root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

aes_cbc_hmac_sha: convert to generated param decoding 

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28616)
This commit is contained in:
Pauli 2025-09-18 16:32:13 +10:00 committed by Tomas Mraz
parent 127430a96f
commit 549acfde9b
2 changed files with 147 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

194
providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c.in
View File

@ -6,6 +6,9 @@
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html * https://www.openssl.org/source/license.html
*/ */
{-
use OpenSSL::paramnames qw(produce_param_decoder);
-}
/* /*
* AES low level APIs are deprecated for public use, but still ok for internal * AES low level APIs are deprecated for public use, but still ok for internal
@ -64,53 +67,55 @@ static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen,
return aes_set_ctx_params(ctx, params); return aes_set_ctx_params(ctx, params);
} }
static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = { {- produce_param_decoder('aes_cbc_hmac_sha_set_ctx_params',
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0), (['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT',
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0), 'maxfrag', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
# if !defined(OPENSSL_NO_MULTIBLOCK) ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD',
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, NULL), 'mb_aad', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, NULL), ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE',
OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL), 'ileave', 'uint', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC, NULL, 0), ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC',
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN, NULL, 0), 'enc', 'octet_string', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ ['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN',
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), 'enc_in', 'octet_string', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
OSSL_PARAM_END ['OSSL_CIPHER_PARAM_AEAD_MAC_KEY', 'key', 'octet_string'],
}; ['OSSL_CIPHER_PARAM_AEAD_TLS1_AAD', 'tlsaad', 'octet_string'],
['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'],
['OSSL_CIPHER_PARAM_TLS_VERSION', 'tlsver', 'uint' ],
)); -}
const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx, const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx,
ossl_unused void *provctx) ossl_unused void *provctx)
{ {
return cipher_aes_known_settable_ctx_params; return aes_cbc_hmac_sha_set_ctx_params_list;
} }
static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{ {
PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
PROV_CIPHER_HW_AES_HMAC_SHA *hw = PROV_CIPHER_HW_AES_HMAC_SHA *hw;
(PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; struct aes_cbc_hmac_sha_set_ctx_params_st p;
const OSSL_PARAM *p;
int ret = 1; int ret = 1;
# if !defined(OPENSSL_NO_MULTIBLOCK) # if !defined(OPENSSL_NO_MULTIBLOCK)
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
# endif # endif
if (ossl_param_is_empty(params)) if (ctx == NULL || !aes_cbc_hmac_sha_set_ctx_params_decoder(params, &p))
return 1; return 0;
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw;
if (p != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING) { if (p.key != NULL) {
if (p.key->data_type != OSSL_PARAM_OCTET_STRING) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
hw->init_mac_key(ctx, p->data, p->data_size); hw->init_mac_key(ctx, p.key->data, p.key->data_size);
} }
# if !defined(OPENSSL_NO_MULTIBLOCK) # if !defined(OPENSSL_NO_MULTIBLOCK)
p = OSSL_PARAM_locate_const(params, if (p.maxfrag != NULL
OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT); && !OSSL_PARAM_get_size_t(p.maxfrag, &ctx->multiblock_max_send_fragment)) {
if (p != NULL
&& !OSSL_PARAM_get_size_t(p, &ctx->multiblock_max_send_fragment)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
@ -123,18 +128,15 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
* ctx->multiblock_interleave * ctx->multiblock_interleave
* ctx->multiblock_aad_packlen * ctx->multiblock_aad_packlen
*/ */
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD); if (p.mb_aad != NULL) {
if (p != NULL) { if (p.mb_aad->data_type != OSSL_PARAM_OCTET_STRING
const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, || p.ileave == NULL
OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); || !OSSL_PARAM_get_uint(p.ileave, &mb_param.interleave)) {
