diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2021-05-14 13:08:42 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-05-24 10:12:18 +1000 |
commit | 7c14d0c1c0ece97f7406b4df466df6439146d6c6 (patch) | |
tree | 0df7120b66ec8b6cc4072492822fa071fd1288ef | |
parent | c45df3302d20291ff1125f1aeb82fae1cdceaac8 (diff) |
Rename the field 'provctx and data' to 'algctx' inside some objects containing
pointers to provider size algorithm contexts.
Fixes #14284
The gettable_ctx_params methods were confusingly passing a 'provctx' and
a provider context which are completely different objects.
Some objects such as EVP_KDF used 'data' while others such as EVP_MD used 'provctx'.
For libcrypto this 'ctx' is an opaque ptr returned when a providers algorithm
implementation creates an internal context using a new_ctx() method.
Hence the new name 'algctx'.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15275)
-rw-r--r-- | crypto/evp/asymcipher.c | 16 | ||||
-rw-r--r-- | crypto/evp/ctrl_params_translate.c | 8 | ||||
-rw-r--r-- | crypto/evp/digest.c | 84 | ||||
-rw-r--r-- | crypto/evp/evp_enc.c | 78 | ||||
-rw-r--r-- | crypto/evp/evp_lib.c | 26 | ||||
-rw-r--r-- | crypto/evp/evp_local.h | 34 | ||||
-rw-r--r-- | crypto/evp/evp_rand.c | 38 | ||||
-rw-r--r-- | crypto/evp/evp_utils.c | 6 | ||||
-rw-r--r-- | crypto/evp/exchange.c | 14 | ||||
-rw-r--r-- | crypto/evp/kdf_lib.c | 24 | ||||
-rw-r--r-- | crypto/evp/kdf_meth.c | 4 | ||||
-rw-r--r-- | crypto/evp/kem.c | 16 | ||||
-rw-r--r-- | crypto/evp/m_sigver.c | 38 | ||||
-rw-r--r-- | crypto/evp/mac_lib.c | 28 | ||||
-rw-r--r-- | crypto/evp/mac_meth.c | 4 | ||||
-rw-r--r-- | crypto/evp/pmeth_lib.c | 122 | ||||
-rw-r--r-- | crypto/evp/signature.c | 26 | ||||
-rw-r--r-- | include/crypto/evp.h | 24 | ||||
-rw-r--r-- | test/drbgtest.c | 2 | ||||
-rw-r--r-- | test/testutil/fake_random.c | 4 |
20 files changed, 314 insertions, 282 deletions
diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c index 1acbe81b68..513cb7e654 100644 --- a/crypto/evp/asymcipher.c +++ b/crypto/evp/asymcipher.c @@ -99,8 +99,8 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, /* No more legacy from here down to legacy: */ ctx->op.ciph.cipher = cipher; - ctx->op.ciph.ciphprovctx = cipher->newctx(ossl_provider_ctx(cipher->prov)); - if (ctx->op.ciph.ciphprovctx == NULL) { + ctx->op.ciph.algctx = cipher->newctx(ossl_provider_ctx(cipher->prov)); + if (ctx->op.ciph.algctx == NULL) { /* The provider key can stay in the cache */ ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; @@ -113,7 +113,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, ret = -2; goto err; } - ret = cipher->encrypt_init(ctx->op.ciph.ciphprovctx, provkey, params); + ret = cipher->encrypt_init(ctx->op.ciph.algctx, provkey, params); break; case EVP_PKEY_OP_DECRYPT: if (cipher->decrypt_init == NULL) { @@ -121,7 +121,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation, ret = -2; goto err; } - ret = cipher->decrypt_init(ctx->op.ciph.ciphprovctx, provkey, params); + ret = cipher->decrypt_init(ctx->op.ciph.algctx, provkey, params); break; default: ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); @@ -194,10 +194,10 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, return -1; } - if (ctx->op.ciph.ciphprovctx == NULL) + if (ctx->op.ciph.algctx == NULL) goto legacy; - ret = ctx->op.ciph.cipher->encrypt(ctx->op.ciph.ciphprovctx, out, outlen, + ret = ctx->op.ciph.cipher->encrypt(ctx->op.ciph.algctx, out, outlen, (out == NULL ? 0 : *outlen), in, inlen); return ret; @@ -236,10 +236,10 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, return -1; } - if (ctx->op.ciph.ciphprovctx == NULL) + if (ctx->op.ciph.algctx == NULL) goto legacy; - ret = ctx->op.ciph.cipher->decrypt(ctx->op.ciph.ciphprovctx, out, outlen, + ret = ctx->op.ciph.cipher->decrypt(ctx->op.ciph.algctx, out, outlen, (out == NULL ? 