2 * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/evp.h>
12 #include "internal/cryptlib.h"
13 #include "internal/evp_int.h"
15 /* typedef EVP_MAC_IMPL */
16 struct evp_mac_impl_st {
17 EVP_CIPHER *cipher; /* Cache GCM cipher */
18 EVP_CIPHER_CTX *ctx; /* Cipher context */
19 ENGINE *engine; /* Engine implementating the algorithm */
22 static void gmac_free(EVP_MAC_IMPL *gctx)
25 EVP_CIPHER_CTX_free(gctx->ctx);
30 static EVP_MAC_IMPL *gmac_new(void)
34 if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) == NULL
35 || (gctx->ctx = EVP_CIPHER_CTX_new()) == NULL) {
42 static EVP_MAC_IMPL *gmac_dup(const EVP_MAC_IMPL *gsrc)
50 if (!EVP_CIPHER_CTX_copy(gdst->ctx, gsrc->ctx)) {
55 gdst->cipher = gsrc->cipher;
56 gdst->engine = gsrc->engine;
61 static size_t gmac_size(EVP_MAC_IMPL *gctx)
63 return EVP_GCM_TLS_TAG_LEN;
66 static int gmac_init(EVP_MAC_IMPL *gctx)
71 static int gmac_update(EVP_MAC_IMPL *gctx, const unsigned char *data,
74 EVP_CIPHER_CTX *ctx = gctx->ctx;
77 while (datalen > INT_MAX) {
78 if (!EVP_EncryptUpdate(ctx, NULL, &outlen, data, INT_MAX))
83 return EVP_EncryptUpdate(ctx, NULL, &outlen, data, datalen);
86 static int gmac_final(EVP_MAC_IMPL *gctx, unsigned char *out)
90 if (!EVP_EncryptFinal_ex(gctx->ctx, out, &hlen)
91 || !EVP_CIPHER_CTX_ctrl(gctx->ctx, EVP_CTRL_AEAD_GET_TAG,
92 gmac_size(gctx), out))
97 static int gmac_ctrl(EVP_MAC_IMPL *gctx, int cmd, va_list args)
99 const unsigned char *p;
101 EVP_CIPHER_CTX *ctx = gctx->ctx;
102 const EVP_CIPHER *cipher;
106 case EVP_MAC_CTRL_SET_CIPHER:
107 cipher = va_arg(args, const EVP_CIPHER *);
110 if (EVP_CIPHER_mode(cipher) != EVP_CIPH_GCM_MODE) {
111 EVPerr(EVP_F_GMAC_CTRL, EVP_R_CIPHER_NOT_GCM_MODE);
114 return EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL);
116 case EVP_MAC_CTRL_SET_KEY:
117 p = va_arg(args, const unsigned char *);
118 len = va_arg(args, size_t);
119 if (len != (size_t)EVP_CIPHER_CTX_key_length(ctx)) {
120 EVPerr(EVP_F_GMAC_CTRL, EVP_R_INVALID_KEY_LENGTH);
123 return EVP_EncryptInit_ex(ctx, NULL, NULL, p, NULL);
125 case EVP_MAC_CTRL_SET_IV:
126 p = va_arg(args, const unsigned char *);
127 len = va_arg(args, size_t);
128 return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, len, NULL)
129 && EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, p);
131 case EVP_MAC_CTRL_SET_ENGINE:
132 engine = va_arg(args, ENGINE *);
133 return EVP_EncryptInit_ex(ctx, NULL, engine, NULL, NULL);
140 static int gmac_ctrl_int(EVP_MAC_IMPL *gctx, int cmd, ...)
146 rv = gmac_ctrl(gctx, cmd, args);
152 static int gmac_ctrl_str_cb(void *gctx, int cmd, void *buf, size_t buflen)
154 return gmac_ctrl_int(gctx, cmd, buf, buflen);
157 static int gmac_ctrl_str(EVP_MAC_IMPL *gctx, const char *type,
162 if (strcmp(type, "cipher") == 0) {
163 const EVP_CIPHER *c = EVP_get_cipherbyname(value);
167 return gmac_ctrl_int(gctx, EVP_MAC_CTRL_SET_CIPHER, c);
169 if (strcmp(type, "key") == 0)
170 return EVP_str2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_KEY,
172 if (strcmp(type, "hexkey") == 0)
173 return EVP_hex2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_KEY,
175 if (strcmp(type, "iv") == 0)
176 return EVP_str2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_IV,
178 if (strcmp(type, "hexiv") == 0)
179 return EVP_hex2ctrl(gmac_ctrl_str_cb, gctx, EVP_MAC_CTRL_SET_IV,
184 const EVP_MAC gmac_meth = {