2 - + OSSL_NELEM(RMI_item_data_64bit) * 2 - + OSSL_NELEM(DVI_item_data) - + OSSL_NELEM(JPI_item_data) - + OSSL_NELEM(RMI_item_data) - + OSSL_NELEM(SYI_item_data) - + 4 /* For JPI$_FINALEXC */]; + + OSSL_NELEM(RMI_item_data_64bit) * 2 + + OSSL_NELEM(DVI_item_data) + + OSSL_NELEM(JPI_item_data) + + OSSL_NELEM(RMI_item_data) + + OSSL_NELEM(SYI_item_data) + + 4 /* For JPI$_FINALEXC */]; } data; size_t total_elems = 0; size_t total_length = 0; @@ -366,21 +366,19 @@ size_t data_collect_method(RAND_POOL *pool) size_t bytes_remaining = ossl_rand_pool_bytes_remaining(pool); /* Take all the 64-bit items first, to ensure proper alignment of data */ - total_elems += - prepare_item_list(JPI_item_data_64bit, OSSL_NELEM(JPI_item_data_64bit), - JPI_items_64bit, &data.buffer[total_elems]); - total_elems += - prepare_item_list(RMI_item_data_64bit, OSSL_NELEM(RMI_item_data_64bit), - RMI_items_64bit, &data.buffer[total_elems]); + total_elems += prepare_item_list(JPI_item_data_64bit, OSSL_NELEM(JPI_item_data_64bit), + JPI_items_64bit, &data.buffer[total_elems]); + total_elems += prepare_item_list(RMI_item_data_64bit, OSSL_NELEM(RMI_item_data_64bit), + RMI_items_64bit, &data.buffer[total_elems]); /* Now the 32-bit items */ total_elems += prepare_item_list(DVI_item_data, OSSL_NELEM(DVI_item_data), - DVI_items, &data.buffer[total_elems]); + DVI_items, &data.buffer[total_elems]); total_elems += prepare_item_list(JPI_item_data, OSSL_NELEM(JPI_item_data), - JPI_items, &data.buffer[total_elems]); + JPI_items, &data.buffer[total_elems]); total_elems += prepare_item_list(RMI_item_data, OSSL_NELEM(RMI_item_data), - RMI_items, &data.buffer[total_elems]); + RMI_items, &data.buffer[total_elems]); total_elems += prepare_item_list(SYI_item_data, OSSL_NELEM(SYI_item_data), - SYI_items, &data.buffer[total_elems]); + SYI_items, &data.buffer[total_elems]); total_length = total_elems * sizeof(data.buffer[0]); /* Fill data.buffer with various info bits from this process */ @@ -388,10 +386,11 @@ size_t data_collect_method(RAND_POOL *pool) uint32_t status; uint32_t efn; IOSB iosb; - $DESCRIPTOR(SYSDEVICE,"SYS$SYSDEVICE:"); + $DESCRIPTOR(SYSDEVICE, "SYS$SYSDEVICE:"); if ((status = sys$getdviw(EFN$C_ENF, 0, &SYSDEVICE, DVI_items, - 0, 0, 0, 0, 0)) != SS$_NORMAL) { + 0, 0, 0, 0, 0)) + != SS$_NORMAL) { lib$signal(status); return 0; } @@ -457,8 +456,8 @@ size_t data_collect_method(RAND_POOL *pool) */ if (!ossl_assert(total_length >= bytes_needed)) { ERR_raise_data(ERR_LIB_RAND, RAND_R_RANDOM_POOL_UNDERFLOW, - "Needed: %zu, Available: %zu", - bytes_needed, total_length); + "Needed: %zu, Available: %zu", + bytes_needed, total_length); return 0; } @@ -470,7 +469,7 @@ size_t data_collect_method(RAND_POOL *pool) /* We give the pessimistic value for the amount of entropy */ ossl_rand_pool_add(pool, (unsigned char *)data.buffer, total_length, - 8 * total_length / ENTROPY_FACTOR); + 8 * total_length / ENTROPY_FACTOR); return ossl_rand_pool_entropy_available(pool); } @@ -509,10 +508,9 @@ size_t get_entropy_method(RAND_POOL *pool) uint32_t status; for (bytes_needed = ossl_rand_pool_bytes_needed(pool, 1); - bytes_needed > 0; - bytes_needed -= bytes_to_get) { - bytes_to_get = - bytes_needed > sizeof(buffer) ? sizeof(buffer) : bytes_needed; + bytes_needed > 0; + bytes_needed -= bytes_to_get) { + bytes_to_get = bytes_needed > sizeof(buffer) ? sizeof(buffer) : bytes_needed; status = get_entropy_address(buffer, bytes_to_get); if (status == SS$_RETRY) { @@ -589,7 +587,7 @@ int ossl_pool_add_nonce_data(RAND_POOL *pool) data.pid = getpid(); data.tid = CRYPTO_THREAD_get_current_id(); data.seq = 0; - sys$gettim((void*)&data.time); + sys$gettim((void *)&data.time); if (data.time == last_time) { data.seq = ++last_seq; diff --git a/providers/implementations/rands/seeding/rand_vxworks.c b/providers/implementations/rands/seeding/rand_vxworks.c index 12be9357bf28..8e88a4f12e40 100644 --- a/providers/implementations/rands/seeding/rand_vxworks.c +++ b/providers/implementations/rands/seeding/rand_vxworks.c @@ -19,19 +19,19 @@ #if defined(OPENSSL_RAND_SEED_NONE) /* none means none */ -# undef OPENSSL_RAND_SEED_OS +#undef OPENSSL_RAND_SEED_OS #endif #if defined(OPENSSL_RAND_SEED_OS) -# if _WRS_VXWORKS_MAJOR >= 7 -# define RAND_SEED_VXRANDLIB -# else -# error "VxWorks <7 only support RAND_SEED_NONE" -# endif +#if _WRS_VXWORKS_MAJOR >= 7 +#define RAND_SEED_VXRANDLIB +#else +#error "VxWorks <7 only support RAND_SEED_NONE" +#endif #endif #if defined(RAND_SEED_VXRANDLIB) -# include <randomNumGen.h> +#include <randomNumGen.h> #endif /* Macro to convert two thirty two bit values into a sixty four bit one */ @@ -125,8 +125,7 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) size_t bytes_needed; bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); - if (bytes_needed > 0) - { + if (bytes_needed > 0) { int retryCount = 0; STATUS result = ERROR; unsigned char *buffer; @@ -136,7 +135,7 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) RANDOM_NUM_GEN_STATUS status = randStatus(); if ((status == RANDOM_NUM_GEN_ENOUGH_ENTROPY) - || (status == RANDOM_NUM_GEN_MAX_ENTROPY) ) { + || (status == RANDOM_NUM_GEN_MAX_ENTROPY)) { result = randBytes(buffer, bytes_needed); if (result == OK) ossl_rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed); diff --git a/providers/implementations/rands/seeding/rand_win.c b/providers/implementations/rands/seeding/rand_win.c index cf903f3cb5a2..445a13428901 100644 --- a/providers/implementations/rands/seeding/rand_win.c +++ b/providers/implementations/rands/seeding/rand_win.c @@ -15,64 +15,64 @@ #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) -# ifndef OPENSSL_RAND_SEED_OS -# error "Unsupported seeding method configured; must be os" -# endif +#ifndef OPENSSL_RAND_SEED_OS +#error "Unsupported seeding method configured; must be os" +#endif -# include <windows.h> +#include <windows.h> /* On Windows Vista or higher use BCrypt instead of the legacy CryptoAPI */ -# if defined(_MSC_VER) && _MSC_VER > 1500 /* 1500 = Visual Studio 2008 */ \ - && defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600 -# define USE_BCRYPTGENRANDOM -# endif +#if defined(_MSC_VER) && _MSC_VER > 1500 /* 1500 = Visual Studio 2008 */ \ + && defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600 +#define USE_BCRYPTGENRANDOM +#endif -# ifdef USE_BCRYPTGENRANDOM -# include <bcrypt.h> -# ifdef _MSC_VER -# pragma comment(lib, "bcrypt.lib") -# endif -# ifndef STATUS_SUCCESS -# define STATUS_SUCCESS ((NTSTATUS)0x00000000L) -# endif -# else -# include <wincrypt.h> +#ifdef USE_BCRYPTGENRANDOM +#include <bcrypt.h> +#ifdef _MSC_VER +#pragma comment(lib, "bcrypt.lib") +#endif +#ifndef STATUS_SUCCESS +#define STATUS_SUCCESS ((NTSTATUS)0x00000000L) +#endif +#else +#include <wincrypt.h> /* * Intel hardware RNG CSP -- available from * http://developer.intel.com/design/security/rng/redist_license.htm */ -# define PROV_INTEL_SEC 22 -# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" -# endif +#define PROV_INTEL_SEC 22 +#define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" +#endif size_t ossl_pool_acquire_entropy(RAND_POOL *pool) { -# ifndef USE_BCRYPTGENRANDOM +#ifndef USE_BCRYPTGENRANDOM HCRYPTPROV hProvider; -# endif +#endif unsigned char *buffer; size_t bytes_needed; size_t entropy_available = 0; - -# ifdef OPENSSL_RAND_SEED_RDTSC +#ifdef OPENSSL_RAND_SEED_RDTSC entropy_available = ossl_prov_acquire_entropy_from_tsc(pool); if (entropy_available > 0) return entropy_available; -# endif +#endif -# ifdef OPENSSL_RAND_SEED_RDCPU +#ifdef OPENSSL_RAND_SEED_RDCPU entropy_available = ossl_prov_acquire_entropy_from_cpu(pool); if (entropy_available > 0) return entropy_available; -# endif +#endif -# ifdef USE_BCRYPTGENRANDOM +#ifdef USE_BCRYPTGENRANDOM bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); buffer = ossl_rand_pool_add_begin(pool, bytes_needed); if (buffer != NULL) { size_t bytes = 0; if (BCryptGenRandom(NULL, buffer, bytes_needed, - BCRYPT_USE_SYSTEM_PREFERRED_RNG) == STATUS_SUCCESS) + BCRYPT_USE_SYSTEM_PREFERRED_RNG) + == STATUS_SUCCESS) bytes = bytes_needed; ossl_rand_pool_add_end(pool, bytes, 8 * bytes); @@ -80,14 +80,15 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) } if (entropy_available > 0) return entropy_available; -# else +#else bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); buffer = ossl_rand_pool_add_begin(pool, bytes_needed); if (buffer != NULL) { size_t bytes = 0; /* poll the CryptoAPI PRNG */ if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) { + CRYPT_VERIFYCONTEXT | CRYPT_SILENT) + != 0) { if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) bytes = bytes_needed; @@ -106,8 +107,9 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) size_t bytes = 0; /* poll the Pentium PRG with CryptoAPI */ if (CryptAcquireContextW(&hProvider, NULL, - INTEL_DEF_PROV, PROV_INTEL_SEC, - CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) { + INTEL_DEF_PROV, PROV_INTEL_SEC, + CRYPT_VERIFYCONTEXT | CRYPT_SILENT) + != 0) { if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) bytes = bytes_needed; @@ -118,12 +120,11 @@ size_t ossl_pool_acquire_entropy(RAND_POOL *pool) } if (entropy_available > 0) return entropy_available; -# endif +#endif return ossl_rand_pool_entropy_available(pool); } - int ossl_pool_add_nonce_data(RAND_POOL *pool) { struct { diff --git a/providers/implementations/rands/test_rng.c b/providers/implementations/rands/test_rng.c index e3b91368e80f..d32b84be6a9f 100644 --- a/providers/implementations/rands/test_rng.c +++ b/providers/implementations/rands/test_rng.c @@ -48,7 +48,7 @@ typedef struct { } PROV_TEST_RNG; static void *test_rng_new(void *provctx, void *parent, - const OSSL_DISPATCH *parent_dispatch) + const OSSL_DISPATCH *parent_dispatch) { PROV_TEST_RNG *t; @@ -75,9 +75,9 @@ static void test_rng_free(void *vtest) } static int test_rng_instantiate(void *vtest, unsigned int strength, - int prediction_resistance, - const unsigned char *pstr, size_t pstr_len, - const OSSL_PARAM params[]) + int prediction_resistance, + const unsigned char *pstr, size_t pstr_len, + const OSSL_PARAM params[]) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; @@ -100,8 +100,8 @@ static int test_rng_uninstantiate(void *vtest) } static int test_rng_generate(void *vtest, unsigned char *out, size_t outlen, - unsigned int strength, int prediction_resistance, - const unsigned char *adin, size_t adin_len) + unsigned int strength, int prediction_resistance, + const unsigned char *adin, size_t adin_len) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; @@ -113,19 +113,19 @@ static int test_rng_generate(void *vtest, unsigned char *out, size_t outlen, } static int test_rng_reseed(ossl_unused void *vtest, - ossl_unused int prediction_resistance, - ossl_unused const unsigned char *ent, - ossl_unused size_t ent_len, - ossl_unused const unsigned char *adin, - ossl_unused size_t adin_len) + ossl_unused int prediction_resistance, + ossl_unused const unsigned char *ent, + ossl_unused size_t ent_len, + ossl_unused const unsigned char *adin, + ossl_unused size_t adin_len) { return 1; } static size_t test_rng_nonce(void *vtest, unsigned char *out, - unsigned int strength, - ossl_unused size_t min_noncelen, - size_t max_noncelen) + unsigned int strength, + ossl_unused size_t min_noncelen, + size_t max_noncelen) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; size_t i; @@ -159,7 +159,7 @@ static int test_rng_get_ctx_params(void *vtest, OSSL_PARAM params[]) } static const OSSL_PARAM *test_rng_gettable_ctx_params(ossl_unused void *vtest, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL), @@ -205,14 +205,14 @@ static int test_rng_set_ctx_params(void *vtest, const OSSL_PARAM params[]) } p = OSSL_PARAM_locate_const(params, OSSL_RAND_PARAM_MAX_REQUEST); - if (p != NULL && !OSSL_PARAM_get_size_t(p, &t->max_request)) + if (p != NULL && !OSSL_PARAM_get_size_t(p, &t->max_request)) return 0; return 1; } static const OSSL_PARAM *test_rng_settable_ctx_params(ossl_unused void *vtest, - ossl_unused void *provctx) + ossl_unused void *provctx) { static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, NULL, 0), @@ -230,15 +230,15 @@ static int test_rng_verify_zeroization(ossl_unused void *vtest) } static size_t test_rng_get_seed(void *vtest, unsigned char **pout, - int entropy, size_t min_len, size_t max_len, - ossl_unused int prediction_resistance, - ossl_unused const unsigned char *adin, - ossl_unused size_t adin_len) + int entropy, size_t min_len, size_t max_len, + ossl_unused int prediction_resistance, + ossl_unused const unsigned char *adin, + ossl_unused size_t adin_len) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; *pout = t->entropy; - return