0 : *outlen), in, inlen); return ret; diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index f47209ae83..216305b952 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -419,13 +419,13 @@ static int default_fixup_args(enum state state, if (translation->optype != 0) { if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx) - && ctx->pctx->op.sig.sigprovctx == NULL) + && ctx->pctx->op.sig.algctx == NULL) || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx) - && ctx->pctx->op.kex.exchprovctx == NULL) + && ctx->pctx->op.kex.algctx == NULL) || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx) - && ctx->pctx->op.ciph.ciphprovctx == NULL) + && ctx->pctx->op.ciph.algctx == NULL) || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx) - && ctx->pctx->op.encap.kemprovctx == NULL) + && ctx->pctx->op.encap.algctx == NULL) /* * The following may be unnecessary, but we have them * for good measure... diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 25ce609854..b202d466e4 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -26,10 +26,10 @@ void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force) { - if (ctx->provctx != NULL) { + if (ctx->algctx != NULL) { if (ctx->digest != NULL && ctx->digest->freectx != NULL) - ctx->digest->freectx(ctx->provctx); - ctx->provctx = NULL; + ctx->digest->freectx(ctx->algctx); + ctx->algctx = NULL; EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); } @@ -132,7 +132,7 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, #if !defined(FIPS_MODULE) if (ctx->pctx != NULL && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx) - && ctx->pctx->op.sig.sigprovctx != NULL) { + && ctx->pctx->op.sig.algctx != NULL) { /* * Prior to OpenSSL 3.0 calling EVP_DigestInit_ex() on an mdctx * previously initialised with EVP_DigestSignInit() would retain @@ -150,14 +150,14 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); - if (ctx->provctx != NULL) { + if (ctx->algctx != NULL) { if (!ossl_assert(ctx->digest != NULL)) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); return 0; } if (ctx->digest->freectx != NULL) - ctx->digest->freectx(ctx->provctx); - ctx->provctx = NULL; + ctx->digest->freectx(ctx->algctx); + ctx->algctx = NULL; } if (type != NULL) { @@ -238,10 +238,10 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, #endif } - if (ctx->provctx != NULL && ctx->digest != NULL && ctx->digest != type) { + if (ctx->algctx != NULL && ctx->digest != NULL && ctx->digest != type) { if (ctx->digest->freectx != NULL) - ctx->digest->freectx(ctx->provctx); - ctx->provctx = NULL; + ctx->digest->freectx(ctx->algctx); + ctx->algctx = NULL; } if (type->prov != NULL && ctx->fetched_digest != type) { if (!EVP_MD_up_ref((EVP_MD *)type)) { @@ -252,9 +252,9 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, ctx->fetched_digest = (EVP_MD *)type; } ctx->digest = type; - if (ctx->provctx == NULL) { - ctx->provctx = ctx->digest->newctx(ossl_provider_ctx(type->prov)); - if (ctx->provctx == NULL) { + if (ctx->algctx == NULL) { + ctx->algctx = ctx->digest->newctx(ossl_provider_ctx(type->prov)); + if (ctx->algctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); return 0; } @@ -265,7 +265,7 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type, return 0; } - return ctx->digest->dinit(ctx->provctx, params); + return ctx->digest->dinit(ctx->algctx, params); /* Code below to be removed when legacy support is dropped. */ legacy: @@ -359,7 +359,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) if (ctx->pctx != NULL && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx) - && ctx->pctx->op.sig.sigprovctx != NULL) { + && ctx->pctx->op.sig.algctx != NULL) { /* * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate(). @@ -385,7 +385,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); return 0; } - return ctx->digest->dupdate(ctx->provctx, data, count); + return ctx->digest->dupdate(ctx->algctx, data, count); /* Code below to be removed when legacy support is dropped. */ legacy: @@ -423,7 +423,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize) return 0; } - ret = ctx->digest->dfinal(ctx->provctx, md, &size, mdsize); + ret = ctx->digest->dfinal(ctx->algctx, md, &size, mdsize); if (isize != NULL) { if (size <= UINT_MAX) { @@ -473,7 +473,7 @@ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t size) params[i++] = OSSL_PARAM_construct_end(); if (EVP_MD_CTX_set_params(ctx, params) > 0) - ret = ctx->digest->dfinal(ctx->provctx, md, &size, size); + ret = ctx->digest->dfinal(ctx->algctx, md, &size, size); return ret; @@ -524,14 +524,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) *out = *in; /* NULL out pointers in case of error */ out->pctx = NULL; - out->provctx = NULL; + out->algctx = NULL; if (in->fetched_digest != NULL) EVP_MD_up_ref(in->fetched_digest); - if (in->provctx != NULL) { - out->provctx = in->digest->dupctx(in->provctx); - if (out->provctx == NULL) { + if (in->algctx != NULL) { + out->algctx = in->digest->dupctx(in->algctx); + if (out->algctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX); return 0; } @@ -666,24 +666,24 @@ int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]) if (pctx != NULL && (pctx->operation == EVP_PKEY_OP_VERIFYCTX || pctx->operation == EVP_PKEY_OP_SIGNCTX) - && pctx->op.sig.sigprovctx != NULL + && pctx->op.sig.algctx != NULL && pctx->op.sig.signature->set_ctx_md_params != NULL) - return pctx->op.sig.signature->set_ctx_md_params(pctx->op.sig.sigprovctx, + return pctx->op.sig.signature->set_ctx_md_params(pctx->op.sig.algctx, params); if (ctx->digest != NULL && ctx->digest->set_ctx_params != NULL) - return ctx->digest->set_ctx_params(ctx->provctx, params); + return ctx->digest->set_ctx_params(ctx->algctx, params); return 0; } const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md) { - void *alg; + void *provctx; if (md != NULL && md->settable_ctx_params != NULL) { - alg = ossl_provider_ctx(EVP_MD_provider(md)); - return md->settable_ctx_params(NULL, alg); + provctx = ossl_provider_ctx(EVP_MD_provider(md)); + return md->settable_ctx_params(NULL, provctx); } return NULL; } @@ -701,14 +701,14 @@ const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx) if (pctx != NULL && (pctx->operation == EVP_PKEY_OP_VERIFYCTX || pctx->operation == EVP_PKEY_OP_SIGNCTX) - && pctx->op.sig.sigprovctx != NULL + && pctx->op.sig.algctx != NULL && pctx->op.sig.signature->settable_ctx_md_params != NULL) return pctx->op.sig.signature->settable_ctx_md_params( - pctx->op.sig.sigprovctx); + pctx->op.sig.algctx); if (ctx->digest != NULL && ctx->digest->settable_ctx_params != NULL) { alg = ossl_provider_ctx(EVP_MD_provider(ctx->digest)); - return ctx->digest->settable_ctx_params(ctx->provctx, alg); + return ctx->digest->settable_ctx_params(ctx->algctx, alg); } return NULL; @@ -722,24 +722,24 @@ int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[]) if (pctx != NULL && (pctx->operation == EVP_PKEY_OP_VERIFYCTX || pctx->operation == EVP_PKEY_OP_SIGNCTX) - && pctx->op.sig.sigprovctx != NULL + && pctx->op.sig.algctx != NULL && pctx->op.sig.signature->get_ctx_md_params != NULL) - return pctx->op.sig.signature->get_ctx_md_params(pctx->op.sig.sigprovctx, + return pctx->op.sig.signature->get_ctx_md_params(pctx->op.sig.algctx, params); if (ctx->digest != NULL && ctx->digest->get_params != NULL) - return ctx->digest->get_ctx_params(ctx->provctx, params); + return ctx->digest->get_ctx_params(ctx->algctx, params); return 0; } const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md) { - void *alg; + void *provctx; if (md != NULL && md->gettable_ctx_params != NULL) { - alg = ossl_provider_ctx(EVP_MD_provider(md)); - return md->gettable_ctx_params(NULL, alg); + provctx = ossl_provider_ctx(EVP_MD_provider(md)); + return md->gettable_ctx_params(NULL, provctx); } return NULL; } @@ -747,7 +747,7 @@ const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md) const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx) { EVP_PKEY_CTX *pctx; - void *alg; + void *provctx; if (ctx == NULL) return NULL; @@ -757,14 +757,14 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx) if (pctx != NULL && (pctx->operation == EVP_PKEY_OP_VERIFYCTX || pctx->operation == EVP_PKEY_OP_SIGNCTX) - && pctx->op.sig.sigprovctx != NULL + && pctx->op.sig.algctx != NULL && pctx->op.sig.signature->gettable_ctx_md_params != NULL) return