diff options
64 files changed, 1644 insertions, 570 deletions
diff --git a/crypto/blake2/blake2b_mac.c b/crypto/blake2/blake2b_mac.c index 71b8517885..b38e9b8d27 100644 --- a/crypto/blake2/blake2b_mac.c +++ b/crypto/blake2/blake2b_mac.c @@ -10,7 +10,7 @@ #ifndef OPENSSL_NO_BLAKE2 # include <openssl/evp.h> -# include "blake2_locl.h" +# include "internal/blake2.h" # include "internal/cryptlib.h" # include "internal/evp_int.h" @@ -26,7 +26,7 @@ static EVP_MAC_IMPL *blake2b_mac_new(void) EVP_MAC_IMPL *macctx = OPENSSL_zalloc(sizeof(*macctx)); if (macctx != NULL) { blake2b_param_init(&macctx->params); - /* ctx initialization is deferred to BLAKE2b_Init() */ + /* ctx initialization is deferred to blake2b_init() */ } return macctx; } @@ -53,18 +53,18 @@ static int blake2b_mac_init(EVP_MAC_IMPL *macctx) return 0; } - return BLAKE2b_Init_key(&macctx->ctx, &macctx->params, macctx->key); + return blake2b_init_key(&macctx->ctx, &macctx->params, macctx->key); } static int blake2b_mac_update(EVP_MAC_IMPL *macctx, const unsigned char *data, size_t datalen) { - return BLAKE2b_Update(&macctx->ctx, data, datalen); + return blake2b_update(&macctx->ctx, data, datalen); } static int blake2b_mac_final(EVP_MAC_IMPL *macctx, unsigned char *out) { - return BLAKE2b_Final(out, &macctx->ctx); + return blake2b_final(out, &macctx->ctx); } /* diff --git a/crypto/blake2/blake2s_mac.c b/crypto/blake2/blake2s_mac.c index d40778cb12..04dbf4e027 100644 --- a/crypto/blake2/blake2s_mac.c +++ b/crypto/blake2/blake2s_mac.c @@ -10,7 +10,7 @@ #ifndef OPENSSL_NO_BLAKE2 # include <openssl/evp.h> -# include "blake2_locl.h" +# include "internal/blake2.h" # include "internal/cryptlib.h" # include "internal/evp_int.h" @@ -53,18 +53,18 @@ static int blake2s_mac_init(EVP_MAC_IMPL *macctx) return 0; } - return BLAKE2s_Init_key(&macctx->ctx, &macctx->params, macctx->key); + return blake2s_init_key(&macctx->ctx, &macctx->params, macctx->key); } static int blake2s_mac_update(EVP_MAC_IMPL *macctx, const unsigned char *data, size_t datalen) { - return BLAKE2s_Update(&macctx->ctx, data, datalen); + return blake2s_update(&macctx->ctx, data, datalen); } static int blake2s_mac_final(EVP_MAC_IMPL *macctx, unsigned char *out) { - return BLAKE2s_Final(out, &macctx->ctx); + return blake2s_final(out, &macctx->ctx); } /* diff --git a/crypto/blake2/build.info b/crypto/blake2/build.info index ab72ef2aca..f02bf9a6fa 100644 --- a/crypto/blake2/build.info +++ b/crypto/blake2/build.info @@ -1,3 +1,3 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ - blake2b.c blake2s.c blake2b_mac.c blake2s_mac.c m_blake2b.c m_blake2s.c + blake2b_mac.c blake2s_mac.c m_blake2b.c m_blake2s.c diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c index 2fb80f8b4e..b429d2d7f2 100644 --- a/crypto/blake2/m_blake2b.c +++ b/crypto/blake2/m_blake2b.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,37 +7,26 @@ * https://www.openssl.org/source/license.html */ -/* - * Derived from the BLAKE2 reference implementation written by Samuel Neves. - * Copyright 2012, Samuel Neves <sneves@dei.uc.pt> - * More information about the BLAKE2 hash function and its implementations - * can be found at https://blake2.net. - */ - -#include "internal/cryptlib.h" - #ifndef OPENSSL_NO_BLAKE2 -# include <openssl/evp.h> -# include <openssl/objects.h> -# include "blake2_locl.h" +# include <stddef.h> +# include <openssl/obj_mac.h> # include "internal/evp_int.h" +# include "internal/blake2.h" static int init(EVP_MD_CTX *ctx) { - BLAKE2B_PARAM P; - blake2b_param_init(&P); - return BLAKE2b_Init(EVP_MD_CTX_md_data(ctx), &P); + return blake2b512_init(EVP_MD_CTX_md_data(ctx)); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return BLAKE2b_Update(EVP_MD_CTX_md_data(ctx), data, count); + return blake2b_update(EVP_MD_CTX_md_data(ctx), data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return BLAKE2b_Final(md, EVP_MD_CTX_md_data(ctx)); + return blake2b_final(md, EVP_MD_CTX_md_data(ctx)); } static const EVP_MD blake2b_md = { @@ -58,4 +47,4 @@ const EVP_MD *EVP_blake2b512(void) { return &blake2b_md; } -#endif +#endif /* OPENSSL_NO_BLAKE2 */ diff --git a/crypto/blake2/m_blake2s.c b/crypto/blake2/m_blake2s.c index 8ff172751d..dd4b68fa1c 100644 --- a/crypto/blake2/m_blake2s.c +++ b/crypto/blake2/m_blake2s.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,37 +7,26 @@ * https://www.openssl.org/source/license.html */ -/* - * Derived from the BLAKE2 reference implementation written by Samuel Neves. - * Copyright 2012, Samuel Neves <sneves@dei.uc.pt> - * More information about the BLAKE2 hash function and its implementations - * can be found at https://blake2.net. - */ - -#include "internal/cryptlib.h" - #ifndef OPENSSL_NO_BLAKE2 -# include <openssl/evp.h> -# include <openssl/objects.h> -# include "blake2_locl.h" +# include <stddef.h> +# include <openssl/obj_mac.h> # include "internal/evp_int.h" +# include "internal/blake2.h" static int init(EVP_MD_CTX *ctx) { - BLAKE2S_PARAM P; - blake2s_param_init(&P); - return BLAKE2s_Init(EVP_MD_CTX_md_data(ctx), &P); + return blake2s256_init(EVP_MD_CTX_md_data(ctx)); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { - return BLAKE2s_Update(EVP_MD_CTX_md_data(ctx), data, count); + return blake2s_update(EVP_MD_CTX_md_data(ctx), data, count); } static int final(EVP_MD_CTX *ctx, unsigned char *md) { - return BLAKE2s_Final(md, EVP_MD_CTX_md_data(ctx)); + return blake2s_final(md, EVP_MD_CTX_md_data(ctx)); } static const EVP_MD blake2s_md = { @@ -58,4 +47,4 @@ const EVP_MD *EVP_blake2s256(void) { return &blake2s_md; } -#endif +#endif /* OPENSSL_NO_BLAKE2 */ diff --git a/crypto/core_fetch.c b/crypto/core_fetch.c index 227f920713..a99f092486 100644 --- a/crypto/core_fetch.c +++ b/crypto/core_fetch.c @@ -31,6 +31,9 @@ static int ossl_method_construct_this(OSSL_PROVIDER *provider, void *cbdata) const OSSL_ALGORITHM *map = ossl_provider_query_operation(provider, data->operation_id, &no_store); + if (map == NULL) + return 0; + while (map->algorithm_name != NULL) { const OSSL_ALGORITHM *thismap = map++; void *method = NULL; diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index a1f0154a7f..89cd5c1d00 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,10 +8,12 @@ */ #include <stdio.h> -#include "internal/cryptlib.h" #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/engine.h> +#include <openssl/params.h> +#include <openssl/core_names.h> +#include "internal/cryptlib.h" #include "internal/evp_int.h" #include "internal/provider.h" #include "evp_locl.h" @@ -149,16 +151,6 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) goto legacy; } - if (type->prov == NULL) { - switch(type->type) { - case NID_sha256: - case NID_md2: - break; - default: - goto legacy; - } - } - if (ctx->digest != NULL && ctx->digest->ctx_size > 0) { OPENSSL_clear_free(ctx->md_data, ctx->digest->ctx_size); ctx->md_data = NULL; @@ -184,6 +176,11 