From 099cff074d9a0ff67e84a7a28a866ac75040cde0 Mon Sep 17 00:00:00 2001 From: Rajeev Ranjan Date: Mon, 4 Mar 2024 15:42:49 +0100 Subject: [PATCH] remove old code with EVP cipher --- crypto/evp/evp_lib.c | 5 - crypto/objects/obj_dat.h | 14 +- crypto/objects/obj_mac.num | 2 - crypto/objects/obj_xref.h | 2 +- crypto/objects/objects.txt | 2 - doc/man7/EVP_CIPHER-NULL.pod | 60 ++-- fuzz/oids.txt | 2 +- include/openssl/evp.h | 9 +- include/openssl/obj_mac.h | 10 +- providers/defltprov.c | 4 - providers/implementations/ciphers/build.info | 6 - .../implementations/ciphers/cipher_null.c | 2 +- .../ciphers/cipher_null_hmac.c | 336 ------------------ .../ciphers/cipher_null_hmac.h | 53 --- .../ciphers/cipher_null_hmac_hw.c | 90 ----- .../include/prov/ciphercommon.h | 2 +- .../include/prov/implementations.h | 5 +- .../implementations/include/prov/names.h | 2 - ssl/record/methods/tls13_meth.c | 2 +- ssl/s3_lib.c | 4 +- ssl/ssl_ciph.c | 9 +- ssl/ssl_local.h | 12 +- ssl/tls13_enc.c | 13 - test/quicapitest.c | 2 +- test/recipes/30-test_evp.t | 2 - .../30-test_evp_data/evpciph_null_hmac.txt | 104 ------ 26 files changed, 58 insertions(+), 696 deletions(-) delete mode 100644 providers/implementations/ciphers/cipher_null_hmac.c delete mode 100644 providers/implementations/ciphers/cipher_null_hmac.h delete mode 100644 providers/implementations/ciphers/cipher_null_hmac_hw.c diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index ee4fe764600c2..e539a76a78e80 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -330,11 +330,6 @@ int EVP_CIPHER_get_type(const EVP_CIPHER *cipher) return NID_des_cfb64; - case NID_null_hmac_sha256: - return NID_null_hmac_sha256; - case NID_null_hmac_sha384: - return NID_null_hmac_sha384; - default: #ifdef FIPS_MODULE return NID_undef; diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index c14d2f0ec449d..5292db3f0785f 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/obj_dat.pl * - * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at @@ -1184,7 +1184,7 @@ static const unsigned char so[8476] = { 0x55,0x1D,0x4B, /* [ 8472] OBJ_associated_information */ }; -#define NUM_NID 1322 +#define NUM_NID 1320 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2506,11 +2506,9 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"altSignatureAlgorithm", "X509v3 Alternative Signature Algorithm", NID_alt_signature_algorithm, 3, &so[8466]}, {"altSignatureValue", "X509v3 Alternative Signature Value", NID_alt_signature_value, 3, &so[8469]}, {"associatedInformation", "X509v3 Associated Information", NID_associated_information, 3, &so[8472]}, - {"NULL-HMAC-SHA256", "null-hmac-sha256", NID_null_hmac_sha256}, - {"NULL-HMAC-SHA384", "null-hmac-sha384", NID_null_hmac_sha384}, }; -#define NUM_SN 1313 +#define NUM_SN 1311 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2705,8 +2703,6 @@ static const unsigned int sn_objs[NUM_SN] = { 388, /* "Mail" */ 393, /* "NULL" */ 404, /* "NULL" */ - 1320, /* "NULL-HMAC-SHA256" */ - 1321, /* "NULL-HMAC-SHA384" */ 57, /* "Netscape" */ 366, /* "Nonce" */ 17, /* "O" */ @@ -3827,7 +3823,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1289, /* "zstd" */ }; -#define NUM_LN 1313 +#define NUM_LN 1311 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -4780,8 +4776,6 @@ static const unsigned int ln_objs[NUM_LN] = { 1217, /* "modp_8192" */ 481, /* "nSRecord" */ 173, /* "name" */ - 1320, /* "null-hmac-sha256" */ - 1321, /* "null-hmac-sha384" */ 681, /* "onBasis" */ 379, /* "org" */ 