pctx->op.sig.signature->gettable_ctx_md_params( - pctx->op.sig.sigprovctx); + pctx->op.sig.algctx); if (ctx->digest != NULL && ctx->digest->gettable_ctx_params != NULL) { - alg = ossl_provider_ctx(EVP_MD_provider(ctx->digest)); - return ctx->digest->gettable_ctx_params(ctx->provctx, alg); + provctx = ossl_provider_ctx(EVP_MD_provider(ctx->digest)); + return ctx->digest->gettable_ctx_params(ctx->algctx, provctx); } return NULL; } diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 50e1c3452b..143ae1b076 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -33,10 +33,10 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx) if (ctx->cipher == NULL || ctx->cipher->prov == NULL) goto legacy; - if (ctx->provctx != NULL) { + if (ctx->algctx != NULL) { if (ctx->cipher->freectx != NULL) - ctx->cipher->freectx(ctx->provctx); - ctx->provctx = NULL; + ctx->cipher->freectx(ctx->algctx); + ctx->algctx = NULL; } if (ctx->fetched_cipher != NULL) EVP_CIPHER_free(ctx->fetched_cipher); @@ -190,9 +190,9 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, ctx->fetched_cipher = (EVP_CIPHER *)cipher; } ctx->cipher = cipher; - if (ctx->provctx == NULL) { - ctx->provctx = ctx->cipher->newctx(ossl_provider_ctx(cipher->prov)); - if (ctx->provctx == NULL) { + if (ctx->algctx == NULL) { + ctx->algctx = ctx->cipher->newctx(ossl_provider_ctx(cipher->prov)); + if (ctx->algctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); return 0; } @@ -213,7 +213,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, return 0; } - return ctx->cipher->einit(ctx->provctx, + return ctx->cipher->einit(ctx->algctx, key, key == NULL ? 0 : EVP_CIPHER_CTX_key_length(ctx), @@ -228,7 +228,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, return 0; } - return ctx->cipher->dinit(ctx->provctx, + return ctx->cipher->dinit(ctx->algctx, key, key == NULL ? 0 : EVP_CIPHER_CTX_key_length(ctx), @@ -620,7 +620,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); return 0; } - ret = ctx->cipher->cupdate(ctx->provctx, out, &soutl, + ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl, inl + (blocksize == 1 ? 0 : blocksize), in, (size_t)inl); @@ -681,7 +681,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return 0; } - ret = ctx->cipher->cfinal(ctx->provctx, out, &soutl, + ret = ctx->cipher->cfinal(ctx->algctx, out, &soutl, blocksize == 1 ? 0 : blocksize); if (ret) { @@ -767,7 +767,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR); return 0; } - ret = ctx->cipher->cupdate(ctx->provctx, out, &soutl, + ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl, inl + (blocksize == 1 ? 0 : blocksize), in, (size_t)inl); @@ -903,7 +903,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) return 0; } - ret = ctx->cipher->cfinal(ctx->provctx, out, &soutl, + ret = ctx->cipher->cfinal(ctx->algctx, out, &soutl, blocksize == 1 ? 0 : blocksize); if (ret) { @@ -985,7 +985,7 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) return 0; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len); - ok = evp_do_ciph_ctx_setparams(c->cipher, c->provctx, params); + ok = evp_do_ciph_ctx_setparams(c->cipher, c->algctx, params); return ok > 0 ? 1 : 0; } @@ -1022,7 +1022,7 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) if (ctx->cipher != NULL && ctx->cipher->prov == NULL) return 1; params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd); - ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); return ok != 0; } @@ -1115,12 +1115,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, ptr, sz); - ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) goto end; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, &sz); - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) goto end; return sz; @@ -1135,14 +1135,14 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE: params[0] = OSSL_PARAM_construct_size_t( OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, &sz); - ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) return 0; params[0] = OSSL_PARAM_construct_size_t( OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, &sz); params[1] = OSSL_PARAM_construct_end(); - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) return 