aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLibravatar vnugent <public@vaughnnugent.com>2024-11-03 14:03:07 -0500
committerLibravatar vnugent <public@vaughnnugent.com>2024-11-03 14:03:07 -0500
commitdcc65c2cacf2261eb705ff8ac7d1a0263ced79f4 (patch)
treec898c02f7e5b081c64932ce1ab5ebde9b27bdace /src
parent44044eb0fb28b774773e3284fd147c91d59d64e3 (diff)
parente0d30c1d8f407bfef05a9cc36398bb0894a96c39 (diff)
merge develop
Diffstat (limited to 'src')
-rw-r--r--src/nc-util.h42
-rw-r--r--src/providers/openssl-helpers.c388
-rw-r--r--src/providers/openssl.c362
3 files changed, 578 insertions, 214 deletions
diff --git a/src/nc-util.h b/src/nc-util.h
index 36d26de..02228fb 100644
--- a/src/nc-util.h
+++ b/src/nc-util.h
@@ -207,14 +207,22 @@ static _nc_fn_inline span_t ncSpanSlice(span_t span, uint32_t offset, uint32_t s
span_t slice;
DEBUG_ASSERT2(ncSpanIsValid(span), "Expected span to be non-null");
- DEBUG_ASSERT2(offset + size <= span.size, "Expected offset + size to be less than span size")
+ DEBUG_ASSERT2(offset + size <= span.size, "Expected offset + size to be less than span size");
- /* Initialize slice, offset input data by the specified offset */
- ncSpanInit(
- &slice,
- ncSpanGetOffset(span, offset),
- size
- );
+ /* If the size of the sliced span is 0 return an empty span */
+ if (size == 0)
+ {
+ ncSpanInit(&slice, NULL, 0);
+ }
+ else
+ {
+ /* Initialize slice, offset input data by the specified offset */
+ ncSpanInit(
+ &slice,
+ ncSpanGetOffset(span, offset),
+ size
+ );
+ }
return slice;
}
@@ -226,12 +234,20 @@ static _nc_fn_inline cspan_t ncSpanSliceC(cspan_t span, uint32_t offset, uint32_
DEBUG_ASSERT2(ncSpanIsValidC(span), "Expected span to be non-null");
DEBUG_ASSERT2(offset + size <= span.size, "Expected offset + size to be less than span size")
- /* Initialize slice, offset input data by the specified offset */
- ncSpanInitC(
- &slice,
- ncSpanGetOffsetC(span, offset),
- size
- );
+ /* If the size of the sliced span is 0 return an empty span */
+ if (size == 0)
+ {
+ ncSpanInitC(&slice, NULL, 0);
+ }
+ else
+ {
+ /* Initialize slice, offset input data by the specified offset */
+ ncSpanInitC(
+ &slice,
+ ncSpanGetOffsetC(span, offset),
+ size
+ );
+ }
return slice;
}
diff --git a/src/providers/openssl-helpers.c b/src/providers/openssl-helpers.c
new file mode 100644
index 0000000..5369457
--- /dev/null
+++ b/src/providers/openssl-helpers.c
@@ -0,0 +1,388 @@
+/*
+* Copyright (c) 2024 Vaughn Nugent
+*
+* Package: noscrypt
+* File: providers/openssl-helpers.c
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU Lesser General Public License
+* as published by the Free Software Foundation; either version 2.1
+* of the License, or (at your option) any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public License
+* along with noscrypt. If not, see http://www.gnu.org/licenses/.
