summaryrefslogtreecommitdiff
path: root/crypto/evp/evp_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/evp/evp_lib.c')
-rw-r--r--crypto/evp/evp_lib.c177
1 files changed, 84 insertions, 93 deletions
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 4f3d901eba5d..060f92b328ee 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -29,7 +29,7 @@
#include "evp_local.h"
#if !defined(FIPS_MODULE)
-# include "crypto/asn1.h"
+#include "crypto/asn1.h"
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
{
@@ -78,9 +78,9 @@ int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
}
int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
- evp_cipher_aead_asn1_params *asn1_params)
+ evp_cipher_aead_asn1_params *asn1_params)
{
- int ret = -1; /* Assume the worst */
+ int ret = -1; /* Assume the worst */
const EVP_CIPHER *cipher = c->cipher;
/*
@@ -131,8 +131,8 @@ int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
* and the second to get the actual value.
*/
*p++ = OSSL_PARAM_construct_octet_string(
- OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS,
- NULL, 0);
+ OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS,
+ NULL, 0);
*p = OSSL_PARAM_construct_end();
if (!EVP_CIPHER_CTX_get_params(c, params))
@@ -149,7 +149,8 @@ int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
if (EVP_CIPHER_CTX_get_params(c, params)
&& OSSL_PARAM_modified(params)
&& d2i_ASN1_TYPE(&type, (const unsigned char **)&derp,
- params[0].return_size) != NULL) {
+ params[0].return_size)
+ != NULL) {
ret = 1;
}
OPENSSL_free(der);
@@ -158,7 +159,7 @@ int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
ret = -2;
}
- err:
+err:
if (ret == -2)
ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER);
else if (ret <= 0)
@@ -169,9 +170,9 @@ int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
}
int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
- evp_cipher_aead_asn1_params *asn1_params)
+ evp_cipher_aead_asn1_params *asn1_params)
{
- int ret = -1; /* Assume the worst */
+ int ret = -1; /* Assume the worst */
const EVP_CIPHER *cipher = c->cipher;
/*
@@ -217,10 +218,9 @@ int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
int derl = -1;
if ((derl = i2d_ASN1_TYPE(type, &der)) >= 0) {
- *p++ =
- OSSL_PARAM_construct_octet_string(
- OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS,
- der, (size_t)derl);
+ *p++ = OSSL_PARAM_construct_octet_string(
+ OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS,
+ der, (size_t)derl);
*p = OSSL_PARAM_construct_end();
if (EVP_CIPHER_CTX_set_params(c, params))
ret = 1;
@@ -240,7 +240,7 @@ int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
}
int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
- evp_cipher_aead_asn1_params *asn1_params)
+ evp_cipher_aead_asn1_params *asn1_params)
{
int i = 0;
long tl;
@@ -249,10 +249,9 @@ int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
if (type == NULL || asn1_params == NULL)
return 0;
- i = ossl_asn1_type_get_octetstring_int(type, &tl, NULL, EVP_MAX_IV_LENGTH);
- if (i <= 0)
+ i = ossl_asn1_type_get_octetstring_int(type, &tl, iv, EVP_MAX_IV_LENGTH);
+ if (i <= 0 || i > EVP_MAX_IV_LENGTH)
return -1;
- ossl_asn1_type_get_octetstring_int(type, &tl, iv, i);
memcpy(asn1_params->iv, iv, i);
asn1_params->iv_len = i;
@@ -261,14 +260,14 @@ int evp_cipher_get_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
}
int evp_cipher_set_asn1_aead_params(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
- evp_cipher_aead_asn1_params *asn1_params)
+ evp_cipher_aead_asn1_params *asn1_params)
{
if (type == NULL || asn1_params == NULL)
return 0;
return ossl_asn1_type_set_octetstring_int(type, asn1_params->tag_len,
- asn1_params->iv,
- asn1_params->iv_len);
+ asn1_params->iv,
+ asn1_params->iv_len);
}
#endif /* !defined(FIPS_MODULE) */
@@ -325,15 +324,15 @@ int EVP_CIPHER_get_type(const EVP_CIPHER *cipher)
#ifdef FIPS_MODULE
return NID_undef;
#else
- {
- /* Check it has an OID and it is valid */
- ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
+ {
+ /* Check it has an OID and it is valid */
+ ASN1_OBJECT *otmp = OBJ_nid2obj(nid);
- if (OBJ_get0_data(otmp) == NULL)
- nid = NID_undef;
- ASN1_OBJECT_free(otmp);
- return nid;
- }
+ if (OBJ_get0_data(otmp) == NULL)
+ nid = NID_undef;
+ ASN1_OBJECT_free(otmp);
+ return nid;
+ }
#endif
}
}
@@ -353,12 +352,12 @@ int evp_cipher_cache_constants(EVP_CIPHER *cipher)
params[3] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_MODE, &mode);
params[4] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_AEAD, &aead);
params[5] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CUSTOM_IV,
- &custom_iv);
+ &custom_iv);
params[6] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_CTS, &cts);
params[7] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK,
- &multiblock);
+ &multiblock);
params[8] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_HAS_RAND_KEY,
- &randkey);
+ &randkey);
params[9] = OSSL_PARAM_construct_end();