1089, /* "organizationIdentifier" */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 98af3a22f25e8..9deaf2a5a94ec 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1317,5 +1317,3 @@ subject_alt_public_key_info 1316 alt_signature_algorithm 1317 alt_signature_value 1318 associated_information 1319 -null_hmac_sha256 1320 -null_hmac_sha384 1321 diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index 01339d9da088d..913606f1754d4 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by objxref.pl * - * Copyright 1998-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2023 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 986d4801b4a91..305b89c016227 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1685,8 +1685,6 @@ sm-scheme 104 10 : SM4-XTS : sm4-xts : AES-256-CBC-HMAC-SHA256 : aes-256-cbc-hmac-sha256 : ChaCha20-Poly1305 : chacha20-poly1305 : ChaCha20 : chacha20 - : NULL-HMAC-SHA256 : null-hmac-sha256 - : NULL-HMAC-SHA384 : null-hmac-sha384 ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH diff --git a/doc/man7/EVP_CIPHER-NULL.pod b/doc/man7/EVP_CIPHER-NULL.pod index dbb767099d13b..44e07dcf1b056 100644 --- a/doc/man7/EVP_CIPHER-NULL.pod +++ b/doc/man7/EVP_CIPHER-NULL.pod @@ -2,55 +2,71 @@ =head1 NAME -EVP_CIPHER-NULL - NULL encryption EVP_CIPHER implementation +EVP_CIPHER-NULL - The NULL EVP_CIPHER implementation =head1 DESCRIPTION -This module provides support for NULL encryption using the B API. -It simply copies the data without any encryption. +Support for a NULL symmetric encryption using the B API. +This is used when the TLS cipher suite is TLS_NULL_WITH_NULL_NULL. +This does no encryption (just copies the data) and has a mac size of zero. -=head2 Algorithm Names +=head2 Algorithm Name -The default provider offers the following algorithms: +The following algorithm is available in the default provider: =over 4 =item "NULL" -=item "NULL-HMAC-SHA256" and "NULL-HMAC-SHA384" - =back =head2 Parameters -The parameters supported by this implementation are detailed in -L. +This implementation supports the following parameters: -=head1 NOTES +=head3 Gettable EVP_CIPHER parameters -"NULL" algorithm is used when the TLS cipher suite is TLS_NULL_WITH_NULL_NULL. -This does no encryption (just copies the data) and has a mac size of zero. -This conforms to RFC 5246 section-6.2.3.1. +See L -"NULL-HMAC-SHA256" and "NULL-HMAC-SHA384" are used when the TLS cipher suite is -TLS_SHA256_SHA256 and TLS_SHA384_SHA384 respectively. -This conforms to RFC 9150. +=head3 Gettable EVP_CIPHER_CTX parameters -=head1 SEE ALSO +=over 4 -L, L +=item "keylen" (B) + +=item "ivlen" (B and ) + +=item "tls-mac" (B) + +=back + +See L for further information. -=head1 HISTORY +=head3 Settable EVP_CIPHER_CTX parameters -The NULL-HMAC-SHA256 and NULL-HMAC-SHA384 ciphers were added in OpenSSL version 3.3. +=over 4 + +=item "tls-mac-size" (B) + +=back + +See L for further information. + +=head1 CONFORMING TO + +RFC 5246 section-6.2.3.1 + +=head1 SEE ALSO + +L, L =head1 COPYRIGHT -Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2023 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at L. -=cut \ No newline at end of file +=cut diff --git a/fuzz/oids.txt b/fuzz/oids.txt index 5d1f66ab4e4a3..bae6272f09591 100644 --- a/fuzz/oids.txt +++ b/fuzz/oids.txt @@ -1,7 +1,7 @@ # WARNING: do not edit! # Generated by fuzz/mkfuzzoids.pl # -# Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 48a8eb2d91422..f70b9d744d63a 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -33,9 +33,9 @@ # define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */ # define EVP_MAX_KEY_LENGTH 64 -# define EVP_MAX_IV_LENGTH 48 /* longest known for TLS_SHA384_SHA384 */ +# define EVP_MAX_IV_LENGTH 16 # define EVP_MAX_BLOCK_LENGTH 32 -# define EVP_MAX_AEAD_TAG_LENGTH 48 /* longest known for TLS_SHA384_SHA384 */ +# define EVP_MAX_AEAD_TAG_LENGTH 16 # define PKCS5_SALT_LEN 8 /* Default PKCS#5 iteration count */ @@ -479,11 +479,6 @@ typedef struct { /* Length of tag for TLS */ # define EVP_CHACHAPOLY_TLS_TAG_LEN 16 -/* Length of HMAC_SHA256 for TLS v1.3 integrity-only */ -# define EVP_HMACSHA256_TLS_TAG_LEN 32 -/* Length of HMAC_SHA384 for TLS v1.3 integrity-only */ -# define EVP_HMACSHA384_TLS_TAG_LEN 48 - typedef struct evp_cipher_info_st { const EVP_CIPHER *cipher; diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index f90eb0ec7dbd4..e1b441b313df4 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -2,7 +2,7 @@ * WARNING: do not edit! * Generated by crypto/objects/objects.pl * - * Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved. * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at @@ -5290,14 +5290,6 @@ #define LN_chacha20 "chacha20" #define NID_chacha20 1019 -#define SN_null_hmac_sha256 "NULL-HMAC-SHA256" -#define LN_null_hmac_sha256 "null-hmac-sha256" -#define NID_null_hmac_sha256 1320 - -#define SN_null_hmac_sha384 "NULL-HMAC-SHA384" -#define LN_null_hmac_sha384 "null-hmac-sha384" -#define NID_null_hmac_sha384 1321 - #define SN_dhpublicnumber "dhpublicnumber" #define LN_dhpublicnumber "X9.42 DH" #define NID_dhpublicnumber 920 diff --git a/providers/defltprov.c b/providers/defltprov.c index 543e89cba16e1..f02e04835ddf0 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -313,10 +313,6 @@ static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = { ALG(PROV_NAMES_ChaCha20_Poly1305, ossl_chacha20_ossl_poly1305_functions), # endif /* OPENSSL_NO_POLY1305 */ #endif /* OPENSSL_NO_CHACHA */ -#ifndef OPENSSL_NO_TLS1_3_INTEGRITY_ONLY_CIPHERS - ALG(PROV_NAMES_NULL_HMAC_SHA256, ossl_null_hmac_sha256_functions), - ALG(PROV_NAMES_NULL_HMAC_SHA384, ossl_null_hmac_sha384_functions), -#endif { { NULL, NULL, NULL }, NULL } }; static OSSL_ALGORITHM exported_ciphers[OSSL_NELEM(deflt_ciphers)]; diff --git a/providers/implementations/ciphers/build.info b/providers/implementations/ciphers/build.info index c7e5c886a92ec..5eb705969f54e 100644 --- a/providers/implementations/ciphers/build.info +++ b/providers/implementations/ciphers/build.info @@ -26,7 +26,6 @@ $CHACHA_GOAL=../../libdefault.a $CHACHAPOLY_GOAL=../../libdefault.a $SIV_GOAL=../../libdefault.a $SIV_GCM_GOAL=../../libdefault.a -$NULL_HMAC_GOAL=../../libdefault.a IF[{- !$disabled{asm} -}] $GHASHDEF_x86=GHASH_ASM @@ -193,8 +192,3 @@ IF[{- !$disabled{chacha} -}] cipher_chacha20_poly1305.c cipher_chacha20_poly1305_hw.c ENDIF ENDIF - -IF[{- !$disabled{tls1_3-integrity-only_ciphers} -}] - SOURCE[$NULL_HMAC_GOAL]=\ - cipher_null_hmac.c cipher_null_hmac_hw.c -ENDIF diff --git a/providers/implementations/ciphers/cipher_null.c b/providers/implementations/ciphers/cipher_null.c index d1e67be1592fe..81f9fa10be473 100644 --- a/providers/implementations/ciphers/cipher_null.c +++ b/providers/implementations/ciphers/cipher_null.c @@ -82,7 +82,7 @@ static int null_cipher(void *vctx, unsigned char *out, size_t *outl, } if (outsize < inl) return 0; - if (in != NULL && out != NULL && in != out) + if (out != NULL && in != out) memcpy(out, in, inl); *outl = inl; return 1; diff --git a/providers/implementations/ciphers/cipher_null_hmac.c