+*/
+
+
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+
+#define OSSL_SHA256 "SHA2-256"
+#define OSSL_HMAC "hmac"
+#define OSSL_CHACHA20 "ChaCha20"
+
+
+typedef enum {
+
+ EvpStateTypeInvalid,
+
+ EvpStateTypeDigest,
+
+ EvpStateTypeMac,
+
+ EvpStateTypeCipher
+
+} _evp_state_type;
+
+struct ossl_evp_state {
+ void* _context;
+ void* _providerHandle;
+
+ _evp_state_type type;
+
+ cspan_t _prk;
+};
+
+
+_IMPLSTB EVP_MAC_CTX* _osslEvpGetMacContext(const struct ossl_evp_state* state)
+{
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeMac);
+
+ return (EVP_MAC_CTX*)state->_context;
+}
+
+_IMPLSTB EVP_MD_CTX* _osslEvpGetMdContext(const struct ossl_evp_state* state)
+{
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeDigest);
+
+ return (EVP_MD_CTX*)state->_context;
+}
+
+_IMPLSTB EVP_CIPHER_CTX* _osslEvpGetCipherContext(const struct ossl_evp_state* state)
+{
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeCipher);
+
+ return (EVP_CIPHER_CTX*)state->_context;
+}
+
+_IMPLSTB cspan_t _osslEvpGetPrk(const struct ossl_evp_state* state)
+{
+ DEBUG_ASSERT(state != NULL);
+
+ return state->_prk;
+}
+
+_IMPLSTB void _osslEvpSetPrk(struct ossl_evp_state* state, cspan_t prk)
+{
+ DEBUG_ASSERT(state != NULL);
+
+ state->_prk = prk;
+}
+
+_IMPLSTB cstatus_t _osslEvpUpdate(const struct ossl_evp_state* state, cspan_t data)
+{
+ int result;
+
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->_context != NULL);
+
+ result = 0;
+
+ switch (state->type)
+ {
+ case EvpStateTypeDigest:
+ result = EVP_DigestUpdate(
+ _osslEvpGetMdContext(state),
+ ncSpanGetOffsetC(data, 0),
+ ncSpanGetSizeC(data)
+ );
+ break;
+
+ case EvpStateTypeMac:
+ result = EVP_MAC_update(
+ _osslEvpGetMacContext(state),
+ ncSpanGetOffsetC(data, 0),
+ ncSpanGetSizeC(data)
+ );
+ break;
+ /* Cipher is not supported by this api */
+ default:
+ DEBUG_ASSERT2(0, "Called update on an invalid state type");
+ break;
+ }
+
+ return (cstatus_t)(result != 0);
+}
+
+_IMPLSTB cstatus_t _osslEvpCipherUpdate(
+ const struct ossl_evp_state* state,
+ cspan_t input,
+ span_t output,
+ int* bytesConsumed
+)
+{
+ int result;
+
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->_context != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeCipher);
+
+ result = EVP_EncryptUpdate(
+ _osslEvpGetCipherContext(state),
+ ncSpanGetOffset(output, 0),
+ bytesConsumed,
+ ncSpanGetOffsetC(input, 0),
+ ncSpanGetSizeC(input)
+ );
+
+ return (cstatus_t)(result != 0);
+}
+
+_IMPLSTB cstatus_t __digestFinal(const struct ossl_evp_state* state, span_t out)
+{
+ int result;
+ unsigned int mdOut;
+
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeDigest);
+
+ mdOut = ncSpanGetSize(out);
+
+ /* If the output span is empty, nothing to do */
+ if (mdOut == 0)
+ {
+ return CSTATUS_OK;
+ }
+
+ result = EVP_DigestFinal_ex(
+ _osslEvpGetMdContext(state),
+ ncSpanGetOffset(out, 0),
+ &mdOut
+ );
+
+ return (cstatus_t)(result != 0 && mdOut == ncSpanGetSize(out));
+}
+
+_IMPLSTB cstatus_t __macFinal(const struct ossl_evp_state* state, span_t out)
+{
+ int result;
+ size_t macOut;
+
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeMac);
+
+ macOut = ncSpanGetSize(out);
+
+ /* If the output span is empty, nothing to do */
+ if (macOut == 0)
+ {
+ return CSTATUS_OK;
+ }
+
+ result = EVP_MAC_final(
+ _osslEvpGetMacContext(state),
+ ncSpanGetOffset(out, 0),
+ &macOut,
+ macOut
+ );
+
+ return (cstatus_t)(result != 0 && macOut == ncSpanGetSize(out));
+}
+
+_IMPLSTB cstatus_t __cipherFinal(const struct ossl_evp_state* state, span_t out)
+{
+ int result, cipherOut;
+
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeCipher);
+
+ /* guard small integer overflow */
+ if (ncSpanGetSize(out) > INT_MAX)
+ {
+ return CSTATUS_FAIL;
+ }
+
+ cipherOut = (int)ncSpanGetSize(out);
+
+ /* If the output span is empty, nothing to do */
+ if (cipherOut == 0)
+ {
+ return CSTATUS_OK;
+ }
+
+ result = EVP_CipherFinal_ex(
+ _osslEvpGetCipherContext(state),
+ ncSpanGetOffset(out, 0),
+ &cipherOut
+ );
+
+ return (cstatus_t)(result != 0 && cipherOut >= 0 && (uint32_t)cipherOut == ncSpanGetSize(out));
+}
+
+static cstatus_t _osslEvpFinal(const struct ossl_evp_state* state, span_t out)
+{
+ DEBUG_ASSERT(state != NULL);
+
+ switch (state->type)
+ {
+ case EvpStateTypeDigest:
+ return __digestFinal(state, out);
+
+ case EvpStateTypeMac:
+ return __macFinal(state, out);
+
+ case EvpStateTypeCipher:
+ return __cipherFinal(state, out);
+
+ default:
+ break;
+ }
+
+ /*
+ * If the result is non-zero and the hash length is equal to the output
+ * buffer size, return success, otherwise return failure.
