1 /*
2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /* Dispatch functions for RC2 cipher modes ecb, cbc, ofb, cfb */
11
12 /*
13 * RC2 low level APIs are deprecated for public use, but still ok for internal
14 * use.
15 */
16 #include "internal/deprecated.h"
17
18 #include <openssl/proverr.h>
19 #include "cipher_rc2.h"
20 #include "prov/implementations.h"
21 #include "prov/providercommon.h"
22
23 #define RC2_40_MAGIC 0xa0
24 #define RC2_64_MAGIC 0x78
25 #define RC2_128_MAGIC 0x3a
26 #define RC2_FLAGS PROV_CIPHER_FLAG_VARIABLE_LENGTH
27
28 static OSSL_FUNC_cipher_encrypt_init_fn rc2_einit;
29 static OSSL_FUNC_cipher_decrypt_init_fn rc2_dinit;
30 static OSSL_FUNC_cipher_freectx_fn rc2_freectx;
31 static OSSL_FUNC_cipher_dupctx_fn rc2_dupctx;
32 static OSSL_FUNC_cipher_gettable_ctx_params_fn rc2_gettable_ctx_params;
33 static OSSL_FUNC_cipher_settable_ctx_params_fn rc2_settable_ctx_params;
34 static OSSL_FUNC_cipher_set_ctx_params_fn rc2_set_ctx_params;
35
rc2_freectx(void * vctx)36 static void rc2_freectx(void *vctx)
37 {
38 PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx;
39
40 ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
41 OPENSSL_clear_free(ctx, sizeof(*ctx));
42 }
43
rc2_dupctx(void * ctx)44 static void *rc2_dupctx(void *ctx)
45 {
46 PROV_RC2_CTX *in = (PROV_RC2_CTX *)ctx;
47 PROV_RC2_CTX *ret;
48
49 if (!ossl_prov_is_running())
50 return NULL;
51
52 ret = OPENSSL_malloc(sizeof(*ret));
53 if (ret == NULL)
54 return NULL;
55 *ret = *in;
56
57 return ret;
58 }
59
rc2_keybits_to_magic(int keybits)60 static int rc2_keybits_to_magic(int keybits)
61 {
62 switch (keybits) {
63 case 128:
64 return RC2_128_MAGIC;
65 case 64:
66 return RC2_64_MAGIC;
67 case 40:
68 return RC2_40_MAGIC;
69 }
70 ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE);
71 return 0;
72 }
73
rc2_magic_to_keybits(int magic)74 static int rc2_magic_to_keybits(int magic)
75 {
76 switch (magic) {
77 case RC2_128_MAGIC:
78 return 128;
79 case RC2_64_MAGIC:
80 return 64;
81 case RC2_40_MAGIC:
82 return 40;
83 }
84 ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_KEY_SIZE);
85 return 0;
86 }
87
rc2_einit(void * ctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[])88 static int rc2_einit(void *ctx, const unsigned char *key, size_t keylen,
89 const unsigned char *iv, size_t ivlen,
90 const OSSL_PARAM params[])
91 {
92 if (!ossl_cipher_generic_einit(ctx, key, keylen, iv, ivlen, NULL))
93 return 0;
94 return rc2_set_ctx_params(ctx, params);
95 }
96
rc2_dinit(void * ctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[])97 static int rc2_dinit(void *ctx, const unsigned char *key, size_t keylen,
98 const unsigned char *iv, size_t ivlen,
99 const OSSL_PARAM params[])
100 {
101 if (!ossl_cipher_generic_dinit(ctx, key, keylen, iv, ivlen, NULL))
102 return 0;
103 return rc2_set_ctx_params(ctx, params);
104 }
105
rc2_get_ctx_params(void * vctx,OSSL_PARAM params[])106 static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[])
107 {
108 PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx;
109 OSSL_PARAM *p, *p1, *p2;
110
111 if (!ossl_cipher_generic_get_ctx_params(vctx, params))
112 return 0;
113 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RC2_KEYBITS);
114 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->key_bits)) {
115 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
116 return 0;
117 }
118 p1 = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS);
119 p2 = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS_OLD);
120 if (p1 != NULL || p2 != NULL) {
121 long num;
122 int i;
123 ASN1_TYPE *type;
124 unsigned char *d1 = (p1 == NULL) ? NULL : p1->data;
125 unsigned char *d2 = (p2 == NULL) ? NULL : p2->data;
126 unsigned char **dd1 = d1 == NULL ? NULL : &d1;
127 unsigned char **dd2 = d2 == NULL ? NULL : &d2;
128
129 if ((p1 != NULL && p1->data_type != OSSL_PARAM_OCTET_STRING)
130 || (p2 != NULL && p2->data_type != OSSL_PARAM_OCTET_STRING)) {
131 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
132 return 0;
133 }
134 if ((type = ASN1_TYPE_new()) == NULL) {
135 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
136 return 0;
137 }
138
139 /* Is this the original IV or the running IV? */
140 num = rc2_keybits_to_magic(ctx->key_bits);
141 if (!ASN1_TYPE_set_int_octetstring(type, num,
142 ctx->base.iv, ctx->base.ivlen)) {
143 ASN1_TYPE_free(type);
144 ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB);
145 return 0;
146 }
147
148 /*
149 * IF the caller has a buffer, we pray to the gods they got the
150 * size right. There's no way to tell the i2d functions...