if (p->data_type != OSSL_PARAM_OCTET_STRING
|| p1 == NULL
|| !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
mb_param.inp = p->data; mb_param.inp = p.mb_aad->data;
mb_param.len = p->data_size; mb_param.len = p.mb_aad->data_size;
if (hw->tls1_multiblock_aad(vctx, &mb_param) <= 0) if (hw->tls1_multiblock_aad(vctx, &mb_param) <= 0)
return 0; return 0;
} }
@ -148,44 +150,36 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
* The outputs of tls1_multiblock_encrypt are: * The outputs of tls1_multiblock_encrypt are:
* ctx->multiblock_encrypt_len * ctx->multiblock_encrypt_len
*/ */
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC); if (p.enc != NULL) {
if (p != NULL) { if (p.enc->data_type != OSSL_PARAM_OCTET_STRING
const OSSL_PARAM *p1 = OSSL_PARAM_locate_const(params, || p.enc_in == NULL
OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); || p.enc_in->data_type != OSSL_PARAM_OCTET_STRING
const OSSL_PARAM *pin = OSSL_PARAM_locate_const(params, || p.ileave == NULL
OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN); || !OSSL_PARAM_get_uint(p.ileave, &mb_param.interleave)) {
if (p->data_type != OSSL_PARAM_OCTET_STRING
|| pin == NULL
|| pin->data_type != OSSL_PARAM_OCTET_STRING
|| p1 == NULL
|| !OSSL_PARAM_get_uint(p1, &mb_param.interleave)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
mb_param.out = p->data; mb_param.out = p.enc->data;
mb_param.inp = pin->data; mb_param.inp = p.enc_in->data;
mb_param.len = pin->data_size; mb_param.len = p.enc_in->data_size;
if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0) if (hw->tls1_multiblock_encrypt(vctx, &mb_param) <= 0)
return 0; return 0;
} }
# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD); if (p.tlsaad != NULL) {
if (p != NULL) { if (p.tlsaad->data_type != OSSL_PARAM_OCTET_STRING || p.tlsaad->data_size > INT_MAX) {
if (p->data_type != OSSL_PARAM_OCTET_STRING || p->data_size > INT_MAX) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
if (hw->set_tls1_aad(ctx, p->data, (int)p->data_size) <= 0) if (hw->set_tls1_aad(ctx, p.tlsaad->data, (int)p.tlsaad->data_size) <= 0)
return 0; return 0;
} }
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); if (p.keylen != NULL) {
if (p != NULL) {
size_t keylen; size_t keylen;
if (!OSSL_PARAM_get_size_t(p, &keylen)) { if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
@ -195,9 +189,8 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
} }
} }
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_TLS_VERSION); if (p.tlsver != NULL) {
if (p != NULL) { if (!OSSL_PARAM_get_uint(p.tlsver, &ctx->base.tlsversion)) {
if (!OSSL_PARAM_get_uint(p, &ctx->base.tlsversion)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
@ -217,91 +210,96 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
return ret; return ret;
} }
{- produce_param_decoder('aes_cbc_hmac_sha_get_ctx_params',
(['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE',
'max', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE',
'inter', 'uint', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN',
'packlen', 'uint', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
['OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN',
'enclen', 'size_t', "#if !defined(OPENSSL_NO_MULTIBLOCK)"],
['OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD', 'pad', 'size_t'],
['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'],
['OSSL_CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'],
['OSSL_CIPHER_PARAM_IV', 'iv', 'octet_string'],
['OSSL_CIPHER_PARAM_UPDATED_IV', 'upd_iv', 'octet_string'],
)); -}
static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
{ {
PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx; PROV_AES_HMAC_SHA_CTX *ctx = (PROV_AES_HMAC_SHA_CTX *)vctx;
OSSL_PARAM *p; struct aes_cbc_hmac_sha_get_ctx_params_st p;
if (ctx == NULL || !aes_cbc_hmac_sha_get_ctx_params_decoder(params, &p))
return 0;
# if !defined(OPENSSL_NO_MULTIBLOCK) # if !defined(OPENSSL_NO_MULTIBLOCK)
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE); if (p.max != NULL) {
if (p != NULL) {
PROV_CIPHER_HW_AES_HMAC_SHA *hw = PROV_CIPHER_HW_AES_HMAC_SHA *hw =
(PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw; (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->hw;
size_t len = hw->tls1_multiblock_max_bufsize(ctx); size_t len = hw->tls1_multiblock_max_bufsize(ctx);
if (!OSSL_PARAM_set_size_t(p, len)) { if (!OSSL_PARAM_set_size_t(p.max, len)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE); if (p.inter != NULL