0; return sz; @@ -1157,7 +1157,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, (void*)p->inp, p->len); params[1] = OSSL_PARAM_construct_uint( OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave); - ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) return ret; /* Retrieve the return values changed by the set */ @@ -1166,7 +1166,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) params[1] = OSSL_PARAM_construct_uint( OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave); params[2] = OSSL_PARAM_construct_end(); - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) return 0; return sz; @@ -1183,13 +1183,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) p->len); params[2] = OSSL_PARAM_construct_uint( OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave); - ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) return ret; params[0] = OSSL_PARAM_construct_size_t( OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, &sz); params[1] = OSSL_PARAM_construct_end(); - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); if (ret <= 0) return 0; return sz; @@ -1204,9 +1204,9 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) } if (set_params) - ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); else - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); goto end; /* Code below to be removed when legacy support is dropped. */ @@ -1236,14 +1236,14 @@ int EVP_CIPHER_get_params(EVP_CIPHER *cipher, OSSL_PARAM params[]) int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[]) { if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL) - return ctx->cipher->set_ctx_params(ctx->provctx, params); + return ctx->cipher->set_ctx_params(ctx->algctx, params); return 0; } int EVP_CIPHER_CTX_get_params(EVP_CIPHER_CTX *ctx, OSSL_PARAM params[]) { if (ctx->cipher != NULL && ctx->cipher->get_ctx_params != NULL) - return ctx->cipher->get_ctx_params(ctx->provctx, params); + return ctx->cipher->get_ctx_params(ctx->algctx, params); return 0; } @@ -1257,22 +1257,22 @@ const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher) const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher) { - void *alg; + void *provctx; if (cipher != NULL && cipher->settable_ctx_params != NULL) { - alg = ossl_provider_ctx(EVP_CIPHER_provider(cipher)); - return cipher->settable_ctx_params(NULL, alg); + provctx = ossl_provider_ctx(EVP_CIPHER_provider(cipher)); + return cipher->settable_ctx_params(NULL, provctx); } return NULL; } const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher) { - void *alg; + void *provctx; if (cipher != NULL && cipher->gettable_ctx_params != NULL) { - alg = ossl_provider_ctx(EVP_CIPHER_provider(cipher)); - return cipher->gettable_ctx_params(NULL, alg); + provctx = ossl_provider_ctx(EVP_CIPHER_provider(cipher)); + return cipher->gettable_ctx_params(NULL, provctx); } return NULL; } @@ -1283,18 +1283,18 @@ const OSSL_PARAM *EVP_CIPHER_CTX_settable_params(EVP_CIPHER_CTX *cctx) if (cctx != NULL && cctx->cipher->settable_ctx_params != NULL) { alg = ossl_provider_ctx(EVP_CIPHER_provider(cctx->cipher)); - return cctx->cipher->settable_ctx_params(cctx->provctx, alg); + return cctx->cipher->settable_ctx_params(cctx->algctx, alg); } return NULL; } const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(EVP_CIPHER_CTX *cctx) { - void *alg; + void *provctx; if (cctx != NULL && cctx->cipher->gettable_ctx_params != NULL) { - alg = ossl_provider_ctx(EVP_CIPHER_provider(cctx->cipher)); - return cctx->cipher->gettable_ctx_params(cctx->provctx, alg); + provctx = ossl_provider_ctx(EVP_CIPHER_provider(cctx->cipher)); + return cctx->cipher->gettable_ctx_params(cctx->algctx, provctx); } return NULL; } @@ -1351,15 +1351,15 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) EVP_CIPHER_CTX_reset(out); *out = *in; - out->provctx = NULL; + out->algctx = NULL; if (in->fetched_cipher != NULL && !EVP_CIPHER_up_ref(in->fetched_cipher)) { out->fetched_cipher = NULL; return 