From 766628d6af53b0519a54c922b32d4d79eb85ee2f Mon Sep 17 00:00:00 2001
From: Neil Horman <nhorman@openssl.org>
Date: Fri, 1 Sep 2023 09:10:35 -0400
Subject: Add dupctx support to aead ciphers

Add dupctx method support to to ciphers implemented with IMPLEMENT_aead_cipher
This includes:
aes-<kbits>-gcm
aria-<kbits>-ccm
aria-<kbits>-gcm

Fixes #21887

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23102)

(cherry picked from commit 879a853a1dc968fb010e5bf17d2e8888acc70742)
---
 providers/implementations/ciphers/cipher_aes_ccm.c   | 20 ++++++++++++++++++++
 providers/implementations/ciphers/cipher_aes_gcm.c   |  9 +++++++++
 providers/implementations/ciphers/cipher_aria_ccm.c  |  9 +++++++++
 providers/implementations/ciphers/cipher_aria_gcm.c  |  9 +++++++++
 .../implementations/include/prov/ciphercommon_aead.h |  5 +++++
 5 files changed, 52 insertions(+)

diff --git a/providers/implementations/ciphers/cipher_aes_ccm.c b/providers/implementations/ciphers/cipher_aes_ccm.c
index bb4b1e1e64..3930f52d60 100644
--- a/providers/implementations/ciphers/cipher_aes_ccm.c
+++ b/providers/implementations/ciphers/cipher_aes_ccm.c
@@ -33,6 +33,26 @@ static void *aes_ccm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aes_ccm_dupctx(void *provctx)
+{
+    PROV_AES_CCM_CTX *ctx = provctx;
+    PROV_AES_CCM_CTX *dupctx = NULL;
+
+    if (ctx == NULL)
+        return NULL;
+    dupctx = OPENSSL_memdup(provctx, sizeof(*ctx));
+    if (dupctx == NULL)
+        return NULL;
+    /*
+     * ossl_cm_initctx, via the ossl_prov_aes_hw_ccm functions assign a
+     * provctx->ccm.ks.ks to the ccm context key so we need to point it to
+     * the memduped copy
+     */
+    dupctx->base.ccm_ctx.key = &dupctx->ccm.ks.ks;
+
+    return dupctx;
+}
+
 static OSSL_FUNC_cipher_freectx_fn aes_ccm_freectx;
 static void aes_ccm_freectx(void *vctx)
 {
diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c
index 0081ca6cd7..0a15693cc1 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm.c
+++ b/providers/implementations/ciphers/cipher_aes_gcm.c
@@ -34,6 +34,15 @@ static void *aes_gcm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aes_gcm_dupctx(void *provctx)
+{
+    PROV_AES_GCM_CTX *ctx = provctx;
+
+    if (ctx == NULL)
+        return NULL;
+    return OPENSSL_memdup(ctx, sizeof(*ctx));
+}
+
 static OSSL_FUNC_cipher_freectx_fn aes_gcm_freectx;
 static void aes_gcm_freectx(void *vctx)
 {
diff --git a/providers/implementations/ciphers/cipher_aria_ccm.c b/providers/implementations/ciphers/cipher_aria_ccm.c
index d6b5517ee0..39a96a6f14 100644
--- a/providers/implementations/ciphers/cipher_aria_ccm.c
+++ b/providers/implementations/ciphers/cipher_aria_ccm.c
@@ -28,6 +28,15 @@ static void *aria_ccm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aria_ccm_dupctx(void *provctx)
+{
+    PROV_ARIA_CCM_CTX *ctx = provctx;
+
+    if (ctx == NULL)
+        return NULL;
+    return OPENSSL_memdup(ctx, sizeof(*ctx));
+}
+
 static void aria_ccm_freectx(void *vctx)
 {
     PROV_ARIA_CCM_CTX *ctx = (PROV_ARIA_CCM_CTX *)vctx;
diff --git a/providers/implementations/ciphers/cipher_aria_gcm.c b/providers/implementations/ciphers/cipher_aria_gcm.c
index b412bd3202..6ffa0910fa 100644
--- a/providers/implementations/ciphers/cipher_aria_gcm.c
+++ b/providers/implementations/ciphers/cipher_aria_gcm.c
@@ -27,6 +27,15 @@ static void *aria_gcm_newctx(void *provctx, size_t keybits)
     return ctx;
 }
 
+static void *aria_gcm_dupctx(void *provctx)
+{
+    PROV_ARIA_GCM_CTX *ctx = provctx;
+
+    if (ctx == NULL)
+        return NULL;
+    return OPENSSL_memdup(ctx, sizeof(*ctx));
+}
+
 static OSSL_FUNC_cipher_freectx_fn aria_gcm_freectx;
 static void aria_gcm_freectx(void *vctx)
 {
diff --git a/providers/implementations/include/prov/ciphercommon_aead.h b/providers/implementations/include/prov/ciphercommon_aead.h
index 1d017175d3..de3dd52ee7 100644
--- a/providers/implementations/include/prov/ciphercommon_aead.h
+++ b/providers/implementations/include/prov/ciphercommon_aead.h
@@ -23,9 +23,14 @@ static void * alg##kbits##lc##_newctx(void *provctx)                           \
 {                                                                              \
     return alg##_##lc##_newctx(provctx, kbits);                                \
 }                                                                              \
+static void * alg##kbits##lc##_dupctx(void *src)                               \
+{                                                                              \
+    return alg##_##lc##_dupctx(src);                                           \
+}                                                                              \
 const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = {                    \
     { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx },      \
     { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx },        \
+    { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))alg##kbits##lc##_dupctx },      \
     { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_##lc##_einit },      \
     { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_##lc##_dinit },      \
     { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_##lc##_stream_update },    \
-- 
cgit v1.2.3