if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_interleave)) { && !OSSL_PARAM_set_uint(p.inter, ctx->multiblock_interleave)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN); if (p.packlen != NULL
if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->multiblock_aad_packlen)) { && !OSSL_PARAM_set_uint(p.packlen, ctx->multiblock_aad_packlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN); if (p.enclen != NULL
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->multiblock_encrypt_len)) { && !OSSL_PARAM_set_size_t(p.enclen, ctx->multiblock_encrypt_len)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */ # endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD); if (p.pad != NULL && !OSSL_PARAM_set_size_t(p.pad, ctx->tls_aad_pad)) {
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tls_aad_pad)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->base.keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { if (p.ivlen != NULL && !OSSL_PARAM_set_size_t(p.ivlen, ctx->base.ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
if (p != NULL if (p.iv != NULL
&& !OSSL_PARAM_set_octet_string_or_ptr(p, ctx->base.oiv, ctx->base.ivlen)) { && !OSSL_PARAM_set_octet_string_or_ptr(p.iv, ctx->base.oiv,
ctx->base.ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV);
if (p != NULL if (p.upd_iv != NULL
&& !OSSL_PARAM_set_octet_string_or_ptr(p, ctx->base.iv, ctx->base.ivlen)) { && !OSSL_PARAM_set_octet_string_or_ptr(p.upd_iv, ctx->base.iv,
ctx->base.ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
return 1; return 1;
} }
static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
# if !defined(OPENSSL_NO_MULTIBLOCK)
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, NULL),
OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, NULL),
OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN, NULL),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, NULL),
# endif /* !defined(OPENSSL_NO_MULTIBLOCK) */
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, NULL),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0),
OSSL_PARAM_END
};
const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx, const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx,
ossl_unused void *provctx) ossl_unused void *provctx)
{ {
return cipher_aes_known_gettable_ctx_params; return aes_cbc_hmac_sha_get_ctx_params_list;
} }
static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx, static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx,

100
providers/implementations/ciphers/cipher_aes_cbc_hmac_sha_etm.c.in
View File

@ -6,6 +6,10 @@
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html * https://www.openssl.org/source/license.html
*/ */
{-
use OpenSSL::paramnames qw(produce_param_decoder);
-}
#include "internal/deprecated.h" #include "internal/deprecated.h"
#include "cipher_aes_cbc_hmac_sha_etm.h" #include "cipher_aes_cbc_hmac_sha_etm.h"
@ -28,30 +32,34 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn aes_settable_ctx_params;
# define aes_final ossl_cipher_generic_stream_final # define aes_final ossl_cipher_generic_stream_final
# define aes_cipher ossl_cipher_generic_cipher # define aes_cipher ossl_cipher_generic_cipher
{- produce_param_decoder('aes_cbc_hmac_sha_etm_set_ctx_params',
(['OSSL_CIPHER_PARAM_AEAD_MAC_KEY', 'key', 'octet_string'],
['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'],
['OSSL_CIPHER_HMAC_PARAM_MAC', 'mac', 'octet_string'],
)); -}
static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{ {
PROV_AES_HMAC_SHA_ETM_CTX *ctx = (PROV_AES_HMAC_SHA_ETM_CTX *)vctx; PROV_AES_HMAC_SHA_ETM_CTX *ctx = (PROV_AES_HMAC_SHA_ETM_CTX *)vctx;
PROV_CIPHER_HW_AES_HMAC_SHA_ETM *hw = PROV_CIPHER_HW_AES_HMAC_SHA_ETM *hw;
(PROV_CIPHER_HW_AES_HMAC_SHA_ETM *)ctx->hw; struct aes_cbc_hmac_sha_etm_set_ctx_params_st p;
const OSSL_PARAM *p;
if (params == NULL) if (ctx == NULL || !aes_cbc_hmac_sha_etm_set_ctx_params_decoder(params, &p))
return 1; return 0;
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_MAC_KEY); hw = (PROV_CIPHER_HW_AES_HMAC_SHA_ETM *)ctx->hw;
if (p != NULL) { if (p.key != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING) { if (p.key->data_type != OSSL_PARAM_OCTET_STRING) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
hw->init_mac_key(ctx, p->data, p->data_size); hw->init_mac_key(ctx, p.key->data, p.key->data_size);
} }
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); if (p.keylen != NULL) {
if (p != NULL) {
size_t keylen; size_t keylen;
