1 /*
2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DES low level APIs are deprecated for public use, but still ok for internal
12 * use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <openssl/rand.h>
17 #include <openssl/proverr.h>
18 #include "prov/ciphercommon.h"
19 #include "cipher_tdes.h"
20 #include "prov/implementations.h"
21 #include "prov/providercommon.h"
22
ossl_tdes_newctx(void * provctx,int mode,size_t kbits,size_t blkbits,size_t ivbits,uint64_t flags,const PROV_CIPHER_HW * hw)23 void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits,
24 size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw)
25 {
26 PROV_TDES_CTX *tctx;
27
28 if (!ossl_prov_is_running())
29 return NULL;
30
31 tctx = OPENSSL_zalloc(sizeof(*tctx));
32 if (tctx != NULL)
33 ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags,
34 hw, provctx);
35 return tctx;
36 }
37
ossl_tdes_dupctx(void * ctx)38 void *ossl_tdes_dupctx(void *ctx)
39 {
40 PROV_TDES_CTX *in = (PROV_TDES_CTX *)ctx;
41 PROV_TDES_CTX *ret;
42
43 if (!ossl_prov_is_running())
44 return NULL;
45
46 ret = OPENSSL_malloc(sizeof(*ret));
47 if (ret == NULL) {
48 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
49 return NULL;
50 }
51 in->base.hw->copyctx(&ret->base, &in->base);
52
53 return ret;
54 }
55
ossl_tdes_freectx(void * vctx)56 void ossl_tdes_freectx(void *vctx)
57 {
58 PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx;
59
60 ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
61 OPENSSL_clear_free(ctx, sizeof(*ctx));
62 }
63
tdes_init(void * vctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[],int enc)64 static int tdes_init(void *vctx, const unsigned char *key, size_t keylen,
65 const unsigned char *iv, size_t ivlen,
66 const OSSL_PARAM params[], int enc)
67 {
68 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
69
70 if (!ossl_prov_is_running())
71 return 0;
72
73 ctx->num = 0;
74 ctx->bufsz = 0;
75 ctx->enc = enc;
76
77 if (iv != NULL) {
78 if (!ossl_cipher_generic_initiv(ctx, iv, ivlen))
79 return 0;
80 } else if (ctx->iv_set
81 && (ctx->mode == EVP_CIPH_CBC_MODE
82 || ctx->mode == EVP_CIPH_CFB_MODE
83 || ctx->mode == EVP_CIPH_OFB_MODE)) {
84 /* reset IV to keep compatibility with 1.1.1 */
85 memcpy(ctx->iv, ctx->oiv, ctx->ivlen);
86 }
87
88 if (key != NULL) {
89 if (keylen != ctx->keylen) {
90 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
91 return 0;
92 }
93 if (!ctx->hw->init(ctx, key, ctx->keylen))
94 return 0;
95 }
96 return ossl_cipher_generic_set_ctx_params(ctx, params);
97 }
98
ossl_tdes_einit(void * vctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[])99 int ossl_tdes_einit(void *vctx, const unsigned char *key, size_t keylen,
100 const unsigned char *iv, size_t ivlen,
101 const OSSL_PARAM params[])
102 {
103 return tdes_init(vctx, key, keylen, iv, ivlen, params, 1);
104 }
105
ossl_tdes_dinit(void * vctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[])106 int ossl_tdes_dinit(void *vctx, const unsigned char *key, size_t keylen,
107 const unsigned char *iv, size_t ivlen,
108 const OSSL_PARAM params[])
109 {
110 return tdes_init(vctx, key, keylen, iv, ivlen, params, 0);
111 }
112
113 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_tdes)
114 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
115 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes)
116
117 static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
118 {
119
120 DES_cblock *deskey = ptr;
121 size_t kl = ctx->keylen;
122
123 if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl, 0) <= 0)
124 return 0;
125 DES_set_odd_parity(deskey);
126 if (kl >= 16)
127 DES_set_odd_parity(deskey + 1);
128 if (kl >= 24) {
129 DES_set_odd_parity(deskey + 2);
130 return 1;
131 }
132 return 0;
133 }
134
ossl_tdes_get_ctx_params(void * vctx,OSSL_PARAM params[])135 int ossl_tdes_get_ctx_params(void *vctx, OSSL_PARAM params[])
136 {
137 PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
138 OSSL_PARAM *p;
139
140 if (!ossl_cipher_generic_get_ctx_params(vctx, params))
141 return 0;
142
143 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
144 if (p != NULL && !tdes_generatekey(ctx, p->data)) {
145 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);
146 return 0;
147 }
148 return 1;
149 }
150