t->entropy_len > max_len ? max_len : t->entropy_len; + return t->entropy_len > max_len ? max_len : t->entropy_len; } static int test_rng_enable_locking(void *vtest) @@ -273,26 +273,26 @@ static void test_rng_unlock(void *vtest) } const OSSL_DISPATCH ossl_test_rng_functions[] = { - { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))test_rng_new }, - { OSSL_FUNC_RAND_FREECTX, (void(*)(void))test_rng_free }, + { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))test_rng_new }, + { OSSL_FUNC_RAND_FREECTX, (void (*)(void))test_rng_free }, { OSSL_FUNC_RAND_INSTANTIATE, - (void(*)(void))test_rng_instantiate }, + (void (*)(void))test_rng_instantiate }, { OSSL_FUNC_RAND_UNINSTANTIATE, - (void(*)(void))test_rng_uninstantiate }, - { OSSL_FUNC_RAND_GENERATE, (void(*)(void))test_rng_generate }, - { OSSL_FUNC_RAND_RESEED, (void(*)(void))test_rng_reseed }, - { OSSL_FUNC_RAND_NONCE, (void(*)(void))test_rng_nonce }, - { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))test_rng_enable_locking }, - { OSSL_FUNC_RAND_LOCK, (void(*)(void))test_rng_lock }, - { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))test_rng_unlock }, + (void (*)(void))test_rng_uninstantiate }, + { OSSL_FUNC_RAND_GENERATE, (void (*)(void))test_rng_generate }, + { OSSL_FUNC_RAND_RESEED, (void (*)(void))test_rng_reseed }, + { OSSL_FUNC_RAND_NONCE, (void (*)(void))test_rng_nonce }, + { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))test_rng_enable_locking }, + { OSSL_FUNC_RAND_LOCK, (void (*)(void))test_rng_lock }, + { OSSL_FUNC_RAND_UNLOCK, (void (*)(void))test_rng_unlock }, { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS, - (void(*)(void))test_rng_settable_ctx_params }, - { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))test_rng_set_ctx_params }, + (void (*)(void))test_rng_settable_ctx_params }, + { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void (*)(void))test_rng_set_ctx_params }, { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, - (void(*)(void))test_rng_gettable_ctx_params }, - { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))test_rng_get_ctx_params }, + (void (*)(void))test_rng_gettable_ctx_params }, + { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void (*)(void))test_rng_get_ctx_params }, { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, - (void(*)(void))test_rng_verify_zeroization }, - { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))test_rng_get_seed }, + (void (*)(void))test_rng_verify_zeroization }, + { OSSL_FUNC_RAND_GET_SEED, (void (*)(void))test_rng_get_seed }, { 0, NULL } }; diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c index 28fd7c498e99..8e3a03715805 100644 --- a/providers/implementations/signature/dsa_sig.c +++ b/providers/implementations/signature/dsa_sig.c @@ -80,7 +80,7 @@ typedef struct { /* The Algorithm Identifier of the combined signature algorithm */ unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; unsigned char *aid; - size_t aid_len; + size_t aid_len; /* main digest */ EVP_MD *md; @@ -88,7 +88,6 @@ typedef struct { int operation; } PROV_DSA_CTX; - static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx) { if (pdsactx->md != NULL) @@ -118,7 +117,7 @@ static void *dsa_newctx(void *provctx, const char *propq) } static int dsa_setup_md(PROV_DSA_CTX *ctx, - const char *mdname, const char *mdprops) + const char *mdname, const char *mdprops) { if (mdprops == NULL) mdprops = ctx->propq; @@ -128,19 +127,19 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, WPACKET pkt; EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); int md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md, - sha1_allowed); + sha1_allowed); size_t mdname_len = strlen(mdname); if (md == NULL || md_nid < 0) { if (md == NULL) ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s could not be fetched", mdname); + "%s could not be fetched", mdname); if (md_nid < 0) ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest=%s", mdname); + "digest=%s", mdname); if (mdname_len >= sizeof(ctx->mdname)) ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s exceeds name buffer length", mdname); + "%s exceeds name buffer length", mdname); EVP_MD_free(md); return 0; } @@ -148,7 +147,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, if (!ctx->flag_allow_md) { if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest %s != %s", mdname, ctx->mdname); + "digest %s != %s", mdname, ctx->mdname); EVP_MD_free(md); return 0; } @@ -169,7 +168,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, ctx->aid_len = 0; if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) && ossl_DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa, - md_nid) + md_nid) && WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, &ctx->aid_len); ctx->aid = WPACKET_get_curr(&pkt); @@ -184,12 +183,12 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, } static int dsa_signverify_init(void *vpdsactx, void *vdsa, - const OSSL_PARAM params[], int operation) + const OSSL_PARAM params[], int operation) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; if (!ossl_prov_is_running() - || pdsactx == NULL) + || pdsactx == NULL) return 0; if (vdsa == NULL && pdsactx->dsa == NULL) { @@ -199,7 +198,7 @@ static int dsa_signverify_init(void *vpdsactx, void *vdsa, if (vdsa != NULL) { if (!ossl_dsa_check_key(pdsactx->libctx, vdsa, - operation == EVP_PKEY_OP_SIGN)) { + operation == EVP_PKEY_OP_SIGN)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -223,13 +222,13 @@ static int dsa_sign_init(void *vpdsactx, void *vdsa, const OSSL_PARAM params[]) } static int dsa_verify_init(void *vpdsactx, void *vdsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return dsa_signverify_init(vpdsactx, vdsa, params, EVP_PKEY_OP_VERIFY); } static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen, - size_t sigsize, const unsigned char *tbs, size_t tbslen) + size_t sigsize, const unsigned char *tbs, size_t tbslen) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; int ret; @@ -260,7 +259,7 @@ static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen, } static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) + const unsigned char *tbs, size_t tbslen) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; size_t mdsize = dsa_get_md_size(pdsactx); @@ -272,8 +271,8 @@ static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen, } static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, - void *vdsa, const OSSL_PARAM params[], - int operation) + void *vdsa, const OSSL_PARAM params[], + int operation) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; @@ -299,28 +298,28 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, return 1; - error: +error: EVP_MD_CTX_free(pdsactx->mdctx); pdsactx->mdctx = NULL; return 0; } static int dsa_digest_sign_init(void *vpdsactx, const char *mdname, - void *vdsa, const OSSL_PARAM params[]) + void *vdsa, const OSSL_PARAM params[]) { return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, params, - EVP_PKEY_OP_SIGN); + EVP_PKEY_OP_SIGN); } static int dsa_digest_verify_init(void *vpdsactx, const char *mdname, - void *vdsa, const OSSL_PARAM params[]) + void *vdsa, const OSSL_PARAM params[]) { return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, params, - EVP_PKEY_OP_VERIFY); + EVP_PKEY_OP_VERIFY); } int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data, - size_t datalen) + size_t datalen) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; @@ -331,7 +330,7 @@ int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data, } int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen, - size_t sigsize) + size_t sigsize) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -359,9 +358,8 @@ int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen, return dsa_sign(vpdsactx, sig, siglen, sigsize, digest, (size_t)dlen); } - int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig, - size_t siglen) + size_t siglen) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -426,7 +424,7 @@ static void *dsa_dupctx(void *vpdsactx) if (srcctx->mdctx != NULL) { dstctx->mdctx = EVP_MD_CTX_new(); if (dstctx->mdctx == NULL - || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) + || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) goto err; } if (srcctx->propq != NULL) { @@ -436,7 +434,7 @@ static void *dsa_dupctx(void *vpdsactx) } return dstctx; - err: +err: dsa_freectx(dstctx); return NULL; } @@ -468,7 +466,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { }; static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -487,9 +485,8 @@ static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[]) if (p != NULL) { char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname; char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops; - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, - OSSL_SIGNATURE_PARAM_PROPERTIES); + const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_PROPERTIES); if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) return 0; @@ -514,7 +511,7 @@ static const OSSL_PARAM settable_ctx_params_no_digest[] = { }; static const OSSL_PARAM *dsa_settable_ctx_params(void *vpdsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; @@ -570,32 +567,32 @@ const OSSL_DISPATCH ossl_dsa_signature_functions[] = { { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_verify_init }, { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))dsa_digest_sign_init }, + (void (*)(void))dsa_digest_sign_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, - (void (*)(void))dsa_digest_signverify_update }, + (void (*)(void))dsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, - (void (*)(void))dsa_digest_sign_final }, + (void (*)(void))dsa_digest_sign_final }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))dsa_digest_verify_init }, + (void (*)(void))dsa_digest_verify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, - (void (*)(void))dsa_digest_signverify_update }, + (void (*)(void))dsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, - (void (*)(void))dsa_digest_verify_final }, + (void (*)(void))dsa_digest_verify_final }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))dsa_freectx }, { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))dsa_dupctx }, { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))dsa_get_ctx_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, - (void (*)(void))dsa_gettable_ctx_params }, + (void (*)(void))dsa_gettable_ctx_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))dsa_set_ctx_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, - (void (*)(void))dsa_settable_ctx_params }, + (void (*)(void))dsa_settable_ctx_params }, { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, - (void (*)(void))dsa_get_ctx_md_params }, + (void (*)(void))dsa_get_ctx_md_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, - (void (*)(void))dsa_gettable_ctx_md_params }, + (void (*)(void))dsa_gettable_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, - (void (*)(void))dsa_set_ctx_md_params }, + (void (*)(void))dsa_set_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, - (void (*)(void))dsa_settable_ctx_md_params }, + (void (*)(void))dsa_settable_ctx_md_params }, { 0, NULL } }; diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c index 865d49d1004f..2624ebe80155 100644 --- a/providers/implementations/signature/ecdsa_sig.c +++ b/providers/implementations/signature/ecdsa_sig.c @@ -77,7 +77,7 @@ typedef struct { /* The Algorithm Identifier of the combined signature algorithm */ unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; unsigned char *aid; - size_t aid_len; + size_t aid_len; size_t mdsize; int operation; @@ -126,12 +126,12 @@ static void *ecdsa_newctx(void *provctx, const char *propq) } static int ecdsa_signverify_init(void *vctx, void *ec, - const OSSL_PARAM params[], int operation) + const OSSL_PARAM params[], int operation) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; if (!ossl_prov_is_running() - || ctx == NULL) + || ctx == NULL) return 0; if (ec == NULL && ctx->ec == NULL) { @@ -167,7 +167,7 @@ static int ecdsa_verify_init(void *vctx, void *ec, const OSSL_PARAM params[]) } static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen, - size_t sigsize, const unsigned char *tbs, size_t tbslen) + size_t sigsize, const unsigned char *tbs, size_t tbslen) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; int ret; @@ -202,7 +202,7 @@ static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen, } static int ecdsa_verify(void *vctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) + const unsigned char *tbs, size_t tbslen) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; @@ -213,7 +213,7 @@ static int ecdsa_verify(void *vctx, const unsigned char *sig, size_t siglen, } static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, - const char *mdprops) + const char *mdprops) { EVP_MD *md = NULL; size_t mdname_len; @@ -226,7 +226,7 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, mdname_len = strlen(mdname); if (mdname_len >= sizeof(ctx->mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s exceeds name buffer length", mdname); + "%s exceeds name buffer length", mdname); return 0; } if (mdprops == NULL) @@ -234,15 +234,15 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); if (md == NULL) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s could not be fetched", mdname); + "%s could not be fetched", mdname); return 0; } sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md, - sha1_allowed); + sha1_allowed); if (md_nid < 0) { ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest=%s", mdname); + "digest=%s", mdname); EVP_MD_free(md); return 0; } @@ -250,7 +250,7 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, if (!ctx->flag_allow_md) { if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest %s != %s", mdname, ctx->mdname); + "digest %s != %s", mdname, ctx->mdname); EVP_MD_free(md); return 0; } @@ -264,7 +264,7 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, ctx->aid_len = 0; if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec, - md_nid) + md_nid) && WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, &ctx->aid_len); ctx->aid = WPACKET_get_curr(&pkt); @@ -279,8 +279,8 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, } static int ecdsa_digest_signverify_init(void *vctx, const char *mdname, - void *ec, const OSSL_PARAM params[], - int operation) + void *ec, const OSSL_PARAM params[], + int operation) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; @@ -309,21 +309,21 @@ error: } static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return ecdsa_digest_signverify_init(vctx, mdname, ec, params, - EVP_PKEY_OP_SIGN); + EVP_PKEY_OP_SIGN); } static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { return ecdsa_digest_signverify_init(vctx, mdname, ec, params, - EVP_PKEY_OP_VERIFY); + EVP_PKEY_OP_VERIFY); } int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data, - size_t datalen) + size_t datalen) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; @@ -334,7 +334,7 @@ int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data, } int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen, - size_t sigsize) + size_t sigsize) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -355,7 +355,7 @@ int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen, } int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig, - size_t siglen) + size_t siglen) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -419,7 +419,7 @@ static void *ecdsa_dupctx(void *vctx) if (srcctx->mdctx != NULL) { dstctx->mdctx = EVP_MD_CTX_new(); if (dstctx->mdctx == NULL - || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) + || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) goto err; } @@ -430,7 +430,7 @@ static void *ecdsa_dupctx(void *vctx) } return dstctx; - err: +err: ecdsa_freectx(dstctx); return NULL; } @@ -452,9 +452,7 @@ static int ecdsa_get_ctx_params(void *vctx, OSSL_PARAM *params) return 0; p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); - if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL - ? ctx->mdname - : EVP_MD_get0_name(ctx->md))) + if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL ? ctx->mdname : EVP_MD_get0_name(ctx->md))) return 0; return 1; @@ -468,7 +466,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { }; static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *vctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -494,9 +492,8 @@ static int ecdsa_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (p != NULL) { char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname; char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops; - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, - OSSL_SIGNATURE_PARAM_PROPERTIES); + const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_PROPERTIES); if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) return 0; @@ -532,7 +529,7 @@ static const OSSL_PARAM settable_ctx_params_no_digest[] = { }; static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; @@ -588,32 +585,32 @@ const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = { { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init }, { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))ecdsa_digest_sign_init }, + (void (*)(void))ecdsa_digest_sign_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, - (void (*)(void))ecdsa_digest_signverify_update }, + (void (*)(void))ecdsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, - (void (*)(void))ecdsa_digest_sign_final }, + (void (*)(void))ecdsa_digest_sign_final }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))ecdsa_digest_verify_init }, + (void (*)(void))ecdsa_digest_verify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, - (void (*)(void))ecdsa_digest_signverify_update }, + (void (*)(void))ecdsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, - (void (*)(void))ecdsa_digest_verify_final }, + (void (*)(void))ecdsa_digest_verify_final }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx }, { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx }, { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))ecdsa_get_ctx_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, - (void (*)(void))ecdsa_gettable_ctx_params }, + (void (*)(void))ecdsa_gettable_ctx_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))ecdsa_set_ctx_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, - (void (*)(void))ecdsa_settable_ctx_params }, + (void (*)(void))ecdsa_settable_ctx_params }, { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, - (void (*)(void))ecdsa_get_ctx_md_params }, + (void (*)(void))ecdsa_get_ctx_md_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, - (void (*)(void))ecdsa_gettable_ctx_md_params }, + (void (*)(void))ecdsa_gettable_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, - (void (*)(void))ecdsa_set_ctx_md_params }, + (void (*)(void))ecdsa_set_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, - (void (*)(void))ecdsa_settable_ctx_md_params }, + (void (*)(void))ecdsa_settable_ctx_md_params }, { 0, NULL } }; diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c index 9ec910af2527..a109ea5e0cca 100644 --- a/providers/implementations/signature/eddsa_sig.c +++ b/providers/implementations/signature/eddsa_sig.c @@ -24,23 +24,23 @@ #include "crypto/ecx.h" #ifdef S390X_EC_ASM -# include "s390x_arch.h" +#include "s390x_arch.h" -# define S390X_CAN_SIGN(edtype) \ -((OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_##edtype)) \ -&& (OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_SIGN_##edtype)) \ -&& (OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_VERIFY_##edtype))) +#define S390X_CAN_SIGN(edtype) \ + ((OPENSSL_s390xcap_P.pcc[1] & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_##edtype)) \ + && (OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_SIGN_##edtype)) \ + && (OPENSSL_s390xcap_P.kdsa[0] & S390X_CAPBIT(S390X_EDDSA_VERIFY_##edtype))) static int s390x_ed25519_digestsign(const ECX_KEY *edkey, unsigned char *sig, - const unsigned char *tbs, size_t tbslen); + const unsigned char *tbs, size_t tbslen); static int s390x_ed448_digestsign(const ECX_KEY *edkey, unsigned char *sig, - const unsigned char *tbs, size_t tbslen); + const unsigned char *tbs, size_t tbslen); static int s390x_ed25519_digestverify(const ECX_KEY *edkey, - const unsigned char *sig, - const unsigned char *tbs, size_t tbslen); + const unsigned char *sig, + const unsigned char *tbs, size_t tbslen); static int s390x_ed448_digestverify(const ECX_KEY *edkey, - const unsigned char *sig, - const unsigned char *tbs, size_t tbslen); + const unsigned char *sig, + const unsigned char *tbs, size_t tbslen); #endif /* S390X_EC_ASM */ @@ -62,7 +62,7 @@ typedef struct { /* The Algorithm Identifier of the signature algorithm */ unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; unsigned char *aid; - size_t aid_len; + size_t aid_len; } PROV_EDDSA_CTX; static void *eddsa_newctx(void *provctx, const char *propq_unused) @@ -84,8 +84,8 @@ static void *eddsa_newctx(void *provctx, const char *propq_unused) } static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname, - void *vedkey, - ossl_unused const OSSL_PARAM params[]) + void *vedkey, + ossl_unused const OSSL_PARAM params[]) { PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx; ECX_KEY *edkey = (ECX_KEY *)vedkey; @@ -148,8 +148,8 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname, } int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret, - size_t *siglen, size_t sigsize, - const unsigned char *tbs, size_t tbslen) + size_t *siglen, size_t sigsize, + const unsigned char *tbs, size_t tbslen) { PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx; const ECX_KEY *edkey = peddsactx->key; @@ -171,16 +171,17 @@ int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret, } #ifdef S390X_EC_ASM if (S390X_CAN_SIGN(ED25519)) { - if (s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); - return 0; - } - *siglen = ED25519_SIGSIZE; - return 1; + if (s390x_ed25519_digestsign(edkey, sigret, tbs, tbslen) == 0) { + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); + return 0; + } + *siglen = ED25519_SIGSIZE; + return 1; } #endif /* S390X_EC_ASM */ if (ossl_ed25519_sign(sigret, tbs, tbslen, edkey->pubkey, edkey->privkey, - peddsactx->libctx, NULL) == 0) { + peddsactx->libctx, NULL) + == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); return 0; } @@ -189,8 +190,8 @@ int ed25519_digest_sign(void *vpeddsactx, unsigned char *sigret, } int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret, - size_t *siglen, size_t sigsize, - const unsigned char *tbs, size_t tbslen) + size_t *siglen, size_t sigsize, + const unsigned char *tbs, size_t tbslen) { PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx; const ECX_KEY *edkey = peddsactx->key; @@ -213,15 +214,16 @@ int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret, #ifdef S390X_EC_ASM if (S390X_CAN_SIGN(ED448)) { if (s390x_ed448_digestsign(edkey, sigret, tbs, tbslen) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); - return 0; - } - *siglen = ED448_SIGSIZE; - return 1; + ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); + return 0; + } + *siglen = ED448_SIGSIZE; + return 1; } #endif /* S390X_EC_ASM */ if (ossl_ed448_sign(peddsactx->libctx, sigret, tbs, tbslen, edkey->pubkey, - edkey->privkey, NULL, 0, edkey->propq) == 0) { + edkey->privkey, NULL, 0, edkey->propq) + == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SIGN); return 0; } @@ -230,8 +232,8 @@ int ed448_digest_sign(void *vpeddsactx, unsigned char *sigret, } int ed25519_digest_verify(void *vpeddsactx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen) + size_t siglen, const unsigned char *tbs, + size_t tbslen) { PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx; const ECX_KEY *edkey = peddsactx->key; @@ -245,12 +247,12 @@ int ed25519_digest_verify(void *vpeddsactx, const unsigned char *sig, #endif /* S390X_EC_ASM */ return ossl_ed25519_verify(tbs, tbslen, sig, edkey->pubkey, - peddsactx->libctx, edkey->propq); + peddsactx->libctx, edkey->propq); } int ed448_digest_verify(void *vpeddsactx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen) + size_t siglen, const unsigned char *tbs, + size_t tbslen) { PROV_EDDSA_CTX *peddsactx = (PROV_EDDSA_CTX *)vpeddsactx; const ECX_KEY *edkey = peddsactx->key; @@ -264,7 +266,7 @@ int ed448_digest_verify(void *vpeddsactx, const unsigned char *sig, #endif /* S390X_EC_ASM */ return ossl_ed448_verify(peddsactx->libctx, tbs, tbslen, sig, edkey->pubkey, - NULL, 0, edkey->propq); + NULL, 0, edkey->propq); } static void eddsa_freectx(void *vpeddsactx) @@ -298,7 +300,7 @@ static void *eddsa_dupctx(void *vpeddsactx) dstctx->key = srcctx->key; return dstctx; - err: +err: eddsa_freectx(dstctx); return NULL; } @@ -312,8 +314,7 @@ static int eddsa_get_ctx_params(void *vpeddsactx, OSSL_PARAM *params) return 0; p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); - if (p != NULL && !OSSL_PARAM_set_octet_string(p, peddsactx->aid, - peddsactx->aid_len)) + if (p != NULL && !OSSL_PARAM_set_octet_string(p, peddsactx->aid, peddsactx->aid_len)) return 0; return 1; @@ -325,7 +326,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { }; static