+ */
+
+ return CSTATUS_FAIL;
+}
+
+_IMPLSTB cstatus_t _osslEvpMacInit(const struct ossl_evp_state* state, const OSSL_PARAM* params)
+{
+ int result;
+
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(state->type == EvpStateTypeMac);
+ DEBUG_ASSERT(ncSpanIsValidC(state->_prk));
+
+ result = EVP_MAC_init(
+ _osslEvpGetMacContext(state),
+ ncSpanGetOffsetC(state->_prk, 0),
+ ncSpanGetSizeC(state->_prk),
+ params
+ );
+
+ return (cstatus_t)(result != 0);
+}
+
+_IMPLSTB cstatus_t _osslEvpCipherInit(const struct ossl_evp_state* state, cspan_t key, cspan_t iv)
+{
+ int osslResult;
+ const EVP_CIPHER* cipher;
+
+ DEBUG_ASSERT(state != NULL);
+
+ cipher = (const EVP_CIPHER*)state->_providerHandle;
+
+ /*
+ * Sanity check on key and IV sizes for the created
+ * cipher
+ */
+ DEBUG_ASSERT((uint32_t)EVP_CIPHER_get_key_length(cipher) == ncSpanGetSizeC(key));
+ DEBUG_ASSERT((uint32_t)EVP_CIPHER_iv_length(cipher) == ncSpanGetSizeC(iv));
+
+ osslResult = EVP_EncryptInit_ex2(
+ _osslEvpGetCipherContext(state),
+ cipher,
+ ncSpanGetOffsetC(key, 0),
+ ncSpanGetOffsetC(iv, 0),
+ NULL
+ );
+
+ return (cstatus_t)(osslResult != 0);
+}
+
+_IMPLSTB void _osslEvpFree(struct ossl_evp_state* state)
+{
+ DEBUG_ASSERT(state != NULL);
+
+ switch (state->type)
+ {
+ case EvpStateTypeDigest:
+ if (state->_context) EVP_MD_CTX_free(state->_context);
+ if (state->_providerHandle) EVP_MD_free(state->_providerHandle);
+ break;
+ case EvpStateTypeMac:
+ if (state->_context) EVP_MAC_CTX_free(state->_context);
+ if (state->_providerHandle) EVP_MAC_free(state->_providerHandle);
+ break;
+ case EvpStateTypeCipher:
+ if (state->_context) EVP_CIPHER_CTX_free(state->_context);
+ if (state->_providerHandle) EVP_CIPHER_free(state->_providerHandle);
+ break;
+ default:
+ break;
+ }
+}
+
+_IMPLSTB cstatus_t _osslEvpInit(
+ struct ossl_evp_state* state,
+ _evp_state_type type,
+ const char* providerName
+)
+{
+ DEBUG_ASSERT(state != NULL);
+ DEBUG_ASSERT(providerName != NULL);
+
+ state->type = type;
+
+ switch (type)
+ {
+ case EvpStateTypeDigest:
+ state->_providerHandle = EVP_MD_fetch(NULL, providerName, NULL);
+ state->_context = EVP_MD_CTX_new();
+ break;
+ case EvpStateTypeMac:
+
+ state->_providerHandle = EVP_MAC_fetch(NULL, providerName, NULL);
+
+ if (state->_providerHandle)
+ {
+ state->_context = EVP_MAC_CTX_new((EVP_MAC*)(state->_providerHandle));
+ }
+
+ break;
+ case EvpStateTypeCipher:
+ state->_providerHandle = EVP_CIPHER_fetch(NULL, providerName, NULL);
+ state->_context = EVP_CIPHER_CTX_new();
+ break;
+
+ default:
+ return CSTATUS_FAIL;
+ }
+
+ /*
+ * Ensure allocations succeded, otherwise free the context
+ * and return a failure status.