ok = evp_do_ciph_getparams(cipher, params) > 0;
if (ok) {
@@ -379,7 +378,7 @@ int evp_cipher_cache_constants(EVP_CIPHER *cipher)
if (randkey)
cipher->flags |= EVP_CIPH_RAND_KEY;
if (OSSL_PARAM_locate_const(EVP_CIPHER_gettable_ctx_params(cipher),
- OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS))
+ OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS))
cipher->flags |= EVP_CIPH_FLAG_CUSTOM_ASN1;
}
return ok;
@@ -401,7 +400,7 @@ int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *e)
}
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
+ const unsigned char *in, unsigned int inl)
{
if (ctx->cipher->prov != NULL) {
/*
@@ -416,17 +415,18 @@ int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
size_t blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
if (ctx->cipher->ccipher != NULL)
- ret = ctx->cipher->ccipher(ctx->algctx, out, &outl,
- inl + (blocksize == 1 ? 0 : blocksize),
- in, (size_t)inl)
- ? (int)outl : -1;
+ ret = ctx->cipher->ccipher(ctx->algctx, out, &outl,
+ inl + (blocksize == 1 ? 0 : blocksize),
+ in, (size_t)inl)
+ ? (int)outl
+ : -1;
else if (in != NULL)
ret = ctx->cipher->cupdate(ctx->algctx, out, &outl,
- inl + (blocksize == 1 ? 0 : blocksize),
- in, (size_t)inl);
+ inl + (blocksize == 1 ? 0 : blocksize),
+ in, (size_t)inl);
else
ret = ctx->cipher->cfinal(ctx->algctx, out, &outl,
- blocksize == 1 ? 0 : blocksize);
+ blocksize == 1 ? 0 : blocksize);
return ret;
}
@@ -511,11 +511,11 @@ int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
if (ctx->cipher->get_ctx_params != NULL) {
params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN,
- &v);
+ &v);
rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
if (rv > 0) {
if (OSSL_PARAM_modified(params)
- && !OSSL_PARAM_get_int(params, &len))
+ && !OSSL_PARAM_get_int(params, &len))
return -1;
} else if (rv != EVP_CTRL_RET_UNSUPPORTED) {
return -1;
@@ -523,9 +523,10 @@ int EVP_CIPHER_CTX_get_iv_length(const EVP_CIPHER_CTX *ctx)
}
/* Code below to be removed when legacy support is dropped. */
else if ((EVP_CIPHER_get_flags(ctx->cipher)
- & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
+ & EVP_CIPH_CUSTOM_IV_LENGTH)
+ != 0) {
rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
- 0, &len);
+ 0, &len);
if (rv <= 0)
return -1;
}
@@ -556,9 +557,8 @@ const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
const unsigned char *v = ctx->oiv;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] =
- OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
- (void **)&v, sizeof(ctx->oiv));
+ params[0] = OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
+ (void **)&v, sizeof(ctx->oiv));
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
return ok != 0 ? v : NULL;
@@ -573,9 +573,8 @@ const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
const unsigned char *v = ctx->iv;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] =
- OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
- (void **)&v, sizeof(ctx->iv));
+ params[0] = OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
+ (void **)&v, sizeof(ctx->iv));
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
return ok != 0 ? v : NULL;
@@ -587,9 +586,8 @@ unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
unsigned char *v = ctx->iv;
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] =
- OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
- (void **)&v, sizeof(ctx->iv));
+ params[0] = OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
+ (void **)&v, sizeof(ctx->iv));
ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
return ok != 0 ? v : NULL;
@@ -600,8 +598,7 @@ int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
{
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] =
- OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len);
+ params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len);
return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0;
}
@@ -609,8 +606,7 @@ int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
{
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] =
- OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
+ params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params) > 0;
}
@@ -709,8 +705,8 @@ const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher)
}
int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
- void (*fn)(const char *name, void *data),
- void *data)
+ void (*fn)(const char *name, void *data),
+ void *data)
{
if (cipher->prov != NULL)
return evp_names_do_all(cipher->prov, cipher->name_id, fn, data);
@@ -767,8 +763,8 @@ const char *EVP_MD_get0_name(const EVP_MD *md)
}
int EVP_MD_names_do_all(const EVP_MD *md,
- void (*fn)(const char *name, void *data),
- void *data)
+ void (*fn)(const char *name, void *data),
+ void *data)
{
if (md->prov != NULL)
return evp_names_do_all(md->prov, md->name_id, fn, data);
@@ -858,7 +854,7 @@ void evp_md_free_int(EVP_MD *md)
void EVP_MD_meth_free(EVP_MD *md)
{