const OSSL_PARAM *eddsa_gettable_ctx_params(ossl_unused void *vpeddsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -333,43 +334,43 @@ static const OSSL_PARAM *eddsa_gettable_ctx_params(ossl_unused void *vpeddsactx, const OSSL_DISPATCH ossl_ed25519_signature_functions[] = { { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))eddsa_newctx }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))eddsa_digest_signverify_init }, + (void (*)(void))eddsa_digest_signverify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN, - (void (*)(void))ed25519_digest_sign }, + (void (*)(void))ed25519_digest_sign }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))eddsa_digest_signverify_init }, + (void (*)(void))eddsa_digest_signverify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY, - (void (*)(void))ed25519_digest_verify }, + (void (*)(void))ed25519_digest_verify }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))eddsa_freectx }, { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))eddsa_dupctx }, { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))eddsa_get_ctx_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, - (void (*)(void))eddsa_gettable_ctx_params }, + (void (*)(void))eddsa_gettable_ctx_params }, { 0, NULL } }; const OSSL_DISPATCH ossl_ed448_signature_functions[] = { { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))eddsa_newctx }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))eddsa_digest_signverify_init }, + (void (*)(void))eddsa_digest_signverify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN, - (void (*)(void))ed448_digest_sign }, + (void (*)(void))ed448_digest_sign }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))eddsa_digest_signverify_init }, + (void (*)(void))eddsa_digest_signverify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY, - (void (*)(void))ed448_digest_verify }, + (void (*)(void))ed448_digest_verify }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))eddsa_freectx }, { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))eddsa_dupctx }, { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))eddsa_get_ctx_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, - (void (*)(void))eddsa_gettable_ctx_params }, + (void (*)(void))eddsa_gettable_ctx_params }, { 0, NULL } }; #ifdef S390X_EC_ASM static int s390x_ed25519_digestsign(const ECX_KEY *edkey, unsigned char *sig, - const unsigned char *tbs, size_t tbslen) + const unsigned char *tbs, size_t tbslen) { int rc; union { @@ -394,7 +395,7 @@ static int s390x_ed25519_digestsign(const ECX_KEY *edkey, unsigned char *sig, } static int s390x_ed448_digestsign(const ECX_KEY *edkey, unsigned char *sig, - const unsigned char *tbs, size_t tbslen) + const unsigned char *tbs, size_t tbslen) { int rc; union { @@ -421,8 +422,8 @@ static int s390x_ed448_digestsign(const ECX_KEY *edkey, unsigned char *sig, } static int s390x_ed25519_digestverify(const ECX_KEY *edkey, - const unsigned char *sig, - const unsigned char *tbs, size_t tbslen) + const unsigned char *sig, + const unsigned char *tbs, size_t tbslen) { union { struct { @@ -438,13 +439,16 @@ static int s390x_ed25519_digestverify(const ECX_KEY *edkey, s390x_flip_endian32(param.ed25519.pub, edkey->pubkey); return s390x_kdsa(S390X_EDDSA_VERIFY_ED25519, - ¶m.ed25519, tbs, tbslen) == 0 ? 1 : 0; + ¶m.ed25519, tbs, tbslen) + == 0 + ? 1 + : 0; } static int s390x_ed448_digestverify(const ECX_KEY *edkey, - const unsigned char *sig, - const unsigned char *tbs, - size_t tbslen) + const unsigned char *sig, + const unsigned char *tbs, + size_t tbslen) { union { struct { @@ -463,7 +467,10 @@ static int s390x_ed448_digestverify(const ECX_KEY *edkey, s390x_flip_endian64(param.ed448.pub, param.ed448.pub); return s390x_kdsa(S390X_EDDSA_VERIFY_ED448, - ¶m.ed448, tbs, tbslen) == 0 ? 1 : 0; + ¶m.ed448, tbs, tbslen) + == 0 + ? 1 + : 0; } #endif /* S390X_EC_ASM */ diff --git a/providers/implementations/signature/mac_legacy_sig.c b/providers/implementations/signature/mac_legacy_sig.c index 6be605c8c60f..56d40fd473ef 100644 --- a/providers/implementations/signature/mac_legacy_sig.c +++ b/providers/implementations/signature/mac_legacy_sig.c @@ -18,7 +18,7 @@ #include <openssl/err.h> #include <openssl/proverr.h> #ifndef FIPS_MODULE -# include <openssl/engine.h> +#include <openssl/engine.h> #endif #include "prov/implementations.h" #include "prov/provider_ctx.h" @@ -77,17 +77,17 @@ static void *mac_newctx(void *provctx, const char *propq, const char *macname) return pmacctx; - err: +err: OPENSSL_free(pmacctx->propq); OPENSSL_free(pmacctx); EVP_MAC_free(mac); return NULL; } -#define MAC_NEWCTX(funcname, macname) \ +#define MAC_NEWCTX(funcname, macname) \ static void *mac_##funcname##_newctx(void *provctx, const char *propq) \ - { \ - return mac_newctx(provctx, propq, macname); \ + { \ + return mac_newctx(provctx, propq, macname); \ } MAC_NEWCTX(hmac, "HMAC") @@ -96,7 +96,7 @@ MAC_NEWCTX(poly1305, "POLY1305") MAC_NEWCTX(cmac, "CMAC") static int mac_digest_sign_init(void *vpmacctx, const char *mdname, void *vkey, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx; const char *ciphername = NULL, *engine = NULL; @@ -125,22 +125,22 @@ static int mac_digest_sign_init(void *vpmacctx, const char *mdname, void *vkey, #endif if (!ossl_prov_set_macctx(pmacctx->macctx, NULL, - (char *)ciphername, - (char *)mdname, - (char *)engine, - pmacctx->key->properties, - NULL, 0)) + (char *)ciphername, + (char *)mdname, + (char *)engine, + pmacctx->key->properties, + NULL, 0)) return 0; if (!EVP_MAC_init(pmacctx->macctx, pmacctx->key->priv_key, - pmacctx->key->priv_key_len, params)) + pmacctx->key->priv_key_len, params)) return 0; return 1; } int mac_digest_sign_update(void *vpmacctx, const unsigned char *data, - size_t datalen) + size_t datalen) { PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx; @@ -151,7 +151,7 @@ int mac_digest_sign_update(void *vpmacctx, const unsigned char *data, } int mac_digest_sign_final(void *vpmacctx, unsigned char *mac, size_t *maclen, - size_t macsize) + size_t macsize) { PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx; @@ -202,7 +202,7 @@ static void *mac_dupctx(void *vpmacctx) } return dstctx; - err: +err: mac_freectx(dstctx); return NULL; } @@ -215,11 +215,11 @@ static int mac_set_ctx_params(void *vpmacctx, const OSSL_PARAM params[]) } static const OSSL_PARAM *mac_settable_ctx_params(ossl_unused void *ctx, - void *provctx, - const char *macname) + void *provctx, + const char *macname) { EVP_MAC *mac = EVP_MAC_fetch(PROV_LIBCTX_OF(provctx), macname, - NULL); + NULL); const OSSL_PARAM *params; if (mac == NULL) @@ -231,11 +231,11 @@ static const OSSL_PARAM *mac_settable_ctx_params(ossl_unused void *ctx, return params; } -#define MAC_SETTABLE_CTX_PARAMS(funcname, macname) \ +#define MAC_SETTABLE_CTX_PARAMS(funcname, macname) \ static const OSSL_PARAM *mac_##funcname##_settable_ctx_params(void *ctx, \ - void *provctx) \ - { \ - return mac_settable_ctx_params(ctx, provctx, macname); \ + void *provctx) \ + { \ + return mac_settable_ctx_params(ctx, provctx, macname); \ } MAC_SETTABLE_CTX_PARAMS(hmac, "HMAC") @@ -243,22 +243,22 @@ MAC_SETTABLE_CTX_PARAMS(siphash, "SIPHASH") MAC_SETTABLE_CTX_PARAMS(poly1305, "POLY1305") MAC_SETTABLE_CTX_PARAMS(cmac, "CMAC") -#define MAC_SIGNATURE_FUNCTIONS(funcname) \ - const OSSL_DISPATCH ossl_mac_legacy_##funcname##_signature_functions[] = { \ +#define MAC_SIGNATURE_FUNCTIONS(funcname) \ + const OSSL_DISPATCH ossl_mac_legacy_##funcname##_signature_functions[] = { \ { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))mac_##funcname##_newctx }, \ - { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, \ - (void (*)(void))mac_digest_sign_init }, \ - { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, \ - (void (*)(void))mac_digest_sign_update }, \ - { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, \ - (void (*)(void))mac_digest_sign_final }, \ - { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))mac_freectx }, \ - { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))mac_dupctx }, \ - { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, \ - (void (*)(void))mac_set_ctx_params }, \ - { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \ - (void (*)(void))mac_##funcname##_settable_ctx_params }, \ - { 0, NULL } \ + { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, \ + (void (*)(void))mac_digest_sign_init }, \ + { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, \ + (void (*)(void))mac_digest_sign_update }, \ + { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, \ + (void (*)(void))mac_digest_sign_final }, \ + { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))mac_freectx }, \ + { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))mac_dupctx }, \ + { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, \ + (void (*)(void))mac_set_ctx_params }, \ + { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \ + (void (*)(void))mac_##funcname##_settable_ctx_params }, \ + { 0, NULL } \ }; MAC_SIGNATURE_FUNCTIONS(hmac) diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c index 919ef17269bd..825c61bf0d3f 100644 --- a/providers/implementations/signature/rsa_sig.c +++ b/providers/implementations/signature/rsa_sig.c @@ -59,11 +59,11 @@ static OSSL_FUNC_signature_set_ctx_md_params_fn rsa_set_ctx_md_params; static OSSL_FUNC_signature_settable_ctx_md_params_fn rsa_settable_ctx_md_params; static OSSL_ITEM padding_item[] = { - { RSA_PKCS1_PADDING, OSSL_PKEY_RSA_PAD_MODE_PKCSV15 }, - { RSA_NO_PADDING, OSSL_PKEY_RSA_PAD_MODE_NONE }, - { RSA_X931_PADDING, OSSL_PKEY_RSA_PAD_MODE_X931 }, - { RSA_PKCS1_PSS_PADDING, OSSL_PKEY_RSA_PAD_MODE_PSS }, - { 0, NULL } + { RSA_PKCS1_PADDING, OSSL_PKEY_RSA_PAD_MODE_PKCSV15 }, + { RSA_NO_PADDING, OSSL_PKEY_RSA_PAD_MODE_NONE }, + { RSA_X931_PADDING, OSSL_PKEY_RSA_PAD_MODE_X931 }, + { RSA_PKCS1_PSS_PADDING, OSSL_PKEY_RSA_PAD_MODE_PSS }, + { 0, NULL } }; /* @@ -120,33 +120,33 @@ static size_t rsa_get_md_size(const PROV_RSA_CTX *prsactx) } static int rsa_check_padding(const PROV_RSA_CTX *prsactx, - const char *mdname, const char *mgf1_mdname, - int mdnid) + const char *mdname, const char *mgf1_mdname, + int mdnid) { - switch(prsactx->pad_mode) { - case RSA_NO_PADDING: - if (mdname != NULL || mdnid != NID_undef) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE); - return 0; - } - break; - case RSA_X931_PADDING: - if (RSA_X931_hash_id(mdnid) == -1) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_X931_DIGEST); + switch (prsactx->pad_mode) { + case RSA_NO_PADDING: + if (mdname != NULL || mdnid != NID_undef) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE); + return 0; + } + break; + case RSA_X931_PADDING: + if (RSA_X931_hash_id(mdnid) == -1) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_X931_DIGEST); + return 0; + } + break; + case RSA_PKCS1_PSS_PADDING: + if (rsa_pss_restricted(prsactx)) + if ((mdname != NULL && !EVP_MD_is_a(prsactx->md, mdname)) + || (mgf1_mdname != NULL + && !EVP_MD_is_a(prsactx->mgf1_md, mgf1_mdname))) { + ERR_raise(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED); return 0; } - break; - case RSA_PKCS1_PSS_PADDING: - if (rsa_pss_restricted(prsactx)) - if ((mdname != NULL && !EVP_MD_is_a(prsactx->md, mdname)) - || (mgf1_mdname != NULL - && !EVP_MD_is_a(prsactx->mgf1_md, mgf1_mdname))) { - ERR_raise(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED); - return 0; - } - break; - default: - break; + break; + default: + break; } return 1; @@ -198,7 +198,7 @@ static void *rsa_newctx(void *provctx, const char *propq) static int rsa_pss_compute_saltlen(PROV_RSA_CTX *ctx) { int saltlen = ctx->saltlen; - + if (saltlen == RSA_PSS_SALTLEN_DIGEST) { saltlen = EVP_MD_get_size(ctx->md); } else if (saltlen == RSA_PSS_SALTLEN_AUTO || saltlen == RSA_PSS_SALTLEN_MAX) { @@ -211,17 +211,17 @@ static int rsa_pss_compute_saltlen(PROV_RSA_CTX *ctx) return -1; } else if (saltlen < ctx->min_saltlen) { ERR_raise_data(ERR_LIB_PROV, PROV_R_PSS_SALTLEN_TOO_SMALL, - "minimum salt length: %d, actual salt length: %d", - ctx->min_saltlen, saltlen); + "minimum salt length: %d, actual salt length: %d", + ctx->min_saltlen, saltlen); return -1; } return saltlen; } static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, - unsigned char *aid_buf, - size_t buf_len, - size_t *aid_len) + unsigned char *aid_buf, + size_t buf_len, + size_t *aid_len) { WPACKET pkt; unsigned char *aid = NULL; @@ -234,10 +234,10 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, return NULL; } - switch(ctx->pad_mode) { + switch (ctx->pad_mode) { case RSA_PKCS1_PADDING: ret = ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1, - ctx->mdnid); + ctx->mdnid); if (ret > 0) { break; @@ -246,8 +246,8 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, goto cleanup; } ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED, - "Algorithm ID generation - md NID: %d", - ctx->mdnid); + "Algorithm ID generation - md NID: %d", + ctx->mdnid); goto cleanup; case RSA_PKCS1_PSS_PADDING: saltlen = rsa_pss_compute_saltlen(ctx); @@ -256,32 +256,32 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, ctx->mdnid) || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, - ctx->mgf1_mdnid) + ctx->mgf1_mdnid) || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) || !ossl_DER_w_algorithmIdentifier_RSA_PSS(&pkt, -1, - RSA_FLAG_TYPE_RSASSAPSS, - &pss_params)) { + RSA_FLAG_TYPE_RSASSAPSS, + &pss_params)) { ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); goto cleanup; } break; default: ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED, - "Algorithm ID generation - pad mode: %d", - ctx->pad_mode); + "Algorithm ID generation - pad mode: %d", + ctx->pad_mode); goto cleanup; } if (WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, aid_len); aid = WPACKET_get_curr(&pkt); } - cleanup: +cleanup: WPACKET_cleanup(&pkt); return aid; } static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, - const char *mdprops) + const char *mdprops) { if (mdprops == NULL) mdprops = ctx->propq; @@ -290,7 +290,7 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); int md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md, - sha1_allowed); + sha1_allowed); size_t mdname_len = strlen(mdname); if (md == NULL @@ -299,13 +299,13 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, || mdname_len >= sizeof(ctx->mdname)) { if (md == NULL) ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s could not be fetched", mdname); + "%s could not be fetched", mdname); if (md_nid <= 0) ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest=%s", mdname); + "digest=%s", mdname); if (mdname_len >= sizeof(ctx->mdname)) ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s exceeds name buffer length", mdname); + "%s exceeds name buffer length", mdname); EVP_MD_free(md); return 0; } @@ -313,7 +313,7 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, if (!ctx->flag_allow_md) { if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest %s != %s", mdname, ctx->mdname); + "digest %s != %s", mdname, ctx->mdname); EVP_MD_free(md); return 0; } @@ -345,7 +345,7 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, } static int rsa_setup_mgf1_md(PROV_RSA_CTX *ctx, const char *mdname, - const char *mdprops) + const char *mdprops) { size_t len; EVP_MD *md = NULL; @@ -356,7 +356,7 @@ static int rsa_setup_mgf1_md(PROV_RSA_CTX *ctx, const char *mdname, if ((md = EVP_MD_fetch(ctx->libctx, mdname, mdprops)) == NULL) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s could not be fetched", mdname); + "%s could not be fetched", mdname); return 0; } /* The default for mgf1 is SHA1 - so allow SHA1 */ @@ -364,14 +364,14 @@ static int rsa_setup_mgf1_md(PROV_RSA_CTX *ctx, const char *mdname, || !rsa_check_padding(ctx, NULL, mdname, mdnid)) { if (mdnid <= 0) ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, - "digest=%s", mdname); + "digest=%s", mdname); EVP_MD_free(md); return 0; } len = OPENSSL_strlcpy(ctx->mgf1_mdname, mdname, sizeof(ctx->mgf1_mdname)); if (len >= sizeof(ctx->mgf1_mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "%s exceeds name buffer length", mdname); + "%s exceeds name buffer length", mdname); EVP_MD_free(md); return 0; } @@ -384,7 +384,7 @@ static int rsa_setup_mgf1_md(PROV_RSA_CTX *ctx, const char *mdname, } static int rsa_signverify_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[], int operation) + const OSSL_PARAM params[], int operation) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -420,8 +420,7 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, prsactx->pad_mode = RSA_PKCS1_PSS_PADDING; { - const RSA_PSS_PARAMS_30 *pss = - ossl_rsa_get0_pss_params_30(prsactx->rsa); + const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30(prsactx->rsa); if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { int md_nid = ossl_rsa_pss_params_30_hashalg(pss); @@ -435,27 +434,27 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, if (mdname == NULL) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "PSS restrictions lack hash algorithm"); + "PSS restrictions lack hash algorithm"); return 0; } if (mgf1mdname == NULL) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "PSS restrictions lack MGF1 hash algorithm"); + "PSS restrictions lack MGF1 hash algorithm"); return 0; } len = OPENSSL_strlcpy(prsactx->mdname, mdname, - sizeof(prsactx->mdname)); + sizeof(prsactx->mdname)); if (len >= sizeof(prsactx->mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "hash algorithm name too long"); + "hash algorithm name too long"); return 0; } len = OPENSSL_strlcpy(prsactx->mgf1_mdname, mgf1mdname, - sizeof(prsactx->mgf1_mdname)); + sizeof(prsactx->mgf1_mdname)); if (len >= sizeof(prsactx->mgf1_mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, - "MGF1 hash algorithm name too long"); + "MGF1 hash algorithm name too long"); return 0; } prsactx->saltlen = min_saltlen; @@ -512,7 +511,7 @@ static int rsa_sign_init(void *vprsactx, void *vrsa, const OSSL_PARAM params[]) } static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, - size_t sigsize, const unsigned char *tbs, size_t tbslen) + size_t sigsize, const unsigned char *tbs, size_t tbslen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; int ret; @@ -529,7 +528,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, if (sigsize < rsasize) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_SIGNATURE_SIZE, - "is %zu, should be at least %zu", sigsize, rsasize); + "is %zu, should be at least %zu", sigsize, rsasize); return 0; } @@ -545,11 +544,11 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, if (prsactx->pad_mode != RSA_PKCS1_PADDING) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE, - "only PKCS#1 padding supported with MDC2"); + "only PKCS#1 padding supported with MDC2"); return 0; } ret = RSA_sign_ASN1_OCTET_STRING(0, tbs, tbslen, sig, &sltmp, - prsactx->rsa); + prsactx->rsa); if (ret <= 0) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); @@ -563,8 +562,8 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, case RSA_X931_PADDING: if ((size_t)RSA_size(prsactx->rsa) < tbslen + 1) { ERR_raise_data(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL, - "RSA key size = %d, expected minimum = %d", - RSA_size(prsactx->rsa), tbslen + 1); + "RSA key size = %d, expected minimum = %d", + RSA_size(prsactx->rsa), tbslen + 1); return 0; } if (!setup_tbuf(prsactx)) { @@ -574,23 +573,21 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, memcpy(prsactx->tbuf, tbs, tbslen); prsactx->tbuf[tbslen] = RSA_X931_hash_id(prsactx->mdnid); ret = RSA_private_encrypt(tbslen + 1, prsactx->tbuf, - sig, prsactx->rsa, RSA_X931_PADDING); + sig, prsactx->rsa, RSA_X931_PADDING); clean_tbuf(prsactx); break; - case RSA_PKCS1_PADDING: - { - unsigned int sltmp; + case RSA_PKCS1_PADDING: { + unsigned int sltmp; - ret = RSA_sign(prsactx->mdnid, tbs, tbslen, sig, &sltmp, - prsactx->rsa); - if (ret <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); - return 0; - } - ret = sltmp; + ret = RSA_sign(prsactx->mdnid, tbs, tbslen, sig, &sltmp, + prsactx->rsa); + if (ret <= 0) { + ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); + return 0; } - break; + ret = sltmp; + } break; case RSA_PKCS1_PSS_PADDING: /* Check PSS restrictions */ @@ -599,11 +596,11 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, case RSA_PSS_SALTLEN_DIGEST: if (prsactx->min_saltlen > EVP_MD_get_size(prsactx->md)) { ERR_raise_data(ERR_LIB_PROV, - PROV_R_PSS_SALTLEN_TOO_SMALL, - "minimum salt length set to %d, " - "but the digest only gives %d", - prsactx->min_saltlen, - EVP_MD_get_size(prsactx->md)); + PROV_R_PSS_SALTLEN_TOO_SMALL, + "minimum salt length set to %d, " + "but the digest only gives %d", + prsactx->min_saltlen, + EVP_MD_get_size(prsactx->md)); return 0; } /* FALLTHRU */ @@ -611,11 +608,11 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, if (prsactx->saltlen >= 0 && prsactx->saltlen < prsactx->min_saltlen) { ERR_raise_data(ERR_LIB_PROV, - PROV_R_PSS_SALTLEN_TOO_SMALL, - "minimum salt length set to %d, but the" - "actual salt length is only set to %d", - prsactx->min_saltlen, - prsactx->saltlen); + PROV_R_PSS_SALTLEN_TOO_SMALL, + "minimum salt length set to %d, but the" + "actual salt length is only set to %d", + prsactx->min_saltlen, + prsactx->saltlen); return 0; } break; @@ -624,29 +621,29 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, if (!setup_tbuf(prsactx)) return 0; if (!RSA_padding_add_PKCS1_PSS_mgf1(prsactx->rsa, - prsactx->tbuf, tbs, - prsactx->md, prsactx->mgf1_md, - prsactx->saltlen)) { + prsactx->tbuf, tbs, + prsactx->md, prsactx->mgf1_md, + prsactx->saltlen)) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); return 0; } ret = RSA_private_encrypt(RSA_size(prsactx->rsa), prsactx->tbuf, - sig, prsactx->rsa, RSA_NO_PADDING); + sig, prsactx->rsa, RSA_NO_PADDING); clean_tbuf(prsactx); break; default: ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE, - "Only X.931, PKCS#1 v1.5 or PSS padding allowed"); + "Only X.931, PKCS#1 v1.5 or PSS padding allowed"); return 0; } } else { ret = RSA_private_encrypt(tbslen, tbs, sig, prsactx->rsa, - prsactx->pad_mode); + prsactx->pad_mode); } #ifndef FIPS_MODULE - end: +end: #endif if (ret <= 0) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); @@ -658,20 +655,20 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, } static int rsa_verify_recover_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { if (!ossl_prov_is_running()) return 0; return rsa_signverify_init(vprsactx, vrsa, params, - EVP_PKEY_OP_VERIFYRECOVER); + EVP_PKEY_OP_VERIFYRECOVER); } static int rsa_verify_recover(void *vprsactx, - unsigned char *rout, - size_t *routlen, - size_t routsize, - const unsigned char *sig, - size_t siglen) + unsigned char *rout, + size_t *routlen, + size_t routsize, + const unsigned char *sig, + size_t siglen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; int ret; @@ -690,7 +687,7 @@ static int rsa_verify_recover(void *vprsactx, if (!setup_tbuf(prsactx)) return 0; ret = RSA_public_decrypt(siglen, sig, prsactx->tbuf, prsactx->rsa, - RSA_X931_PADDING); + RSA_X931_PADDING); if (ret < 1) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); return 0; @@ -702,8 +699,8 @@ static int rsa_verify_recover(void *vprsactx, } if (ret != EVP_MD_get_size(prsactx->md)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH, - "Should be %d, but got %d", - EVP_MD_get_size(prsactx->md), ret); + "Should be %d, but got %d", + EVP_MD_get_size(prsactx->md), ret); return 0; } @@ -711,36 +708,34 @@ static int rsa_verify_recover(void *vprsactx, if (rout != prsactx->tbuf) { if (routsize < (size_t)ret) { ERR_raise_data(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL, - "buffer size is %d, should be %d", - routsize, ret); + "buffer size is %d, should be %d", + routsize, ret); return 0; } memcpy(rout, prsactx->tbuf, ret); } break; - case RSA_PKCS1_PADDING: - { - size_t sltmp; + case RSA_PKCS1_PADDING: { + size_t sltmp; - ret = ossl_rsa_verify(prsactx->mdnid, NULL, 0, rout, &sltmp, - sig, siglen, prsactx->rsa); - if (ret <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); - return 0; - } - ret = sltmp; + ret = ossl_rsa_verify(prsactx->mdnid, NULL, 0, rout, &sltmp, + sig, siglen, prsactx->rsa); + if (ret <= 0) { + ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); + return 0; } - break; + ret = sltmp; + } break; default: ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE, - "Only X.931 or PKCS#1 v1.5 padding allowed"); + "Only X.931 or PKCS#1 v1.5 padding allowed"); return 0; } } else { ret = RSA_public_decrypt(siglen, sig, rout, prsactx->rsa, - prsactx->pad_mode); + prsactx->pad_mode); if (ret < 0) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); return 0; @@ -751,7 +746,7 @@ static int rsa_verify_recover(void *vprsactx, } static int rsa_verify_init(void *vprsactx, void *vrsa, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { if (!ossl_prov_is_running()) return 0; @@ -759,7 +754,7 @@ static int rsa_verify_init(void *vprsactx, void *vrsa, } static int rsa_verify(void *vprsactx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) + const unsigned char *tbs, size_t tbslen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; size_t rslen; @@ -770,7 +765,7 @@ static int rsa_verify(void *vprsactx, const unsigned char *sig, size_t siglen, switch (prsactx->pad_mode) { case