1 /*
2  * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*
11  * DES low level APIs are deprecated for public use, but still ok for internal
12  * use.
13  */
14 #include "internal/deprecated.h"
15 
16 #include <openssl/rand.h>
17 #include <openssl/proverr.h>
18 #include "prov/ciphercommon.h"
19 #include "cipher_tdes.h"
20 #include "prov/implementations.h"
21 #include "prov/providercommon.h"
22 
ossl_tdes_newctx(void * provctx,int mode,size_t kbits,size_t blkbits,size_t ivbits,uint64_t flags,const PROV_CIPHER_HW * hw)23 void *ossl_tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits,
24                        size_t ivbits, uint64_t flags, const PROV_CIPHER_HW *hw)
25 {
26     PROV_TDES_CTX *tctx;
27 
28     if (!ossl_prov_is_running())
29         return NULL;
30 
31     tctx = OPENSSL_zalloc(sizeof(*tctx));
32     if (tctx != NULL)
33         ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags,
34                                     hw, provctx);
35     return tctx;
36 }
37 
ossl_tdes_dupctx(void * ctx)38 void *ossl_tdes_dupctx(void *ctx)
39 {
40     PROV_TDES_CTX *in = (PROV_TDES_CTX *)ctx;
41     PROV_TDES_CTX *ret;
42 
43     if (!ossl_prov_is_running())
44         return NULL;
45 
46     ret = OPENSSL_malloc(sizeof(*ret));
47     if (ret == NULL) {
48         ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
49         return NULL;
50     }
51     in->base.hw->copyctx(&ret->base, &in->base);
52 
53     return ret;
54 }
55 
ossl_tdes_freectx(void * vctx)56 void ossl_tdes_freectx(void *vctx)
57 {
58     PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx;
59 
60     ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
61     OPENSSL_clear_free(ctx,  sizeof(*ctx));
62 }
63 
tdes_init(void * vctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[],int enc)64 static int tdes_init(void *vctx, const unsigned char *key, size_t keylen,
65                      const unsigned char *iv, size_t ivlen,
66                      const OSSL_PARAM params[], int enc)
67 {
68     PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
69 
70     if (!ossl_prov_is_running())
71         return 0;
72 
73     ctx->num = 0;
74     ctx->bufsz = 0;
75     ctx->enc = enc;
76 
77     if (iv != NULL) {
78         if (!ossl_cipher_generic_initiv(ctx, iv, ivlen))
79             return 0;
80     } else if (ctx->iv_set
81                && (ctx->mode == EVP_CIPH_CBC_MODE
82                    || ctx->mode == EVP_CIPH_CFB_MODE
83                    || ctx->mode == EVP_CIPH_OFB_MODE)) {
84         /* reset IV to keep compatibility with 1.1.1 */
85         memcpy(ctx->iv, ctx->oiv, ctx->ivlen);
86     }
87 
88     if (key != NULL) {
89         if (keylen != ctx->keylen) {
90             ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
91             return 0;
92         }
93         if (!ctx->hw->init(ctx, key, ctx->keylen))
94             return 0;
95     }
96     return ossl_cipher_generic_set_ctx_params(ctx, params);
97 }
98 
ossl_tdes_einit(void * vctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[])99 int ossl_tdes_einit(void *vctx, const unsigned char *key, size_t keylen,
100                     const unsigned char *iv, size_t ivlen,
101                     const OSSL_PARAM params[])
102 {
103     return tdes_init(vctx, key, keylen, iv, ivlen, params, 1);
104 }
105 
ossl_tdes_dinit(void * vctx,const unsigned char * key,size_t keylen,const unsigned char * iv,size_t ivlen,const OSSL_PARAM params[])106 int ossl_tdes_dinit(void *vctx, const unsigned char *key, size_t keylen,
107                     const unsigned char *iv, size_t ivlen,
108                     const OSSL_PARAM params[])
109 {
110     return tdes_init(vctx, key, keylen, iv, ivlen, params, 0);
111 }
112 
113 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_tdes)
114     OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
115 CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_tdes)
116 
117 static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
118 {
119 
120     DES_cblock *deskey = ptr;
121     size_t kl = ctx->keylen;
122 
123     if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl, 0) <= 0)
124         return 0;
125     DES_set_odd_parity(deskey);
126     if (kl >= 16)
127         DES_set_odd_parity(deskey + 1);
128     if (kl >= 24) {
129         DES_set_odd_parity(deskey + 2);
130         return 1;
131     }
132     return 0;
133 }
134 
ossl_tdes_get_ctx_params(void * vctx,OSSL_PARAM params[])135 int ossl_tdes_get_ctx_params(void *vctx, OSSL_PARAM params[])
136 {
137     PROV_CIPHER_CTX  *ctx = (PROV_CIPHER_CTX *)vctx;
138     OSSL_PARAM *p;
139 
140     if (!ossl_cipher_generic_get_ctx_params(vctx, params))
141         return 0;
142 
143     p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
144     if (p != NULL && !tdes_generatekey(ctx, p->data)) {
145         ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);
146         return 0;
147     }
148     return 1;
149 }
150