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) #endif } + if (ctx->provctx != NULL && ctx->digest != NULL && ctx->digest != type) { + if (ctx->digest->freectx != NULL) + ctx->digest->freectx(ctx->provctx); + ctx->provctx = NULL; + } ctx->digest = type; if (ctx->provctx == NULL) { ctx->provctx = ctx->digest->newctx(ossl_provider_ctx(type->prov)); @@ -334,7 +331,6 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize) } EVP_MD_CTX_reset(ctx); - return ret; /* TODO(3.0): Remove legacy code below */ @@ -354,12 +350,31 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize) int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t size) { int ret = 0; + OSSL_PARAM params[2]; + size_t i = 0; + + if (ctx->digest == NULL || ctx->digest->prov == NULL) + goto legacy; + if (ctx->digest->dfinal == NULL) { + EVPerr(EVP_F_EVP_DIGESTFINALXOF, EVP_R_FINAL_ERROR); + return 0; + } + + params[i++] = OSSL_PARAM_construct_size_t(OSSL_DIGEST_PARAM_XOFLEN, + &size, NULL); + params[i++] = OSSL_PARAM_construct_end(); + + if (EVP_MD_CTX_set_params(ctx, params) > 0) + ret = ctx->digest->dfinal(ctx->provctx, md, &size, size); + EVP_MD_CTX_reset(ctx); + return ret; + +legacy: if (ctx->digest->flags & EVP_MD_FLAG_XOF && size <= INT_MAX && ctx->digest->md_ctrl(ctx, EVP_MD_CTRL_XOF_LEN, (int)size, NULL)) { ret = ctx->digest->final(ctx, md); - if (ctx->digest->cleanup != NULL) { ctx->digest->cleanup(ctx); EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); @@ -506,16 +521,56 @@ int EVP_Digest(const void *data, size_t count, return ret; } +int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]) +{ + if (ctx->digest != NULL && ctx->digest->set_params != NULL) + return ctx->digest->set_params(ctx->provctx, params); + return 0; +} + +int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[]) +{ + if (ctx->digest != NULL && ctx->digest->get_params != NULL) + return ctx->digest->get_params(ctx->provctx, params); + return 0; +} + +#if !OPENSSL_API_3 int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2) { - if (ctx->digest && ctx->digest->md_ctrl) { - int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2); - if (ret <= 0) - return 0; - return 1; + if (ctx->digest != NULL) { + OSSL_PARAM params[2]; + size_t i, sz, n = 0; + + switch (cmd) { + case EVP_MD_CTRL_XOF_LEN: + if (ctx->digest->set_params == NULL) + break; + i = (size_t)p1; + params[n++] = OSSL_PARAM_construct_size_t( + OSSL_DIGEST_PARAM_XOFLEN, &i, &sz); + params[n++] = OSSL_PARAM_construct_end(); + return ctx->digest->set_params(ctx->provctx, params) > 0; + case EVP_MD_CTRL_MICALG: + if (ctx->digest->get_params == NULL) + break; + params[n++] = OSSL_PARAM_construct_utf8_string( + OSSL_DIGEST_PARAM_MICALG, p2, p1 ? p1 : 9999, + &sz); + params[n++] = OSSL_PARAM_construct_end(); + return ctx->digest->get_params(ctx->provctx, params); + } + /* legacy code */ + if (ctx->digest->md_ctrl != NULL) { + int ret = ctx->digest->md_ctrl(ctx, cmd, p1, p2); + if (ret <= 0) + return 0; + return 1; + } } return 0; } +#endif static void *evp_md_from_dispatch(const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov) @@ -530,55 +585,59 @@ static void *evp_md_from_dispatch(const OSSL_DISPATCH *fns, for (; fns->function_id != 0; fns++) { switch (fns->function_id) { case OSSL_FUNC_DIGEST_NEWCTX: - if (md->newctx != NULL) - break; - md->newctx = OSSL_get_OP_digest_newctx(fns); - fncnt++; + if (md->newctx == NULL) { + md->newctx = OSSL_get_OP_digest_newctx(fns); + fncnt++; + } break; case OSSL_FUNC_DIGEST_INIT: - if (md->dinit != NULL) - break; - md->dinit = OSSL_get_OP_digest_init(fns); - fncnt++; + if (md->dinit == NULL) { + md->dinit = OSSL_get_OP_digest_init(fns); + fncnt++; + } break; case OSSL_FUNC_DIGEST_UPDATE: - if (md->dupdate != NULL) - break; - md->dupdate = OSSL_get_OP_digest_update(fns); - fncnt++; + if (md->dupdate == NULL) { + md->dupdate = OSSL_get_OP_digest_update(fns); + fncnt++; + } break; case OSSL_FUNC_DIGEST_FINAL: - if (md->dfinal != NULL) - break; - md->dfinal = OSSL_get_OP_digest_final(fns); - fncnt++; + if (md->dfinal == NULL) { + md->dfinal = OSSL_get_OP_digest_final(fns); + fncnt++; + } break; case OSSL_FUNC_DIGEST_DIGEST: - if (md->digest != NULL) - break; - md->digest = OSSL_get_OP_digest_digest(fns); + if (md->digest == NULL) + md->digest = OSSL_get_OP_digest_digest(fns); /* We don't increment fnct for this as it is stand alone */ break; case OSSL_FUNC_DIGEST_FREECTX: - if (md->freectx != NULL) - break; - md->freectx = OSSL_get_OP_digest_freectx(fns); - fncnt++; + if (md->freectx == NULL) { + md->freectx = OSSL_get_OP_digest_freectx(fns); + fncnt++; + } break; case OSSL_FUNC_DIGEST_DUPCTX: - if (md->dupctx != NULL) - break; - md->dupctx = OSSL_get_OP_digest_dupctx(fns); + if (md->dupctx == NULL) + md->dupctx = OSSL_get_OP_digest_dupctx(fns); break; case OSSL_FUNC_DIGEST_SIZE: - if (md->size != NULL) - break; - md->size = OSSL_get_OP_digest_size(fns); + if (md->size == NULL) + md->size = OSSL_get_OP_digest_size(fns); break; case OSSL_FUNC_DIGEST_BLOCK_SIZE: - if (md->dblock_size != NULL) - break; - md->dblock_size = OSSL_get_OP_digest_block_size(fns); + if (md->dblock_size == NULL) + md->dblock_size = OSSL_get_OP_digest_block_size(fns); + break; + case OSSL_FUNC_DIGEST_SET_PARAMS: + if (md->set_params == NULL) + md->set_params = OSSL_get_OP_digest_set_params(fns); + break; + case OSSL_FUNC_DIGEST_GET_PARAMS: + if (md->get_params == NULL) + md->get_params = OSSL_get_OP_digest_get_params(fns); break; } } diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c index fdd6209bc2..d3b5bcada2 100644 --- a/crypto/evp/evp_fetch.c +++ b/crypto/evp/evp_fetch.c @@ -159,6 +159,7 @@ void *evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id, mcmdata.mcm = &mcm; mcmdata.libctx = libctx; + mcmdata.name = name; mcmdata.method_from_dispatch = new_method; mcmdata.destruct_method = free_method; mcmdata.refcnt_up_method = upref_method; diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c index 425ed47744..af8ae31ec1 100644 --- a/crypto/evp/m_md5_sha1.c +++ b/crypto/evp/m_md5_sha1.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,131 +7,46 @@ * https://www.openssl.org/source/license.html */ -#if !defined(OPENSSL_NO_MD5) +#ifndef OPENSSL_NO_MD5 +# include <string.h> # include <openssl/evp.h> -# include <openssl/objects.h> -# include <openssl/x509.h> -# include <openssl/md5.h> -# include <openssl/sha.h> -# include "internal/cryptlib.h" +# include <openssl/obj_mac.h> # include "internal/evp_int.h" -# include <openssl/rsa.h> - -struct md5_sha1_ctx { - MD5_CTX md5; - SHA_CTX sha1; -}; +# include "internal/md5_sha1.h" static int init(EVP_MD_CTX *ctx) { - struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx); - if (!MD5_Init(&mctx->md5)) - return 0; - return SHA1_Init(&mctx->sha1); + return md5_sha1_init(EVP_MD_CTX_md_data(ctx)); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) { |