+ */
+ if (state->_providerHandle == NULL || state->_context == NULL)
+ {
+ return CSTATUS_FAIL;
+ }
+
+ /*
+ * If the type is a digest, initialize the digest context
+ */
+ if (type == EvpStateTypeDigest)
+ {
+ if (
+ !EVP_DigestInit_ex(
+ _osslEvpGetMdContext(state),
+ (EVP_MD*)state->_providerHandle,
+ NULL
+ )
+ )
+ {
+ return CSTATUS_FAIL;
+ }
+ }
+
+ return CSTATUS_OK;
+}
diff --git a/src/providers/openssl.c b/src/providers/openssl.c
index c2933fb..925386d 100644
--- a/src/providers/openssl.c
+++ b/src/providers/openssl.c
@@ -22,13 +22,7 @@
/* Setup openssl */
#ifdef OPENSSL_CRYPTO_LIB
-#include <openssl/crypto.h>
-
-#define _OSSL_FAIL(x) if(!(x)) return CSTATUS_FAIL;
-
-#define ossl_md_sha256() EVP_MD_fetch(NULL, "SHA2-256", NULL)
-#define ossl_evp_fetch_chacha20() EVP_CIPHER_fetch(NULL, "ChaCha20", NULL)
-#define ossl_mac_fetch_hmac() EVP_MAC_fetch(NULL, "hmac", NULL)
+#include "openssl-helpers.c"
#ifndef _IMPL_SECURE_ZERO_MEMSET
@@ -63,171 +57,188 @@
#ifndef _IMPL_CRYPTO_SHA256_DIGEST
- #include <openssl/sha.h>
-
#define _IMPL_CRYPTO_SHA256_DIGEST _ossl_sha256_digest
_IMPLSTB cstatus_t _ossl_sha256_digest(cspan_t data, sha256_t digestOut32)
{
- _overflow_check(data.size);
+ cstatus_t result;
+ span_t digestSpan;
+ struct ossl_evp_state evpState;
DEBUG_ASSERT(digestOut32 != NULL);
DEBUG_ASSERT(ncSpanIsValidC(data));
- _OSSL_FAIL(
- SHA256(
- ncSpanGetOffsetC(data, 0),
- ncSpanGetSizeC(data),
- digestOut32
- )
- );
+ result = CSTATUS_FAIL;
+
+ _overflow_check(data.size);
+
+ ncSpanInit(&digestSpan, digestOut32, sizeof(sha256_t));
+
+ /*
+ * Allocate and initalize the context
+ */
+ if (!_osslEvpInit(&evpState, EvpStateTypeDigest, OSSL_SHA256))
+ {
+ goto Cleanup;
+ }
+
+ if (!_osslEvpUpdate(&evpState, data))
+ {
+ goto Cleanup;
+ }
- return CSTATUS_OK;
+ if (!_osslEvpFinal(&evpState, digestSpan))
+ {
+ goto Cleanup;
+ }
+
+ result = CSTATUS_OK;
+
+ Cleanup:
+
+ _osslEvpFree(&evpState);
+
+ return result;
}
#endif
#ifndef _IMPL_CRYPTO_SHA256_HMAC
- #include <openssl/hmac.h>
-
/* Export function */
#define _IMPL_CRYPTO_SHA256_HMAC _ossl_hmac_sha256
_IMPLSTB cstatus_t _ossl_hmac_sha256(cspan_t key, cspan_t data, sha256_t hmacOut32)
{
- unsigned int hmacLen;
+ cstatus_t result;
+ span_t digestSpan;
+ OSSL_PARAM params[2];
+ struct ossl_evp_state evpState;
+
+ result = CSTATUS_FAIL;
_overflow_check(key.size)
_overflow_check(data.size)
- hmacLen = sizeof(sha256_t);
-
- _OSSL_FAIL(
- HMAC(
- ossl_md_sha256(),
- ncSpanGetOffsetC(key, 0),
- ncSpanGetSizeC(key),
- ncSpanGetOffsetC(data, 0),
- ncSpanGetSizeC(data),
- hmacOut32,
- &hmacLen
- )
- );
+ ncSpanInit(&digestSpan, hmacOut32, sizeof(sha256_t));
+
+ /*