RSA_PKCS1_PADDING: if (!RSA_verify(prsactx->mdnid, tbs, tbslen, sig, siglen, - prsactx->rsa)) { + prsactx->rsa)) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); return 0; } @@ -779,47 +774,47 @@ static int rsa_verify(void *vprsactx, const unsigned char *sig, size_t siglen, if (!setup_tbuf(prsactx)) return 0; if (rsa_verify_recover(prsactx, prsactx->tbuf, &rslen, 0, - sig, siglen) <= 0) + sig, siglen) + <= 0) return 0; break; - case RSA_PKCS1_PSS_PADDING: - { - int ret; - size_t mdsize; + case RSA_PKCS1_PSS_PADDING: { + int ret; + size_t mdsize; - /* - * We need to check this for the RSA_verify_PKCS1_PSS_mgf1() - * call - */ - mdsize = rsa_get_md_size(prsactx); - if (tbslen != mdsize) { - ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH, - "Should be %d, but got %d", - mdsize, tbslen); - return 0; - } + /* + * We need to check this for the RSA_verify_PKCS1_PSS_mgf1() + * call + */ + mdsize = rsa_get_md_size(prsactx); + if (tbslen != mdsize) { + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_LENGTH, + "Should be %d, but got %d", + mdsize, tbslen); + return 0; + } - if (!setup_tbuf(prsactx)) - return 0; - ret = RSA_public_decrypt(siglen, sig, prsactx->tbuf, - prsactx->rsa, RSA_NO_PADDING); - if (ret <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); - return 0; - } - ret = RSA_verify_PKCS1_PSS_mgf1(prsactx->rsa, tbs, - prsactx->md, prsactx->mgf1_md, - prsactx->tbuf, - prsactx->saltlen); - if (ret <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); - return 0; - } - return 1; + if (!setup_tbuf(prsactx)) + return 0; + ret = RSA_public_decrypt(siglen, sig, prsactx->tbuf, + prsactx->rsa, RSA_NO_PADDING); + if (ret <= 0) { + ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); + return 0; } + ret = RSA_verify_PKCS1_PSS_mgf1(prsactx->rsa, tbs, + prsactx->md, prsactx->mgf1_md, + prsactx->tbuf, + prsactx->saltlen); + if (ret <= 0) { + ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); + return 0; + } + return 1; + } default: ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE, - "Only X.931, PKCS#1 v1.5 or PSS padding allowed"); + "Only X.931, PKCS#1 v1.5 or PSS padding allowed"); return 0; } } else { @@ -828,7 +823,7 @@ static int rsa_verify(void *vprsactx, const unsigned char *sig, size_t siglen, if (!setup_tbuf(prsactx)) return 0; ret = RSA_public_decrypt(siglen, sig, prsactx->tbuf, prsactx->rsa, - prsactx->pad_mode); + prsactx->pad_mode); if (ret <= 0) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); return 0; @@ -843,8 +838,8 @@ static int rsa_verify(void *vprsactx, const unsigned char *sig, size_t siglen, } static int rsa_digest_signverify_init(void *vprsactx, const char *mdname, - void *vrsa, const OSSL_PARAM params[], - int operation) + void *vrsa, const OSSL_PARAM params[], + int operation) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -873,15 +868,15 @@ static int rsa_digest_signverify_init(void *vprsactx, const char *mdname, return 1; - error: +error: EVP_MD_CTX_free(prsactx->mdctx); prsactx->mdctx = NULL; return 0; } static int rsa_digest_signverify_update(void *vprsactx, - const unsigned char *data, - size_t datalen) + const unsigned char *data, + size_t datalen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -892,16 +887,16 @@ static int rsa_digest_signverify_update(void *vprsactx, } static int rsa_digest_sign_init(void *vprsactx, const char *mdname, - void *vrsa, const OSSL_PARAM params[]) + void *vrsa, const OSSL_PARAM params[]) { if (!ossl_prov_is_running()) return 0; return rsa_digest_signverify_init(vprsactx, mdname, vrsa, - params, EVP_PKEY_OP_SIGN); + params, EVP_PKEY_OP_SIGN); } static int rsa_digest_sign_final(void *vprsactx, unsigned char *sig, - size_t *siglen, size_t sigsize) + size_t *siglen, size_t sigsize) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -929,16 +924,16 @@ static int rsa_digest_sign_final(void *vprsactx, unsigned char *sig, } static int rsa_digest_verify_init(void *vprsactx, const char *mdname, - void *vrsa, const OSSL_PARAM params[]) + void *vrsa, const OSSL_PARAM params[]) { if (!ossl_prov_is_running()) return 0; return rsa_digest_signverify_init(vprsactx, mdname, vrsa, - params, EVP_PKEY_OP_VERIFY); + params, EVP_PKEY_OP_VERIFY); } int rsa_digest_verify_final(void *vprsactx, const unsigned char *sig, - size_t siglen) + size_t siglen) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -1017,7 +1012,7 @@ static void *rsa_dupctx(void *vprsactx) if (srcctx->mdctx != NULL) { dstctx->mdctx = EVP_MD_CTX_new(); if (dstctx->mdctx == NULL - || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) + || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) goto err; } @@ -1028,7 +1023,7 @@ static void *rsa_dupctx(void *vprsactx) } return dstctx; - err: +err: rsa_freectx(dstctx); return NULL; } @@ -1046,10 +1041,10 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) /* The Algorithm Identifier of the combined signature algorithm */ unsigned char aid_buf[128]; unsigned char *aid; - size_t aid_len; + size_t aid_len; aid = rsa_generate_signature_aid(prsactx, aid_buf, - sizeof(aid_buf), &aid_len); + sizeof(aid_buf), &aid_len); if (aid == NULL || !OSSL_PARAM_set_octet_string(p, aid, aid_len)) return 0; } @@ -1061,26 +1056,24 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) if (!OSSL_PARAM_set_int(p, prsactx->pad_mode)) return 0; break; - case OSSL_PARAM_UTF8_STRING: - { - int i; - const char *word = NULL; + case OSSL_PARAM_UTF8_STRING: { + int i; + const char *word = NULL; - for (i = 0; padding_item[i].id != 0; i++) { - if (prsactx->pad_mode == (int)padding_item[i].id) { - word = padding_item[i].ptr; - break; - } + for (i = 0; padding_item[i].id != 0; i++) { + if (prsactx->pad_mode == (int)padding_item[i].id) { + word = padding_item[i].ptr; + break; } + } - if (word != NULL) { - if (!OSSL_PARAM_set_utf8_string(p, word)) - return 0; - } else { - ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); - } + if (word != NULL) { + if (!OSSL_PARAM_set_utf8_string(p, word)) + return 0; + } else { + ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); } - break; + } break; default: return 0; } @@ -1111,16 +1104,15 @@ static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params) case RSA_PSS_SALTLEN_AUTO: value = OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO; break; - default: - { - int len = BIO_snprintf(p->data, p->data_size, "%d", - prsactx->saltlen); + default: { + int len = BIO_snprintf(p->data, p->data_size, "%d", + prsactx->saltlen); - if (len <= 0) - return 0; - p->return_size = len; - break; - } + if (len <= 0) + return 0; + p->return_size = len; + break; + } } if (value != NULL && !OSSL_PARAM_set_utf8_string(p, value)) @@ -1141,7 +1133,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { }; static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -1167,9 +1159,8 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); if (p != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, - OSSL_SIGNATURE_PARAM_PROPERTIES); + const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_PROPERTIES); pmdname = mdname; if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) @@ -1178,7 +1169,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) if (propsp != NULL) { pmdprops = mdprops; if (!OSSL_PARAM_get_utf8_string(propsp, - &pmdprops, sizeof(mdprops))) + &pmdprops, sizeof(mdprops))) return 0; } } @@ -1192,21 +1183,19 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) if (!OSSL_PARAM_get_int(p, &pad_mode)) return 0; break; - case OSSL_PARAM_UTF8_STRING: - { - int i; + case OSSL_PARAM_UTF8_STRING: { + int i; - if (p->data == NULL) - return 0; + if (p->data == NULL) + return 0; - for (i = 0; padding_item[i].id != 0; i++) { - if (strcmp(p->data, padding_item[i].ptr) == 0) { - pad_mode = padding_item[i].id; - break; - } + for (i = 0; padding_item[i].id != 0; i++) { + if (strcmp(p->data, padding_item[i].ptr) == 0) { + pad_mode = padding_item[i].id; + break; } } - break; + } break; default: return 0; } @@ -1221,9 +1210,9 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) goto bad_pad; case RSA_PKCS1_PSS_PADDING: if ((prsactx->operation - & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)) == 0) { - err_extra_text = - "PSS padding only allowed for sign and verify operations"; + & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)) + == 0) { + err_extra_text = "PSS padding only allowed for sign and verify operations"; goto bad_pad; } break; @@ -1237,18 +1226,19 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) err_extra_text = "X.931 padding not allowed with RSA-PSS"; cont: if (RSA_test_flags(prsactx->rsa, - RSA_FLAG_TYPE_MASK) == RSA_FLAG_TYPE_RSA) + RSA_FLAG_TYPE_MASK) + == RSA_FLAG_TYPE_RSA) break; /* FALLTHRU */ default: bad_pad: if (err_extra_text == NULL) ERR_raise(ERR_LIB_PROV, - PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); + PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); else ERR_raise_data(ERR_LIB_PROV, - PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE, - err_extra_text); + PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE, + err_extra_text); return 0; } } @@ -1257,8 +1247,8 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) if (p != NULL) { if (pad_mode != RSA_PKCS1_PSS_PADDING) { ERR_raise_data(ERR_LIB_PROV, PROV_R_NOT_SUPPORTED, - "PSS saltlen can only be specified if " - "PSS padding has been specified first"); + "PSS saltlen can only be specified if " + "PSS padding has been specified first"); return 0; } @@ -1296,28 +1286,28 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) case RSA_PSS_SALTLEN_AUTO: if (prsactx->operation == EVP_PKEY_OP_VERIFY) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH, - "Cannot use autodetected salt length"); + "Cannot use autodetected salt length"); return 0; } break; case RSA_PSS_SALTLEN_DIGEST: if (prsactx->min_saltlen > EVP_MD_get_size(prsactx->md)) { ERR_raise_data(ERR_LIB_PROV, - PROV_R_PSS_SALTLEN_TOO_SMALL, - "Should be more than %d, but would be " - "set to match digest size (%d)", - prsactx->min_saltlen, - EVP_MD_get_size(prsactx->md)); + PROV_R_PSS_SALTLEN_TOO_SMALL, + "Should be more than %d, but would be " + "set to match digest size (%d)", + prsactx->min_saltlen, + EVP_MD_get_size(prsactx->md)); return 0; } break; default: if (saltlen >= 0 && saltlen < prsactx->min_saltlen) { ERR_raise_data(ERR_LIB_PROV, - PROV_R_PSS_SALTLEN_TOO_SMALL, - "Should be more than %d, " - "but would be set to %d", - prsactx->min_saltlen, saltlen); + PROV_R_PSS_SALTLEN_TOO_SMALL, + "Should be more than %d, " + "but would be set to %d", + prsactx->min_saltlen, saltlen); return 0; } } @@ -1326,9 +1316,8 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_MGF1_DIGEST); if (p != NULL) { - const OSSL_PARAM *propsp = - OSSL_PARAM_locate_const(params, - OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES); + const OSSL_PARAM *propsp = OSSL_PARAM_locate_const(params, + OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES); pmgf1mdname = mgf1mdname; if (!OSSL_PARAM_get_utf8_string(p, &pmgf1mdname, sizeof(mgf1mdname))) @@ -1337,13 +1326,13 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) if (propsp != NULL) { pmgf1mdprops = mgf1mdprops; if (!OSSL_PARAM_get_utf8_string(propsp, - &pmgf1mdprops, sizeof(mgf1mdprops))) + &pmgf1mdprops, sizeof(mgf1mdprops))) return 0; } if (pad_mode != RSA_PKCS1_PSS_PADDING) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MGF1_MD); - return 0; + return 0; } } @@ -1387,7 +1376,7 @@ static const OSSL_PARAM settable_ctx_params_no_digest[] = { }; static const OSSL_PARAM *rsa_settable_ctx_params(void *vprsactx, - ossl_unused void *provctx) + ossl_unused void *provctx) { PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx; @@ -1443,36 +1432,36 @@ const OSSL_DISPATCH ossl_rsa_signature_functions[] = { { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))rsa_verify_init }, { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))rsa_verify }, { OSSL_FUNC_SIGNATURE_VERIFY_RECOVER_INIT, - (void (*)(void))rsa_verify_recover_init }, + (void (*)(void))rsa_verify_recover_init }, { OSSL_FUNC_SIGNATURE_VERIFY_RECOVER, - (void (*)(void))rsa_verify_recover }, + (void (*)(void))rsa_verify_recover }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))rsa_digest_sign_init }, + (void (*)(void))rsa_digest_sign_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, - (void (*)(void))rsa_digest_signverify_update }, + (void (*)(void))rsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, - (void (*)(void))rsa_digest_sign_final }, + (void (*)(void))rsa_digest_sign_final }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))rsa_digest_verify_init }, + (void (*)(void))rsa_digest_verify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, - (void (*)(void))rsa_digest_signverify_update }, + (void (*)(void))rsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, - (void (*)(void))rsa_digest_verify_final }, + (void (*)(void))rsa_digest_verify_final }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))rsa_freectx }, { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))rsa_dupctx }, { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))rsa_get_ctx_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, - (void (*)(void))rsa_gettable_ctx_params }, + (void (*)(void))rsa_gettable_ctx_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))rsa_set_ctx_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, - (void (*)(void))rsa_settable_ctx_params }, + (void (*)(void))rsa_settable_ctx_params }, { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, - (void (*)(void))rsa_get_ctx_md_params }, + (void (*)(void))rsa_get_ctx_md_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, - (void (*)(void))rsa_gettable_ctx_md_params }, + (void (*)(void))rsa_gettable_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, - (void (*)(void))rsa_set_ctx_md_params }, + (void (*)(void))rsa_set_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, - (void (*)(void))rsa_settable_ctx_md_params }, + (void (*)(void))rsa_settable_ctx_md_params }, { 0, NULL } }; diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c index 09e3aacf008d..90f4fa066943 100644 --- a/providers/implementations/signature/sm2_sig.c +++ b/providers/implementations/signature/sm2_sig.