| 1 | /*
|
|---|
| 2 | * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 3 | *
|
|---|
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 5 | * this file except in compliance with the License. You can obtain a copy
|
|---|
| 6 | * in the file LICENSE in the source distribution or at
|
|---|
| 7 | * https://www.openssl.org/source/license.html
|
|---|
| 8 | */
|
|---|
| 9 |
|
|---|
| 10 | /*
|
|---|
| 11 | * DES low level APIs are deprecated for public use, but still ok for internal
|
|---|
| 12 | * use.
|
|---|
| 13 | */
|
|---|
| 14 | #include "internal/deprecated.h"
|
|---|
| 15 |
|
|---|
| 16 | #include <openssl/rand.h>
|
|---|
| 17 | #include <openssl/proverr.h>
|
|---|
| 18 | #include "prov/ciphercommon.h"
|
|---|
| 19 | #include "cipher_tdes.h"
|
|---|
| 20 | #include "prov/implementations.h"
|
|---|
| 21 | #include "prov/providercommon.h"
|
|---|
| 22 |
|
|---|
| 23 | void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits,
|
|---|
| 24 | size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw)
|
|---|
| 25 | {
|
|---|
| 26 | PROV_TDES_CTX *tctx;
|
|---|
| 27 |
|
|---|
| 28 | if (!ossl_prov_is_running())
|
|---|
| 29 | return NULL;
|
|---|
| 30 |
|
|---|
| 31 | tctx = OPENSSL_zalloc(sizeof(*tctx));
|
|---|
| 32 | if (tctx != NULL)
|
|---|
| 33 | ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags,
|
|---|
| 34 | hw, provctx);
|
|---|
| 35 | return tctx;
|
|---|
| 36 | }
|
|---|
| 37 |
|
|---|
| 38 | void *ossl_tdes_dupctx(void *ctx)
|
|---|
| 39 | {
|
|---|
| 40 | PROV_TDES_CTX *in = (PROV_TDES_CTX *)ctx;
|
|---|
| 41 | PROV_TDES_CTX *ret;
|
|---|
| 42 |
|
|---|
| 43 | if (!ossl_prov_is_running())
|
|---|
| 44 | return NULL;
|
|---|
| 45 |
|
|---|
| 46 | ret = OPENSSL_malloc(sizeof(*ret));
|
|---|
| 47 | if (ret == NULL) {
|
|---|
| 48 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
|
|---|
| 49 | return NULL;
|
|---|
| 50 | }
|
|---|
| 51 | in->base.hw->copyctx(&ret->base, &in->base);
|
|---|
| 52 |
|
|---|
| 53 | return ret;
|
|---|
| 54 | }
|
|---|
| 55 |
|
|---|
| 56 | void ossl_tdes_freectx(void *vctx)
|
|---|
| 57 | {
|
|---|
| 58 | PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx;
|
|---|
| 59 |
|
|---|
| 60 | ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
|
|---|
| 61 | OPENSSL_clear_free(ctx, sizeof(*ctx));
|
|---|
| 62 | }
|
|---|
| 63 |
|
|---|
| 64 | static int tdes_init(void *vctx, const unsigned char *key, size_t keylen,
|
|---|
| 65 | const unsigned char *iv, size_t ivlen,
|
|---|
| 66 | const OSSL_PARAM params[], int enc)
|
|---|
| 67 | {
|
|---|
| 68 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
|---|
| 69 |
|
|---|
| 70 | if (!ossl_prov_is_running())
|
|---|
| 71 | return 0;
|
|---|
| 72 |
|
|---|
| 73 | ctx->num = 0;
|
|---|
| 74 | ctx->bufsz = 0;
|
|---|
| 75 | ctx->enc = enc;
|
|---|
| 76 |
|
|---|
| 77 | if (iv != NULL) {
|
|---|
| 78 | if (!ossl_cipher_generic_initiv(ctx, iv, ivlen))