+ * Allocate and initalize the context
+ */
+ if (!_osslEvpInit(&evpState, EvpStateTypeMac, OSSL_HMAC))
+ {
+ goto Cleanup;
+ }
+
+ /*
+ * To use HMAC the digest parameters must be set
+ * before the context can be initialized
+ */
+
+ params[0] = OSSL_PARAM_construct_utf8_string("digest", "sha256", 0);
+ params[1] = OSSL_PARAM_construct_end();
+
+ /*
+ * PRK Data must be assigned before the hmac
+ * can be initialized
+ */
+
+ _osslEvpSetPrk(&evpState, key);
+
+ if (!_osslEvpMacInit(&evpState, params))
+ {
+ goto Cleanup;
+ }
+
+ if (!_osslEvpUpdate(&evpState, data))
+ {
+ goto Cleanup;
+ }
+
+ if (!_osslEvpFinal(&evpState, digestSpan))
+ {
+ goto Cleanup;
+ }
- /* digest length should match the actual digest size */
- DEBUG_ASSERT(hmacLen == sizeof(sha256_t));
+ result = CSTATUS_OK;
+
+ Cleanup:
- return CSTATUS_OK;
+ _osslEvpFree(&evpState);
+
+ return result;
}
#endif /* !_IMPL_CRYPTO_SHA256_HMAC */
#ifndef _IMPL_CRYPTO_SHA256_HKDF_EXPAND
-
- #include <openssl/evp.h>
#define _IMPL_CRYPTO_SHA256_HKDF_EXPAND _ossl_sha256_hkdf_expand
- struct ossl_hmac_state {
- EVP_MAC_CTX* libCtx;
+ struct _hkdf_state {
OSSL_PARAM params[2];
- cspan_t prk;
+ struct ossl_evp_state evpState;
};
- static cstatus_t _ossl_hmac_init(const struct ossl_hmac_state* osslCtx)
- {
- DEBUG_ASSERT(ncSpanIsValidC(osslCtx->prk));
- DEBUG_ASSERT(osslCtx->params != NULL);
-
- _OSSL_FAIL(
- EVP_MAC_init(
- osslCtx->libCtx,
- ncSpanGetOffsetC(osslCtx->prk, 0),
- ncSpanGetSizeC(osslCtx->prk),
- osslCtx->params
- )
- );
-
- return CSTATUS_OK;
- }
-
static cstatus_t _ossl_hkdf_update(void* ctx, cspan_t data)
{
- const struct ossl_hmac_state* osslCtx;
+ const struct _hkdf_state* state;
DEBUG_ASSERT(ctx != NULL);
- _overflow_check(data.size);
-
- osslCtx = (const struct ossl_hmac_state*)ctx;
- DEBUG_ASSERT(osslCtx->libCtx != NULL);
+ state = (const struct _hkdf_state*)ctx;
- _OSSL_FAIL(
- EVP_MAC_update(
- osslCtx->libCtx,
- ncSpanGetOffsetC(data, 0),
- ncSpanGetSizeC(data)
- )
+ return _osslEvpUpdate(
+ &state->evpState,
+ data
);
-
- return CSTATUS_OK;
}
static cstatus_t _ossl_hkdf_finish(void* ctx, sha256_t hmacOut32)
{
- const struct ossl_hmac_state* osslCtx;
- size_t hmacSize;
+ span_t hmacSpan;
+ const struct _hkdf_state* state;
DEBUG_ASSERT(ctx != NULL);
DEBUG_ASSERT(hmacOut32 != NULL);
- osslCtx = (const struct ossl_hmac_state*)ctx;
- hmacSize = 0;
-
- DEBUG_ASSERT(osslCtx->libCtx != NULL);
-
- _OSSL_FAIL(
- EVP_MAC_final(
- osslCtx->libCtx,
- hmacOut32,
- &hmacSize,
- sizeof(sha256_t)
- )
- );
+ state = (const struct _hkdf_state*)ctx;
+ ncSpanInit(&hmacSpan, hmacOut32, sizeof(sha256_t));
- /* When configured for sha256, should always be the same size in/out */