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -9,7 +9,7 @@ /* * ECDSA low level APIs are deprecated for public use, but still ok for - * internal use - SM2 implemetation uses ECDSA_size() function. + * internal use - SM2 implementation uses ECDSA_size() function. */ #include "internal/deprecated.h" @@ -66,9 +66,9 @@ typedef struct { EC_KEY *ec; /* - * Flag to termine if the 'z' digest needs to be computed and fed to the + * Flag to determine if the 'z' digest needs to be computed and fed to the * hash function. - * This flag should be set on initialization and the compuation should + * This flag should be set on initialization and the computation should * be performed only once, on first update. */ unsigned int flag_compute_z_digest : 1; @@ -78,7 +78,7 @@ typedef struct { /* The Algorithm Identifier of the combined signature algorithm */ unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; unsigned char *aid; - size_t aid_len; + size_t aid_len; /* main digest */ EVP_MD *md; @@ -94,7 +94,7 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname) { if (psm2ctx->md == NULL) /* We need an SM3 md to compare with */ psm2ctx->md = EVP_MD_fetch(psm2ctx->libctx, psm2ctx->mdname, - psm2ctx->propq); + psm2ctx->propq); if (psm2ctx->md == NULL) return 0; @@ -104,7 +104,7 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname) if (strlen(mdname) >= sizeof(psm2ctx->mdname) || !EVP_MD_is_a(psm2ctx->md, mdname)) { ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s", - mdname); + mdname); return 0; } @@ -131,12 +131,12 @@ static void *sm2sig_newctx(void *provctx, const char *propq) } static int sm2sig_signature_init(void *vpsm2ctx, void *ec, - const OSSL_PARAM params[]) + const OSSL_PARAM params[]) { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; if (!ossl_prov_is_running() - || psm2ctx == NULL) + || psm2ctx == NULL) return 0; if (ec == NULL && psm2ctx->ec == NULL) { @@ -155,7 +155,7 @@ static int sm2sig_signature_init(void *vpsm2ctx, void *ec, } static int sm2sig_sign(void *vpsm2ctx, unsigned char *sig, size_t *siglen, - size_t sigsize, const unsigned char *tbs, size_t tbslen) + size_t sigsize, const unsigned char *tbs, size_t tbslen) { PROV_SM2_CTX *ctx = (PROV_SM2_CTX *)vpsm2ctx; int ret; @@ -183,7 +183,7 @@ static int sm2sig_sign(void *vpsm2ctx, unsigned char *sig, size_t *siglen, } static int sm2sig_verify(void *vpsm2ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) + const unsigned char *tbs, size_t tbslen) { PROV_SM2_CTX *ctx = (PROV_SM2_CTX *)vpsm2ctx; @@ -202,7 +202,7 @@ static void free_md(PROV_SM2_CTX *ctx) } static int sm2sig_digest_signverify_init(void *vpsm2ctx, const char *mdname, - void *ec, const OSSL_PARAM params[]) + void *ec, const OSSL_PARAM params[]) { PROV_SM2_CTX *ctx = (PROV_SM2_CTX *)vpsm2ctx; int md_nid; @@ -244,7 +244,7 @@ static int sm2sig_digest_signverify_init(void *vpsm2ctx, const char *mdname, ret = 1; - error: +error: return ret; } @@ -260,7 +260,7 @@ static int sm2sig_compute_z_digest(PROV_SM2_CTX *ctx) if ((z = OPENSSL_zalloc(ctx->mdsize)) == NULL /* get hashed prefix 'z' of tbs message */ || !ossl_sm2_compute_z_digest(z, ctx->md, ctx->id, ctx->id_len, - ctx->ec) + ctx->ec) || !EVP_DigestUpdate(ctx->mdctx, z, ctx->mdsize)) ret = 0; OPENSSL_free(z); @@ -270,7 +270,7 @@ static int sm2sig_compute_z_digest(PROV_SM2_CTX *ctx) } int sm2sig_digest_signverify_update(void *vpsm2ctx, const unsigned char *data, - size_t datalen) + size_t datalen) { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; @@ -282,7 +282,7 @@ int sm2sig_digest_signverify_update(void *vpsm2ctx, const unsigned char *data, } int sm2sig_digest_sign_final(void *vpsm2ctx, unsigned char *sig, size_t *siglen, - size_t sigsize) + size_t sigsize) { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -297,16 +297,15 @@ int sm2sig_digest_sign_final(void *vpsm2ctx, unsigned char *sig, size_t *siglen, */ if (sig != NULL) { if (!(sm2sig_compute_z_digest(psm2ctx) - && EVP_DigestFinal_ex(psm2ctx->mdctx, digest, &dlen))) + && EVP_DigestFinal_ex(psm2ctx->mdctx, digest, &dlen))) return 0; } return sm2sig_sign(vpsm2ctx, sig, siglen, sigsize, digest, (size_t)dlen); } - int sm2sig_digest_verify_final(void *vpsm2ctx, const unsigned char *sig, - size_t siglen) + size_t siglen) { PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx; unsigned char digest[EVP_MAX_MD_SIZE]; @@ -318,7 +317,7 @@ int sm2sig_digest_verify_final(void *vpsm2ctx, const unsigned char *sig, return 0; if (!(sm2sig_compute_z_digest(psm2ctx) - && EVP_DigestFinal_ex(psm2ctx->mdctx, digest, &dlen))) + && EVP_DigestFinal_ex(psm2ctx->mdctx, digest, &dlen))) return 0; return sm2sig_verify(vpsm2ctx, sig, siglen, digest, (size_t)dlen); @@ -368,7 +367,7 @@ static void *sm2sig_dupctx(void *vpsm2ctx) if (srcctx->mdctx != NULL) { dstctx->mdctx = EVP_MD_CTX_new(); if (dstctx->mdctx == NULL - || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) + || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) goto err; } @@ -381,7 +380,7 @@ static void *sm2sig_dupctx(void *vpsm2ctx) } return dstctx; - err: +err: sm2sig_freectx(dstctx); return NULL; } @@ -404,9 +403,7 @@ static int sm2sig_get_ctx_params(void *vpsm2ctx, OSSL_PARAM *params) return 0; p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); - if (p != NULL && !OSSL_PARAM_set_utf8_string(p, psm2ctx->md == NULL - ? psm2ctx->mdname - : EVP_MD_get0_name(psm2ctx->md))) + if (p != NULL && !OSSL_PARAM_set_utf8_string(p, psm2ctx->md == NULL ? psm2ctx->mdname : EVP_MD_get0_name(psm2ctx->md))) return 0; return 1; @@ -420,7 +417,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { }; static const OSSL_PARAM *sm2sig_gettable_ctx_params(ossl_unused void *vpsm2ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_gettable_ctx_params; } @@ -462,8 +459,7 @@ static int sm2sig_set_ctx_params(void *vpsm2ctx, const OSSL_PARAM params[]) * this needs to be adjusted accordingly. */ p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); - if (p != NULL && (!OSSL_PARAM_get_size_t(p, &mdsize) - || mdsize != psm2ctx->mdsize)) + if (p != NULL && (!OSSL_PARAM_get_size_t(p, &mdsize) || mdsize != psm2ctx->mdsize)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); @@ -490,7 +486,7 @@ static const OSSL_PARAM known_settable_ctx_params[] = { }; static const OSSL_PARAM *sm2sig_settable_ctx_params(ossl_unused void *vpsm2ctx, - ossl_unused void *provctx) + ossl_unused void *provctx) { return known_settable_ctx_params; } @@ -542,32 +538,32 @@ const OSSL_DISPATCH ossl_sm2_signature_functions[] = { { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))sm2sig_signature_init }, { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))sm2sig_verify }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))sm2sig_digest_signverify_init }, + (void (*)(void))sm2sig_digest_signverify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, - (void (*)(void))sm2sig_digest_signverify_update }, + (void (*)(void))sm2sig_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, - (void (*)(void))sm2sig_digest_sign_final }, + (void (*)(void))sm2sig_digest_sign_final }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))sm2sig_digest_signverify_init }, + (void (*)(void))sm2sig_digest_signverify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, - (void (*)(void))sm2sig_digest_signverify_update }, + (void (*)(void))sm2sig_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, - (void (*)(void))sm2sig_digest_verify_final }, + (void (*)(void))sm2sig_digest_verify_final }, { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))sm2sig_freectx }, { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))sm2sig_dupctx }, { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))sm2sig_get_ctx_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, - (void (*)(void))sm2sig_gettable_ctx_params }, + (void (*)(void))sm2sig_gettable_ctx_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))sm2sig_set_ctx_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, - (void (*)(void))sm2sig_settable_ctx_params }, + (void (*)(void))sm2sig_settable_ctx_params }, { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, - (void (*)(void))sm2sig_get_ctx_md_params }, + (void (*)(void))sm2sig_get_ctx_md_params }, { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, - (void (*)(void))sm2sig_gettable_ctx_md_params }, + (void (*)(void))sm2sig_gettable_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, - (void (*)(void))sm2sig_set_ctx_md_params }, + (void (*)(void))sm2sig_set_ctx_md_params }, { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, - (void (*)(void))sm2sig_settable_ctx_md_params }, + (void (*)(void))sm2sig_settable_ctx_md_params }, { 0, NULL } }; diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index 3049a9c81133..90aab2c5d32c 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -11,7 +11,7 @@ #include <string.h> #include <sys/stat.h> -#include <ctype.h> /* isdigit */ +#include <ctype.h> /* isdigit */ #include <assert.h> #include <openssl/core_dispatch.h> @@ -22,11 +22,11 @@ #include <openssl/params.h> #include <openssl/decoder.h> #include <openssl/proverr.h> -#include <openssl/store.h> /* The OSSL_STORE_INFO type numbers */ +#include <openssl/store.h> /* The OSSL_STORE_INFO type numbers */ #include "internal/cryptlib.h" #include "internal/o_dir.h" #include "crypto/decoder.h" -#include "crypto/ctype.h" /* ossl_isdigit() */ +#include "crypto/ctype.h" /* ossl_isdigit() */ #include "prov/implementations.h" #include "prov/bio.h" #include "file_store_local.h" @@ -34,11 +34,11 @@ DEFINE_STACK_OF(OSSL_STORE_INFO) #ifdef _WIN32 -# define stat _stat +#define stat _stat #endif #ifndef S_ISDIR -# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) +#define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) #endif static OSSL_FUNC_store_open_fn file_open; @@ -65,10 +65,10 @@ static OSSL_FUNC_store_close_fn file_close; struct file_ctx_st { void *provctx; - char *uri; /* The URI we currently try to load */ + char *uri; /* The URI we currently try to load */ enum { - IS_FILE = 0, /* Read file and pass results */ - IS_DIR /* Pass directory entry names */ + IS_FILE = 0, /* Read file and pass results */ + IS_DIR /* Pass directory entry names */ } type; union { @@ -78,7 +78,7 @@ struct file_ctx_st { OSSL_DECODER_CTX *decoderctx; char *input_type; - char *propq; /* The properties we got as a parameter */ + char *propq; /* The properties we got as a parameter */ } file; /* Used with |IS_DIR| */ @@ -122,7 +122,7 @@ static void free_file_ctx(struct file_ctx_st *ctx) } static struct file_ctx_st *new_file_ctx(int type, const char *uri, - void *provctx) + void *provctx) { struct file_ctx_st *ctx = NULL; @@ -150,7 +150,7 @@ static OSSL_DECODER_CLEANUP file_load_cleanup; * */ static struct file_ctx_st *file_open_stream(BIO *source, const char *uri, - void *provctx) + void *provctx) { struct file_ctx_st *ctx; @@ -162,7 +162,7 @@ static struct file_ctx_st *file_open_stream(BIO *source, const char *uri, ctx->_.file.file = source; return ctx; - err: +err: free_file_ctx(ctx); return NULL; } @@ -181,13 +181,13 @@ static void *file_open_dir(const