|
|---|
| 79 | return 0;
|
|---|
| 80 | } else if (ctx->iv_set
|
|---|
| 81 | && (ctx->mode == EVP_CIPH_CBC_MODE
|
|---|
| 82 | || ctx->mode == EVP_CIPH_CFB_MODE
|
|---|
| 83 | || ctx->mode == EVP_CIPH_OFB_MODE)) {
|
|---|
| 84 | /* reset IV to keep compatibility with 1.1.1 */
|
|---|
| 85 | memcpy(ctx->iv, ctx->oiv, ctx->ivlen);
|
|---|
| 86 | }
|
|---|
| 87 |
|
|---|
| 88 | if (key != NULL) {
|
|---|
| 89 | if (keylen != ctx->keylen) {
|
|---|
| 90 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
|
|---|
| 91 | return 0;
|
|---|
| 92 | }
|
|---|
| 93 | if (!ctx->hw->init(ctx, key, ctx->keylen))
|
|---|
| 94 | return 0;
|
|---|
| 95 | ctx->key_set = 1;
|
|---|
| 96 | }
|
|---|
| 97 | return ossl_cipher_generic_set_ctx_params(ctx, params);
|
|---|
| 98 | }
|
|---|
| 99 |
|
|---|
| 100 | int ossl_tdes_einit(void *vctx, const unsigned char *key, size_t keylen,
|
|---|
| 101 | const unsigned char *iv, size_t ivlen,
|
|---|
| 102 | const OSSL_PARAM params[])
|
|---|
| 103 | {
|
|---|
| 104 | return tdes_init(vctx, key, keylen, iv, ivlen, params, 1);
|
|---|
| 105 | }
|
|---|
| 106 |
|
|---|
| 107 | int ossl_tdes_dinit(void *vctx, const unsigned char *key, size_t keylen,
|
|---|
| 108 | const unsigned char *iv, size_t ivlen,
|
|---|
| 109 | const OSSL_PARAM params[])
|
|---|
| 110 | {
|
|---|
| 111 | return tdes_init(vctx, key, keylen, iv, ivlen, params, 0);
|
|---|
| 112 | }
|
|---|
| 113 |
|
|---|
| 114 | CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_tdes)
|
|---|
| 115 | OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
|
|---|
| 116 | CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes)
|
|---|
| 117 |
|
|---|
| 118 | static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
|
|---|
| 119 | {
|
|---|
| 120 |
|
|---|
| 121 | DES_cblock *deskey = ptr;
|
|---|
| 122 | size_t kl = ctx->keylen;
|
|---|
| 123 |
|
|---|
| 124 | if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl, 0) <= 0)
|
|---|
| 125 | return 0;
|
|---|
| 126 | DES_set_odd_parity(deskey);
|
|---|
| 127 | if (kl >= 16) {
|
|---|
| 128 | DES_set_odd_parity(deskey + 1);
|
|---|
| 129 | if (kl >= 24)
|
|---|
| 130 | DES_set_odd_parity(deskey + 2);
|
|---|
| 131 | }
|
|---|
| 132 | return 1;
|
|---|
| 133 | }
|
|---|
| 134 |
|
|---|
| 135 | int ossl_tdes_get_ctx_params(void *vctx, OSSL_PARAM params[])
|
|---|
| 136 | {
|
|---|
| 137 | PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
|
|---|
| 138 | OSSL_PARAM *p;
|
|---|
| 139 |
|
|---|
| 140 | if (!ossl_cipher_generic_get_ctx_params(vctx, params))
|
|---|
| 141 | return 0;
|
|---|
| 142 |
|
|---|
| 143 | p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
|
|---|
| 144 | if (p != NULL && !tdes_generatekey(ctx, p->data)) {
|
|---|
| 145 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);
|
|---|
| 146 | return 0;
|
|---|
| 147 | }
|
|---|
| 148 | return 1;
|
|---|
| 149 | }
|
|---|