- DEBUG_ASSERT(hmacSize == sizeof(sha256_t));
+ if (!_osslEvpFinal(&state->evpState, hmacSpan))
+ {
+ return CSTATUS_FAIL;
+ }
/*
* Context must be re-initalized after finalize
* See lifecycle https://docs.openssl.org/3.0/man7/life_cycle-mac/#copyright
*/
- return _ossl_hmac_init(osslCtx);
+ return _osslEvpMacInit(&state->evpState, state->params);
}
_IMPLSTB cstatus_t _ossl_sha256_hkdf_expand(cspan_t prk, cspan_t info, span_t okm)
{
- EVP_MAC* mac;
cstatus_t result;
- struct ossl_hmac_state hkdfState;
+ struct _hkdf_state state;
struct nc_hkdf_fn_cb_struct handler;
result = CSTATUS_FAIL;
handler.update = _ossl_hkdf_update;
handler.finish = _ossl_hkdf_finish;
-
- _overflow_check(prk.size);
+
_overflow_check(info.size);
_overflow_check(okm.size);
- hkdfState.params[0] = OSSL_PARAM_construct_utf8_string("digest", "sha256", 0);
- hkdfState.params[1] = OSSL_PARAM_construct_end();
-
- hkdfState.prk = prk;
+ /*
+ * PRK Must be set before any call to MacInit
+ *
+ * Params must also be set for sha256 digest for mac
+ */
+ _osslEvpSetPrk(&state.evpState, prk);
/*
* Silly openssl stuff. Enable hmac with sha256 using the system default
@@ -235,34 +246,28 @@
* we need to call update multiple times.
*/
- mac = ossl_mac_fetch_hmac();
-
- if (mac == NULL)
- {
- goto Cleanup;
- }
-
- hkdfState.libCtx = EVP_MAC_CTX_new(mac);
+ state.params[0] = OSSL_PARAM_construct_utf8_string("digest", "sha256", 0);
+ state.params[1] = OSSL_PARAM_construct_end();
- if (hkdfState.libCtx == NULL)
+ if (!_osslEvpInit(&state.evpState, EvpStateTypeMac, OSSL_HMAC))
{
goto Cleanup;
}
- if (_ossl_hmac_init(&hkdfState) != CSTATUS_OK)
+ if (_osslEvpMacInit(&state.evpState, state.params) != CSTATUS_OK)
{
goto Cleanup;
}
- DEBUG_ASSERT(EVP_MAC_CTX_get_mac_size(hkdfState.libCtx) == sizeof(sha256_t));
+ /* Sanity check mac size */
+ DEBUG_ASSERT(EVP_MAC_CTX_get_mac_size(_osslEvpGetMacContext(&state.evpState)) == sizeof(sha256_t));
- /* Pass the library */
- result = hkdfExpandProcess(&handler, &hkdfState, info, okm);
+ /* Pass to the library */
+ result = hkdfExpandProcess(&handler, &state, info, okm);
Cleanup:
-
- if (hkdfState.libCtx) EVP_MAC_CTX_free(hkdfState.libCtx);
- if (mac) EVP_MAC_free(mac);
+
+ _osslEvpFree(&state.evpState);
return result;
}
@@ -271,84 +276,8 @@
#ifndef _IMPL_CHACHA20_CRYPT
- #include <openssl/evp.h>
-
#define _IMPL_CHACHA20_CRYPT _ossl_chacha20_crypt
-
- _IMPLSTB cstatus_t _ossl_cipher_core(
- const EVP_CIPHER* cipher,
- cspan_t key,
- cspan_t iv,
- cspan_t input,
- span_t output
- )
- {
- cstatus_t result;
- EVP_CIPHER_CTX* ctx;
- int tempLen, osslResult;
-