if (!OSSL_PARAM_get_size_t(p, &keylen)) { if (!OSSL_PARAM_get_size_t(p.keylen, &keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
@ -61,13 +69,12 @@ static int aes_set_ctx_params(void *vctx, const OSSL_PARAM params[])
} }
} }
p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_HMAC_PARAM_MAC); if (p.mac != NULL) {
if (p != NULL) {
size_t sz; size_t sz;
void *vp; void *vp;
vp = &ctx->exp_tag; vp = &ctx->exp_tag;
if (!OSSL_PARAM_get_octet_string(p, &vp, AES_CBC_MAX_HMAC_SIZE, &sz)) { if (!OSSL_PARAM_get_octet_string(p.mac, &vp, AES_CBC_MAX_HMAC_SIZE, &sz)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
return 0; return 0;
} }
@ -99,39 +106,49 @@ static int aes_dinit(void *ctx, const unsigned char *key, size_t keylen,
return aes_set_ctx_params(ctx, params); return aes_set_ctx_params(ctx, params);
} }
{- produce_param_decoder('aes_cbc_hmac_sha_etm_get_ctx_params',
(['OSSL_CIPHER_PARAM_KEYLEN', 'keylen', 'size_t'],
['OSSL_CIPHER_PARAM_IVLEN', 'ivlen', 'size_t'],
['OSSL_CIPHER_PARAM_IV', 'iv', 'octet_string'],
['OSSL_CIPHER_PARAM_UPDATED_IV', 'upd_iv', 'octet_string'],
['OSSL_CIPHER_HMAC_PARAM_MAC', 'mac', 'octet_string'],
)); -}
static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[]) static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
{ {
PROV_AES_HMAC_SHA_ETM_CTX *ctx = (PROV_AES_HMAC_SHA_ETM_CTX *)vctx; PROV_AES_HMAC_SHA_ETM_CTX *ctx = (PROV_AES_HMAC_SHA_ETM_CTX *)vctx;
OSSL_PARAM *p; struct aes_cbc_hmac_sha_etm_get_ctx_params_st p;
size_t sz; size_t sz;
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); if (ctx == NULL || !aes_cbc_hmac_sha_etm_get_ctx_params_decoder(params, &p))
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { return 0;
if (p.keylen != NULL && !OSSL_PARAM_set_size_t(p.keylen, ctx->base.keylen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN);
if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { if (p.ivlen != NULL && !OSSL_PARAM_set_size_t(p.ivlen, ctx->base.ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV);
if (p != NULL if (p.iv != NULL
&& !OSSL_PARAM_set_octet_string(p, ctx->base.oiv, ctx->base.ivlen) && !OSSL_PARAM_set_octet_string(p.iv, ctx->base.oiv, ctx->base.ivlen)
&& !OSSL_PARAM_set_octet_ptr(p, &ctx->base.oiv, ctx->base.ivlen)) { && !OSSL_PARAM_set_octet_ptr(p.iv, &ctx->base.oiv, ctx->base.ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV);
if (p != NULL if (p.upd_iv != NULL
&& !OSSL_PARAM_set_octet_string(p, ctx->base.iv, ctx->base.ivlen) && !OSSL_PARAM_set_octet_string(p.upd_iv, ctx->base.iv, ctx->base.ivlen)
&& !OSSL_PARAM_set_octet_ptr(p, &ctx->base.iv, ctx->base.ivlen)) { && !OSSL_PARAM_set_octet_ptr(p.upd_iv, &ctx->base.iv, ctx->base.ivlen)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
p = OSSL_PARAM_locate(params, OSSL_CIPHER_HMAC_PARAM_MAC);
if (p != NULL) { if (p.mac != NULL) {
sz = p->data_size; sz = p.mac->data_size;
if (sz == 0 if (sz == 0
|| sz > AES_CBC_MAX_HMAC_SIZE || sz > AES_CBC_MAX_HMAC_SIZE
|| !ctx->base.enc || !ctx->base.enc
@ -139,7 +156,7 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG); ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG);
return 0; return 0;
} }
if (!OSSL_PARAM_set_octet_string(p, ctx->tag, sz)) { if (!OSSL_PARAM_set_octet_string(p.mac, ctx->tag, sz)) {
ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
return 0; return 0;
} }
@ -147,31 +164,16 @@ static int aes_get_ctx_params(void *vctx, OSSL_PARAM params[])
return 1; return 1;
} }
static const OSSL_PARAM cipher_aes_known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_IV, NULL, 0),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, NULL, 0),
OSSL_PARAM_END
};
const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx, const OSSL_PARAM *aes_gettable_ctx_params(ossl_unused void *cctx,
ossl_unused void *provctx) ossl_unused void *provctx)
{ {
return cipher_aes_known_gettable_ctx_params; return aes_cbc_hmac_sha_etm_get_ctx_params_list;
} }
static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = {
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD, NULL, 0),
OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
OSSL_PARAM_END
};
const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx, const OSSL_PARAM *aes_settable_ctx_params(ossl_unused void *cctx,
ossl_unused void *provctx) ossl_unused void *provctx)
{ {
return cipher_aes_known_settable_ctx_params; return aes_cbc_hmac_sha_etm_set_ctx_params_list;
} }
static void base_ctx_init(void *provctx, PROV_AES_HMAC_SHA_ETM_CTX *ctx, static void base_ctx_init(void *provctx, PROV_AES_HMAC_SHA_ETM_CTX *ctx,