if (md == NULL || md->origin != EVP_ORIG_METH)
- return;
+ return;
evp_md_free_int(md);
}
@@ -903,9 +899,7 @@ int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx))
md->init = init;
return 1;
}
-int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
- const void *data,
- size_t count))
+int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count))
{
if (md->update != NULL)
return 0;
@@ -913,8 +907,7 @@ int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx,
md->update = update;
return 1;
}
-int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
- unsigned char *md))
+int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx, unsigned char *md))
{
if (md->final != NULL)
return 0;
@@ -922,8 +915,7 @@ int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx,
md->final = final;
return 1;
}
-int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to,
- const EVP_MD_CTX *from))
+int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from))
{
if (md->copy != NULL)
return 0;
@@ -939,8 +931,7 @@ int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx))
md->cleanup = cleanup;
return 1;
}
-int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd,
- int p1, void *p2))
+int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2))
{
if (md->md_ctrl != NULL)
return 0;
@@ -970,18 +961,18 @@ int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx)
return md->init;
}
int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx,
- const void *data,
- size_t count)
+ const void *data,
+ size_t count)
{
return md->update;
}
int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx,
- unsigned char *md)
+ unsigned char *md)
{
return md->final;
}
int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to,
- const EVP_MD_CTX *from)
+ const EVP_MD_CTX *from)
{
return md->copy;
}
@@ -990,7 +981,7 @@ int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx)
return md->cleanup;
}
int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd,
- int p1, void *p2)
+ int p1, void *p2)
{
return md->md_ctrl;
}
@@ -1055,14 +1046,14 @@ void *EVP_MD_CTX_get0_md_data(const EVP_MD_CTX *ctx)
}
int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx,
- const void *data, size_t count)
+ const void *data, size_t count)
{
return ctx->update;
}
void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx,
- int (*update) (EVP_MD_CTX *ctx,
- const void *data, size_t count))
+ int (*update)(EVP_MD_CTX *ctx,
+ const void *data, size_t count))
{
ctx->update = update;
}
@@ -1083,7 +1074,7 @@ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
}
static int evp_cipher_ctx_enable_use_bits(EVP_CIPHER_CTX *ctx,
- unsigned int enable)
+ unsigned int enable)
{
OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
@@ -1130,7 +1121,7 @@ int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name)
return -1;
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
- (char *)name, 0);
+ (char *)name, 0);
return EVP_PKEY_CTX_set_params(ctx, params);
}
@@ -1150,7 +1141,7 @@ int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
return -1;
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
- name, namelen);
+ name, namelen);
if (!EVP_PKEY_CTX_get_params(ctx, params))
return -1;
return 1;
@@ -1166,14 +1157,14 @@ int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen)
* such as the RSA modulus size or the name of an EC curve.
*/
static EVP_PKEY *evp_pkey_keygen(OSSL_LIB_CTX *libctx, const char *name,
- const char *propq, const OSSL_PARAM *params)
+ const char *propq, const OSSL_PARAM *params)
{
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(libctx, name, propq);
if (ctx != NULL
- && EVP_PKEY_keygen_init(ctx) > 0
- && EVP_PKEY_CTX_set_params(ctx, params))
+ && EVP_PKEY_keygen_init(ctx) > 0
+ && EVP_PKEY_CTX_set_params(ctx, params))
(void)EVP_PKEY_generate(ctx, &pkey);
EVP_PKEY_CTX_free(ctx);
@@ -1181,7 +1172,7 @@ static EVP_PKEY *evp_pkey_keygen(OSSL_LIB_CTX *libctx, const char *name,
}
EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq,
- const char *type, ...)
+ const char *type, ...)
{
va_list args;
size_t bits;
@@ -1197,18 +1188,18 @@ EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq,
} else if (OPENSSL_strcasecmp(type, "EC") == 0) {
name = va_arg(args, char *);
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
- name, 0);
+ name, 0);
} else if (OPENSSL_strcasecmp(type, "ED25519") != 0
- && OPENSSL_strcasecmp(type, "X25519") != 0
- && OPENSSL_strcasecmp(type, "ED448") != 0
- && OPENSSL_strcasecmp(type, "X448") != 0
- && OPENSSL_strcasecmp(type, "SM2") != 0) {
+ && OPENSSL_strcasecmp(type, "X25519") != 0
+ && OPENSSL_strcasecmp(type, "ED448") != 0
+ && OPENSSL_strcasecmp(type, "X448") != 0
+ && OPENSSL_strcasecmp(type, "SM2") != 0) {
ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_INVALID_ARGUMENT);
goto end;
}
ret = evp_pkey_keygen(libctx, type, propq, params);
- end:
+end:
va_end(args);
return ret;
}
generated by cgit v1.3 (git 2.53.0) at 2026-04-18 19:45:35 +0000