151 */
152 i = i2d_ASN1_TYPE(type, dd1);
153 if (p1 != NULL && i >= 0)
154 p1->return_size = (size_t)i;
155
156 /*
157 * If the buffers differ, redo the i2d on the second buffer.
158 * Otherwise, just use |i| as computed above
159 */
160 if (d1 != d2)
161 i = i2d_ASN1_TYPE(type, dd2);
162 if (p2 != NULL && i >= 0)
163 p2->return_size = (size_t)i;
164
165 ASN1_TYPE_free(type);
166 if (i < 0) {
167 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
168 return 0;
169 }
170 }
171 return 1;
172 }
173
rc2_set_ctx_params(void * vctx,const OSSL_PARAM params[])174 static int rc2_set_ctx_params(void *vctx, const OSSL_PARAM params[])
175 {
176 PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx;
177 const OSSL_PARAM *p;
178
179 if (params == NULL)
180 return 1;
181
182 if (!ossl_cipher_var_keylen_set_ctx_params(vctx, params))
183 return 0;
184 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_RC2_KEYBITS);
185 if (p != NULL) {
186 if (!OSSL_PARAM_get_size_t(p, &ctx->key_bits)) {
187 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
188 return 0;
189 }
190 }
191 p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS);
192 if (p != NULL) {
193 ASN1_TYPE *type = NULL;
194 long num = 0;
195 const unsigned char *d = p->data;
196 int ret = 1;
197 unsigned char iv[16];
198
199 if (p->data_type != OSSL_PARAM_OCTET_STRING
200 || ctx->base.ivlen > sizeof(iv)
201 || (type = d2i_ASN1_TYPE(NULL, &d, p->data_size)) == NULL
202 || ((size_t)ASN1_TYPE_get_int_octetstring(type, &num, iv,
203 ctx->base.ivlen)
204 != ctx->base.ivlen)
205 || !ossl_cipher_generic_initiv(&ctx->base, iv, ctx->base.ivlen)
206 || (ctx->key_bits = rc2_magic_to_keybits(num)) == 0) {
207 ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
208 ret = 0;
209 }
210 ASN1_TYPE_free(type);
211 if (ret == 0)
212 return 0;
213 /*
214 * This code assumes that the caller will call
215 * EVP_CipherInit_ex() with a non NULL key in order to setup a key that
216 * uses the keylen and keybits that were set here.
217 */
218 ctx->base.keylen = ctx->key_bits / 8;
219 }
220 return 1;
221 }
222
223 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(rc2)
224 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL),
225 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0),
226 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(rc2)
227
228 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(rc2)
229 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
230 OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_RC2_KEYBITS, NULL),
231 OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS, NULL, 0),
232 CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc2)
233
234 #define IMPLEMENT_cipher(alg, UCALG, lcmode, UCMODE, flags, kbits, blkbits, \
235 ivbits, typ) \
236 static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \
237 static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \
238 { \
239 return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \
240 flags, kbits, blkbits, ivbits); \
241 } \
242 static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \
243 static void *alg##_##kbits##_##lcmode##_newctx(void *provctx) \
244 { \
245 PROV_##UCALG##_CTX *ctx; \
246 if (!ossl_prov_is_running()) \
247 return NULL; \
248 ctx = OPENSSL_zalloc(sizeof(*ctx)); \
249 if (ctx != NULL) { \
250 ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \
251 EVP_CIPH_##UCMODE##_MODE, flags, \
252 ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \
253 NULL); \
254 ctx->key_bits = kbits; \
255 } \
256 return ctx; \
257 } \
258 const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \
259 { OSSL_FUNC_CIPHER_NEWCTX, \
260 (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \
261 { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \
262 { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \
263 { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))rc2_einit }, \
264 { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))rc2_dinit }, \
265 { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\
266 { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \
267 { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \
268 { OSSL_FUNC_CIPHER_GET_PARAMS, \
269 (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \
270 { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
271 (void (*)(void))ossl_cipher_generic_gettable_params }, \
272 { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
273 (void (*)(void))rc2_get_ctx_params }, \
274 { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
275 (void (*)(void))rc2_gettable_ctx_params }, \
276 { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
277 (void (*)(void))rc2_set_ctx_params }, \
278 { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
279 (void (*)(void))rc2_settable_ctx_params }, \
280 OSSL_DISPATCH_END \
281 };
282
283 /* ossl_rc2128ecb_functions */
284 IMPLEMENT_cipher(rc2, RC2, ecb, ECB, RC2_FLAGS, 128, 64, 0, block)
285 /* ossl_rc2128cbc_functions */
286 IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 128, 64, 64, block)
287 /* ossl_rc240cbc_functions */
288 IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 40, 64, 64, block)
289 /* ossl_rc264cbc_functions */
290 IMPLEMENT_cipher(rc2, RC2, cbc, CBC, RC2_FLAGS, 64, 64, 64, block)
291
292 /* ossl_rc2128ofb128_functions */
293 IMPLEMENT_cipher(rc2, RC2, ofb128, OFB, RC2_FLAGS, 128, 8, 64, stream)
294 /* ossl_rc2128cfb128_functions */
295 IMPLEMENT_cipher(rc2, RC2, cfb128, CFB, RC2_FLAGS, 128, 8, 64, stream)
296