- DEBUG_ASSERT2(ncSpanGetSize(output) <= ncSpanGetSizeC(input), "Output buffer must be equal or larger than the input buffer");
- DEBUG_ASSERT(cipher != NULL);
-
- DEBUG_ASSERT((uint32_t)EVP_CIPHER_get_key_length(cipher) == ncSpanGetSizeC(key));
- DEBUG_ASSERT((uint32_t)EVP_CIPHER_iv_length(cipher) == ncSpanGetSizeC(iv));
-
- result = CSTATUS_FAIL;
-
- ctx = EVP_CIPHER_CTX_new();
-
- if (ctx == NULL)
- {
- goto Cleanup;
- }
-
- osslResult = EVP_EncryptInit_ex2(
- ctx,
- cipher,
- ncSpanGetOffsetC(key, 0),
- ncSpanGetOffsetC(iv, 0),
- NULL
- );
-
- if (!osslResult)
- {
- goto Cleanup;
- }
-
- osslResult = EVP_EncryptUpdate(
- ctx,
- ncSpanGetOffset(output, 0),
- &tempLen,
- ncSpanGetOffsetC(input, 0),
- ncSpanGetSizeC(input)
- );
-
- if (!osslResult)
- {
- goto Cleanup;
- }
-
- /*
- * We can't get a pointer outside the range of the
- * output buffer
- */
- if (((uint32_t)tempLen) < ncSpanGetSize(output))
- {
- if (!EVP_EncryptFinal_ex(ctx, ncSpanGetOffset(output, tempLen), &tempLen))
- {
- goto Cleanup;
- }
- }
-
- result = CSTATUS_OK;
-
- Cleanup:
-
- if (ctx) EVP_CIPHER_CTX_free(ctx);
-
- return result;
- }
-
+
_IMPLSTB cstatus_t _ossl_chacha20_crypt(
const uint8_t* key,
const uint8_t* nonce,
@@ -358,12 +287,23 @@
)
{
cstatus_t result;
- EVP_CIPHER* cipher;
+ struct ossl_evp_state state;
uint8_t chaChaIv[CHACHA_NONCE_SIZE + 4];
cspan_t keySpan, nonceSpan, inputSpan;
span_t outputSpan;
+ int bytesWritten;
result = CSTATUS_FAIL;
+ bytesWritten = 0;
+
+ /*
+ * Alloc and init the cipher state for ChaCha20 in
+ * cipher mode
+ */
+ if (!_osslEvpInit(&state, EvpStateTypeCipher, OSSL_CHACHA20))
+ {
+ goto Cleanup;
+ }
/*
* RFC 7539 ChaCha20 requires a 16 byte initialization vector. A
@@ -381,24 +321,44 @@
ncSpanInitC(&inputSpan, input, dataLen);
ncSpanInit(&outputSpan, output, dataLen);
- cipher = ossl_evp_fetch_chacha20();
+ if (!_osslEvpCipherInit(&state, keySpan, nonceSpan))
+ {
+ goto Cleanup;
+ }
- if (cipher == NULL)
+ if (!_osslEvpCipherUpdate(&state, inputSpan, outputSpan, &bytesWritten))
{
goto Cleanup;
}
+
+ /*
+ * Possible static asser that int size must be 32bit or smaller
+ * so it can be cast safely to uint32
+ */
+ if (bytesWritten < 0 || bytesWritten > INT32_MAX)
+ {
+ goto Cleanup;
+ }
+
+ DEBUG_ASSERT((uint32_t)bytesWritten <= dataLen)
- result = _ossl_cipher_core(
- cipher,
- keySpan,
- nonceSpan,
- inputSpan,
- outputSpan
+ /* shift output span by consumed data amount */
+ outputSpan = ncSpanSlice(
+ outputSpan,
+ (uint32_t)bytesWritten,
+ dataLen - (uint32_t)bytesWritten
);
+ if (!_osslEvpFinal(&state, outputSpan))
+ {
+ goto Cleanup;
+ }
+
+ result = CSTATUS_OK;
+
Cleanup:
- if (cipher) EVP_CIPHER_free(cipher);
+ _osslEvpFree(&state);
return result;
}