Replace provider cipher flags with separate param fields

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13830)

2 files changed, 24 insertions, 18 deletions

diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h
index efc7eb9223..ee35400936 100644
--- a/providers/implementations/include/prov/ciphercommon.h
+++ b/providers/implementations/include/prov/ciphercommon.h
@@ -34,6 +34,15 @@ typedef int (PROV_CIPHER_HW_FN)(PROV_CIPHER_CTX *dat, unsigned char *out,
 /* TODO(3.0): VERIFY ME */
 #define MAX_TLS_MAC_SIZE    48
 
+/* Internal flags that can be queried */
+#define PROV_CIPHER_FLAG_AEAD             0x0001
+#define PROV_CIPHER_FLAG_CUSTOM_IV        0x0002
+#define PROV_CIPHER_FLAG_CTS              0x0004
+#define PROV_CIPHER_FLAG_TLS1_MULTIBLOCK  0x0008
+/* Internal flags that are only used within the provider */
+#define PROV_CIPHER_FLAG_VARIABLE_LENGTH  0x0010
+#define PROV_CIPHER_FLAG_INVERSE_CIPHER   0x0020
+
 struct prov_cipher_ctx_st {
     block128_f block;
     union {
@@ -52,7 +61,9 @@ struct prov_cipher_ctx_st {
     unsigned int enc : 1;    /* Set to 1 for encrypt, or 0 otherwise */
     unsigned int iv_set : 1; /* Set when the iv is copied to the iv/oiv buffers */
     unsigned int updated : 1; /* Set to 1 during update for one shot ciphers */
-
+    unsigned int variable_keylength : 1;
+    unsigned int inverse_cipher : 1; /* set to 1 to use inverse cipher */
+    unsigned int use_bits : 1; /* Set to 0 for cfb1 to use bits instead of bytes */
 
     unsigned int tlsversion; /* If TLS padding is in use the TLS version number */
     unsigned char *tlsmac;   /* tls MAC extracted from the last record */
@@ -73,7 +84,6 @@ struct prov_cipher_ctx_st {
      * manage partial blocks themselves.
      */
     unsigned int num;
-    uint64_t flags;
 
     /* The original value of the iv */
     unsigned char oiv[GENERIC_BLOCK_SIZE];
@@ -110,11 +120,12 @@ OSSL_FUNC_cipher_gettable_ctx_params_fn ossl_cipher_aead_gettable_ctx_params;
 OSSL_FUNC_cipher_settable_ctx_params_fn ossl_cipher_aead_settable_ctx_params;
 
 int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md,
-                              unsigned long flags,
-                              size_t kbits, size_t blkbits, size_t ivbits);
+                                   uint64_t flags,
+                                   size_t kbits, size_t blkbits, size_t ivbits);
 void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits,
-                            size_t ivbits, unsigned int mode, uint64_t flags,
-                            const PROV_CIPHER_HW *hw, void *provctx);
+                                 size_t ivbits, unsigned int mode,
+                                 uint64_t flags,
+                                 const PROV_CIPHER_HW *hw, void *provctx);
 
 #define IMPLEMENT_generic_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits,\
                                       blkbits, ivbits, typ)                    \
diff --git a/providers/implementations/include/prov/ciphercommon_aead.h b/providers/implementations/include/prov/ciphercommon_aead.h
index 47175f7247..63fdb54151 100644
--- a/providers/implementations/include/prov/ciphercommon_aead.h
+++ b/providers/implementations/include/prov/ciphercommon_aead.h
@@ -9,21 +9,16 @@
 
 #define UNINITIALISED_SIZET ((size_t)-1)
 
-/* TODO(3.0) Figure out what flags are really needed */
-#define AEAD_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER           \
-                    | EVP_CIPH_CUSTOM_IV                \
-                    | EVP_CIPH_ALWAYS_CALL_INIT         \
-                    | EVP_CIPH_CTRL_INIT                \
-                    | EVP_CIPH_CUSTOM_COPY)
+#define AEAD_FLAGS (PROV_CIPHER_FLAG_AEAD | PROV_CIPHER_FLAG_CUSTOM_IV)
 
 #define IMPLEMENT_aead_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits)  \
-static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params;         \
+static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params;       \
 static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[])              \
 {                                                                              \
-    return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE,         \
+    return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE,    \
                                      flags, kbits, blkbits, ivbits);           \
 }                                                                              \
-static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx;                       \
+static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx;                     \
 static void * alg##kbits##lc##_newctx(void *provctx)                           \
 {                                                                              \
     return alg##_##lc##_newctx(provctx, kbits);                                \
@@ -43,10 +38,10 @@ const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = {                    \
     { OSSL_FUNC_CIPHER_SET_CTX_PARAMS,                                         \
       (void (*)(void)) lc##_set_ctx_params },                                  \
     { OSSL_FUNC_CIPHER_GETTABLE_PARAMS,                                        \
-      (void (*)(void))ossl_cipher_generic_gettable_params },                        \
+      (void (*)(void))ossl_cipher_generic_gettable_params },                   \
     { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS,                                    \
-      (void (*)(void))ossl_cipher_aead_gettable_ctx_params },                       \
+      (void (*)(void))ossl_cipher_aead_gettable_ctx_params },                  \
     { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS,                                    \
-      (void (*)(void))ossl_cipher_aead_settable_ctx_params },                       \
+      (void (*)(void))ossl_cipher_aead_settable_ctx_params },                  \
     { 0, NULL }                                                                \
 }