char *path, const char *uri, void *provctx) if (ctx->_.dir.last_entry == NULL) { if (ctx->_.dir.last_errno != 0) { ERR_raise_data(ERR_LIB_SYS, ctx->_.dir.last_errno, - "Calling OPENSSL_DIR_read(\"%s\")", path); + "Calling OPENSSL_DIR_read(\"%s\")", path); goto err; } ctx->_.dir.end_reached = 1; } return ctx; - err: +err: file_close(ctx); return NULL; } @@ -198,7 +198,7 @@ static void *file_open(void *provctx, const char *uri) struct stat st; struct { const char *path; - unsigned int check_absolute:1; + unsigned int check_absolute : 1; } path_data[2]; size_t path_data_n = 0, i; const char *path; @@ -222,7 +222,7 @@ static void *file_open(void *provctx, const char *uri) const char *p = &uri[5]; if (strncmp(&uri[5], "//", 2) == 0) { - path_data_n--; /* Invalidate using the full URI */ + path_data_n--; /* Invalidate using the full URI */ if (OPENSSL_strncasecmp(&uri[7], "localhost/", 10) == 0) { p = &uri[16]; } else if (uri[7] == '/') { @@ -250,7 +250,6 @@ static void *file_open(void *provctx, const char *uri) path_data[path_data_n++].path = p; } - for (i = 0, path = NULL; path == NULL && i < path_data_n; i++) { /* * If the scheme "file" was an explicit part of the URI, the path must @@ -259,14 +258,14 @@ static void *file_open(void *provctx, const char *uri) if (path_data[i].check_absolute && path_data[i].path[0] != '/') { ERR_clear_last_mark(); ERR_raise_data(ERR_LIB_PROV, PROV_R_PATH_MUST_BE_ABSOLUTE, - "Given path=%s", path_data[i].path); + "Given path=%s", path_data[i].path); return NULL; } if (stat(path_data[i].path, &st) < 0) { ERR_raise_data(ERR_LIB_SYS, errno, - "calling stat(%s)", - path_data[i].path); + "calling stat(%s)", + path_data[i].path); } else { path = path_data[i].path; } @@ -282,7 +281,7 @@ static void *file_open(void *provctx, const char *uri) if (S_ISDIR(st.st_mode)) ctx = file_open_dir(path, uri, provctx); else if ((bio = BIO_new_file(path, "rb")) == NULL - || (ctx = file_open_stream(bio, uri, provctx)) == NULL) + || (ctx = file_open_stream(bio, uri, provctx)) == NULL) BIO_free_all(bio); return ctx; @@ -357,7 +356,7 @@ static int file_set_ctx_params(void *loaderctx, const OSSL_PARAM params[]) if (ctx->type != IS_DIR) { ERR_raise(ERR_LIB_PROV, - PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES); + PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES); return 0; } @@ -365,10 +364,10 @@ static int file_set_ctx_params(void *loaderctx, const OSSL_PARAM params[]) || (x509_name = d2i_X509_NAME(NULL, &der, der_len)) == NULL) return 0; hash = X509_NAME_hash_ex(x509_name, - ossl_prov_ctx_get0_libctx(ctx->provctx), NULL, - &ok); + ossl_prov_ctx_get0_libctx(ctx->provctx), NULL, + &ok); BIO_snprintf(ctx->_.dir.search_name, sizeof(ctx->_.dir.search_name), - "%08lx", hash); + "%08lx", hash); X509_NAME_free(x509_name); if (ok == 0) return 0; @@ -387,7 +386,7 @@ struct file_load_data_st { }; static int file_load_construct(OSSL_DECODER_INSTANCE *decoder_inst, - const OSSL_PARAM *params, void *construct_data) + const OSSL_PARAM *params, void *construct_data) { struct file_load_data_st *data = construct_data; @@ -430,7 +429,7 @@ static int file_setup_decoders(struct file_ctx_st *ctx) /* Make sure the input type is set */ if (!OSSL_DECODER_CTX_set_input_type(ctx->_.file.decoderctx, - ctx->_.file.input_type)) { + ctx->_.file.input_type)) { ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } @@ -444,14 +443,14 @@ static int file_setup_decoders(struct file_ctx_st *ctx) switch (ctx->expected_type) { case OSSL_STORE_INFO_CERT: if (!OSSL_DECODER_CTX_set_input_structure(ctx->_.file.decoderctx, - "Certificate")) { + "Certificate")) { ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } break; case OSSL_STORE_INFO_CRL: if (!OSSL_DECODER_CTX_set_input_structure(ctx->_.file.decoderctx, - "CertificateList")) { + "CertificateList")) { ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } @@ -461,8 +460,8 @@ static int file_setup_decoders(struct file_ctx_st *ctx) } for (to_algo = ossl_any_to_obj_algorithm; - to_algo->algorithm_names != NULL; - to_algo++) { + to_algo->algorithm_names != NULL; + to_algo++) { OSSL_DECODER *to_obj = NULL; OSSL_DECODER_INSTANCE *to_obj_inst = NULL; @@ -480,7 +479,7 @@ static int file_setup_decoders(struct file_ctx_st *ctx) goto err; if (!ossl_decoder_ctx_add_decoder_inst(ctx->_.file.decoderctx, - to_obj_inst)) { + to_obj_inst)) { ossl_decoder_instance_free(to_obj_inst); ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; @@ -488,7 +487,7 @@ static int file_setup_decoders(struct file_ctx_st *ctx) } /* Add on the usual extra decoders */ if (!OSSL_DECODER_CTX_add_extra(ctx->_.file.decoderctx, - libctx, ctx->_.file.propq)) { + libctx, ctx->_.file.propq)) { ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } @@ -498,22 +497,22 @@ static int file_setup_decoders(struct file_ctx_st *ctx) * data to the load callback */ if (!OSSL_DECODER_CTX_set_construct(ctx->_.file.decoderctx, - file_load_construct) + file_load_construct) || !OSSL_DECODER_CTX_set_cleanup(ctx->_.file.decoderctx, - file_load_cleanup)) { + file_load_cleanup)) { ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } } ok = 1; - err: +err: return ok; } static int file_load_file(struct file_ctx_st *ctx, - OSSL_CALLBACK *object_cb, void *object_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *object_cb, void *object_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct file_load_data_st data; int ret, err; @@ -635,8 +634,8 @@ static int file_name_check(struct file_ctx_st *ctx, const char *name) } static int file_load_dir_entry(struct file_ctx_st *ctx, - OSSL_CALLBACK *object_cb, void *object_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *object_cb, void *object_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { /* Prepare as much as possible in advance */ static const int object_type = OSSL_OBJECT_NAME; @@ -664,8 +663,7 @@ static int file_load_dir_entry(struct file_ctx_st *ctx, && file_name_check(ctx, ctx->_.dir.last_entry)) { /* If we can't allocate the new name, we fail */ - if ((newname = - file_name_to_uri(ctx, ctx->_.dir.last_entry)) == NULL) + if ((newname = file_name_to_uri(ctx, ctx->_.dir.last_entry)) == NULL) return 0; } @@ -694,8 +692,8 @@ static int file_load_dir_entry(struct file_ctx_st *ctx, */ static int file_load(void *loaderctx, - OSSL_CALLBACK *object_cb, void *object_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *object_cb, void *object_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct file_ctx_st *ctx = loaderctx; @@ -703,8 +701,7 @@ static int file_load(void *loaderctx, case IS_FILE: return file_load_file(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg); case IS_DIR: - return - file_load_dir_entry(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg); + return file_load_dir_entry(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg); default: break; } @@ -781,7 +778,7 @@ const OSSL_DISPATCH ossl_file_store_functions[] = { { OSSL_FUNC_STORE_OPEN, (void (*)(void))file_open }, { OSSL_FUNC_STORE_ATTACH, (void (*)(void))file_attach }, { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS, - (void (*)(void))file_settable_ctx_params }, + (void (*)(void))file_settable_ctx_params }, { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))file_set_ctx_params }, { OSSL_FUNC_STORE_LOAD, (void (*)(void))file_load }, { OSSL_FUNC_STORE_EOF, (void (*)(void))file_eof }, diff --git a/providers/implementations/storemgmt/file_store_any2obj.c b/providers/implementations/storemgmt/file_store_any2obj.c index 28601683bf6e..ba82c95526f4 100644 --- a/providers/implementations/storemgmt/file_store_any2obj.c +++ b/providers/implementations/storemgmt/file_store_any2obj.c @@ -32,7 +32,7 @@ #include <openssl/asn1err.h> #include <openssl/params.h> #include "internal/asn1.h" -#include "crypto/pem.h" /* For internal PVK and "blob" headers */ +#include "crypto/pem.h" /* For internal PVK and "blob" headers */ #include "prov/bio.h" #include "file_store_local.h" @@ -55,7 +55,7 @@ static void any2obj_freectx(void *vctx) } static int any2obj_decode_final(void *provctx, int objtype, BUF_MEM *mem, - OSSL_CALLBACK *data_cb, void *data_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg) { /* * 1 indicates that we successfully decoded something, or not at all. @@ -66,11 +66,9 @@ static int any2obj_decode_final(void *provctx, int objtype, BUF_MEM *mem, if (mem != NULL) { OSSL_PARAM params[3]; - params[0] = - OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); - params[1] = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, - mem->data, mem->length); + params[0] = OSSL_PARAM_construct_int(OSSL_OBJECT_PARAM_TYPE, &objtype); + params[1] = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, + mem->data, mem->length); params[2] = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); @@ -81,8 +79,8 @@ static int any2obj_decode_final(void *provctx, int objtype, BUF_MEM *mem, static OSSL_FUNC_decoder_decode_fn der2obj_decode; static int der2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { BIO *in = ossl_bio_new_from_core_bio(provctx, cin); BUF_MEM *mem = NULL; @@ -102,13 +100,13 @@ static int der2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, /* any2obj_decode_final() frees |mem| for us */ return any2obj_decode_final(provctx, OSSL_OBJECT_UNKNOWN, mem, - data_cb, data_cbarg); + data_cb, data_cbarg); } static OSSL_FUNC_decoder_decode_fn msblob2obj_decode; static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { BIO *in = ossl_bio_new_from_core_bio(provctx, cin); BUF_MEM *mem = NULL; @@ -122,7 +120,7 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, if (in == NULL) goto err; - mem_want = 16; /* The size of the MSBLOB header */ + mem_want = 16; /* The size of the MSBLOB header */ if ((mem = BUF_MEM_new()) == NULL || !BUF_MEM_grow(mem, mem_want)) { ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); @@ -136,7 +134,6 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, if (!ok) goto next; - ERR_set_mark(); p = (unsigned char *)&mem->data[0]; ok = ossl_do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) > 0; @@ -156,7 +153,7 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, mem_len += mem_want; ERR_pop_to_mark(); - next: +next: /* Free resources we no longer need. */ BIO_free(in); if (!ok && mem != NULL) { @@ -166,9 +163,9 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, /* any2obj_decode_final() frees |mem| for us */ return any2obj_decode_final(provctx, OSSL_OBJECT_PKEY, mem, - data_cb, data_cbarg); + data_cb, data_cbarg); - err: +err: BIO_free(in); BUF_MEM_free(mem); return 0; @@ -176,8 +173,8 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, static OSSL_FUNC_decoder_decode_fn pvk2obj_decode; static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, - OSSL_CALLBACK *data_cb, void *data_cbarg, - OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) + OSSL_CALLBACK *data_cb, void *data_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { BIO *in = ossl_bio_new_from_core_bio(provctx, cin); BUF_MEM *mem = NULL; @@ -189,7 +186,7 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, if (in == NULL) goto err; - mem_want = 24; /* The size of the PVK header */ + mem_want = 24; /* The size of the PVK header */ if ((mem = BUF_MEM_new()) == NULL || !BUF_MEM_grow(mem, mem_want)) { ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); @@ -203,7 +200,6 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, if (!ok) goto next; - ERR_set_mark(); p = (unsigned char *)&mem->data[0]; ok = ossl_do_PVK_header(&p, 24, 0, &saltlen, &keylen) > 0; @@ -223,7 +219,7 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, mem_len += mem_want; ERR_pop_to_mark(); - next: +next: /* Free resources we no longer need. */ BIO_free(in); if (!ok && mem != NULL) { @@ -233,9 +229,9 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, /* any2obj_decode_final() frees |mem| for us */ return any2obj_decode_final(provctx, OSSL_OBJECT_PKEY, mem, - data_cb, data_cbarg); + data_cb, data_cbarg); - err: +err: BIO_free(in); BUF_MEM_free(mem); return 0; @@ -257,5 +253,7 @@ const OSSL_ALGORITHM ossl_any_to_obj_algorithm[] = { { "obj", "input=DER", der_to_obj_decoder_functions }, { "obj", "input=MSBLOB", msblob_to_obj_decoder_functions }, { "obj", "input=PVK", pvk_to_obj_decoder_functions }, - { NULL, } + { + NULL, + } }; diff --git a/providers/implementations/storemgmt/file_store_local.h b/providers/implementations/storemgmt/file_store_local.h index b7d9e585163e..b7b848649948 100644 --- a/providers/implementations/storemgmt/file_store_local.h +++ b/providers/implementations/storemgmt/file_store_local.h @@ -8,4 +8,3 @@ */ extern const OSSL_ALGORITHM ossl_any_to_obj_algorithm[]; - |