0; } - out->provctx = in->cipher->dupctx(in->provctx); - if (out->provctx == NULL) { + out->algctx = in->cipher->dupctx(in->algctx); + if (out->algctx == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX); return 0; } diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index 7d40113790..adae97b8f5 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -412,16 +412,16 @@ int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, size_t blocksize = EVP_CIPHER_CTX_block_size(ctx); if (ctx->cipher->ccipher != NULL) - ret = ctx->cipher->ccipher(ctx->provctx, out, &outl, + ret = ctx->cipher->ccipher(ctx->algctx, out, &outl, inl + (blocksize == 1 ? 0 : blocksize), in, (size_t)inl) ? (int)outl : -1; else if (in != NULL) - ret = ctx->cipher->cupdate(ctx->provctx, out, &outl, + ret = ctx->cipher->cupdate(ctx->algctx, out, &outl, inl + (blocksize == 1 ? 0 : blocksize), in, (size_t)inl); else - ret = ctx->cipher->cfinal(ctx->provctx, out, &outl, + ret = ctx->cipher->cfinal(ctx->algctx, out, &outl, blocksize == 1 ? 0 : blocksize); return ret; @@ -505,7 +505,7 @@ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v); - rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); if (rv == EVP_CTRL_RET_UNSUPPORTED) goto legacy; return rv != 0 ? (int)v : -1; @@ -526,7 +526,7 @@ int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx) OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v); - ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); return ret == 1 ? (int)v : 0; } @@ -540,7 +540,7 @@ const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx) params[0] = OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV, (void **)&v, sizeof(ctx->oiv)); - ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); return ok != 0 ? v : NULL; } @@ -557,7 +557,7 @@ const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx) params[0] = OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV, (void **)&v, sizeof(ctx->iv)); - ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); return ok != 0 ? v : NULL; } @@ -571,7 +571,7 @@ unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx) params[0] = OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV, (void **)&v, sizeof(ctx->iv)); - ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); return ok != 0 ? v : NULL; } @@ -583,7 +583,7 @@ int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len) params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len); - return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); } int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len) @@ -592,7 +592,7 @@ int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len) params[0] = OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len); - return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); } unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx) @@ -607,7 +607,7 @@ int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx) OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v); - ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } @@ -619,7 +619,7 @@ int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num) OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n); - ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params); if (ok != 0) ctx->num = (int)n; @@ -638,7 +638,7 @@ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v); - ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params); + ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params); return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED; } diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h index 1490f0df4f..a0f363805c 100644 --- a/crypto/evp/evp_local.h +++ b/crypto/evp/evp_local.h @@ -7,8 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* EVP_MD_CTX related stuff */ - #include <openssl/core_dispatch.h> #include "internal/refcount.h" @@ -27,8 +25,11 @@ struct evp_md_ctx_st { /* Update function: usually copied from EVP_MD */ int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); - /* Provider ctx */ - void *provctx; + /* + * Opaque ctx returned fr |