b/providers/implementations/ciphers/cipher_null_hmac.c deleted file mode 100644 index 0a35e075d8a9b..0000000000000 --- a/providers/implementations/ciphers/cipher_null_hmac.c +++ /dev/null @@ -1,336 +0,0 @@ -/* - * Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* Dispatch functions for null_hmac cipher */ - -/* - * HMAC low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" - -#include -#include -#include -#include "cipher_null_hmac.h" -#include "prov/implementations.h" -#include "prov/providercommon.h" - -static OSSL_FUNC_cipher_freectx_fn null_hmac_freectx; -static OSSL_FUNC_cipher_dupctx_fn null_hmac_dupctx; -static OSSL_FUNC_cipher_encrypt_init_fn null_hmac_einit; -static OSSL_FUNC_cipher_decrypt_init_fn null_hmac_dinit; -static OSSL_FUNC_cipher_get_ctx_params_fn null_hmac_get_ctx_params; -static OSSL_FUNC_cipher_set_ctx_params_fn null_hmac_set_ctx_params; -static OSSL_FUNC_cipher_cipher_fn null_hmac_cipher; -static OSSL_FUNC_cipher_final_fn null_hmac_final; -static OSSL_FUNC_cipher_gettable_ctx_params_fn null_hmac_gettable_ctx_params; -static OSSL_FUNC_cipher_settable_ctx_params_fn null_hmac_settable_ctx_params; -#define null_hmac_update null_hmac_cipher -#define null_hmac_gettable_params ossl_cipher_generic_gettable_params - -static void null_hmac_freectx(void *vctx) -{ - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)vctx; - - if (ctx != NULL) { - ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); - HMAC_CTX_free(ctx->hmac); - ossl_prov_digest_reset(&ctx->md); - OPENSSL_clear_free(ctx, sizeof(*ctx)); - } -} - -static void *null_hmac_dupctx(void *vctx) -{ - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)vctx, *dupctx; - - if (ctx == NULL) - return NULL; - - dupctx = OPENSSL_memdup(ctx, sizeof(*dupctx)); - if (dupctx == NULL) - return NULL; - - if (!ossl_assert(dupctx->base.tlsmac == NULL)) - goto err; - - if (!ossl_prov_digest_copy(&dupctx->md, &ctx->md)) - goto err; - - if ((dupctx->hmac = HMAC_CTX_new()) == NULL) - goto err; - - if (!HMAC_CTX_copy(dupctx->hmac, ctx->hmac)) - goto err; - - return dupctx; - err: - null_hmac_freectx(dupctx); - return NULL; -} - -static int null_hmac_get_ctx_params(void *vctx, OSSL_PARAM params[]) -{ - OSSL_PARAM *p; - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)vctx; - - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.ivlen)) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); - return 0; - } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->base.keylen)) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); - return 0; - } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); - if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->tag_len)) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); - return 0; - } - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); - return 0; - } - if (!ctx->base.enc || p->data_size != ctx->tag_len) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); - return 0; - } - memcpy(p->data, ctx->tag, p->data_size); - } - - return 1; -} - -static const OSSL_PARAM null_hmac_known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; -const OSSL_PARAM *null_hmac_gettable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) -{ - return null_hmac_known_gettable_ctx_params; -} - -static int null_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[]) -{ - const OSSL_PARAM *p; - size_t len; - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)vctx; - - if (params == NULL) - return 1; - - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); - if (p != NULL) { - if (!OSSL_PARAM_get_size_t(p, &len)) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); - return 0; - } - /* The key length can not be modified */ - if (len != ctx->base.keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); - return 0; - } - } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_IVLEN); - if (p != NULL) { - if (!OSSL_PARAM_get_size_t(p, &len)) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); - return 0; - } - /* The iv length can not be modified */ - if (len != ctx->base.ivlen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); - return 0; - } - } - p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); - if (p != NULL) { - if (p->data_type != OSSL_PARAM_OCTET_STRING) { - ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); - return 0; - } - if (p->data_size != ctx->tag_len) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); - return 0; - } - if (p->data != NULL) { - if (ctx->base.enc) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_NEEDED); - return 0; - } - memcpy(ctx->tag, p->data, p->data_size); - } - } - return 1; -} - -static const OSSL_PARAM null_hmac_known_settable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), - OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_IVLEN, NULL), - OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), - OSSL_PARAM_END -}; -const OSSL_PARAM *null_hmac_settable_ctx_params(ossl_unused void *cctx, - ossl_unused void *provctx) -{ - return null_hmac_known_settable_ctx_params; -} - -static int null_hmac_einit(void *vctx, - const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) -{ - int ret; - - /* The generic function checks for ossl_prov_is_running() */ - ret = ossl_cipher_generic_einit(vctx, key, keylen, iv, ivlen, NULL); - if (ret && iv != NULL) { - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_NULL_HMAC *hw = (PROV_CIPHER_HW_NULL_HMAC *)ctx->hw; - - ret = hw->initiv(ctx, iv, ivlen); - } - if (ret && !null_hmac_set_ctx_params(vctx, params)) - ret = 0; - return ret; -} - -static int null_hmac_dinit(void *vctx, - const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen, - const OSSL_PARAM params[]) -{ - int ret; - - /* The generic function checks for ossl_prov_is_running() */ - ret = ossl_cipher_generic_dinit(vctx, key, keylen, iv, ivlen, NULL); - if (ret && iv != NULL) { - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_NULL_HMAC *hw = (PROV_CIPHER_HW_NULL_HMAC *)ctx->hw; - - hw->initiv(ctx, iv, ivlen); - } - if (ret && !null_hmac_set_ctx_params(vctx, params)) - ret = 0; - return ret; -} - -static int null_hmac_cipher(void *vctx, unsigned char *out, - size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) -{ - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_NULL_HMAC *hw = (PROV_CIPHER_HW_NULL_HMAC *)ctx->hw; - - if (!ossl_prov_is_running()) - return 0; - - if (inl == 0) { - *outl = 0; - return 1; - } - - if (outsize < inl) { - ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); - return 0; - } - - if (!hw->base.cipher(ctx, out, in, inl)) - return 0; - *outl = inl; - return 1; -} - -static int null_hmac_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) -{ - PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; - PROV_CIPHER_HW_NULL_HMAC *hw = (PROV_CIPHER_HW_NULL_HMAC *)ctx->hw; - - if (!ossl_prov_is_running()) - return 0; - - if (!hw->base.cipher(ctx, out, NULL, 0)) - return 0; - - *outl = 0; - return 1; -} - -#define OSSL_DISPATCHALG(num, name) {OSSL_FUNC_CIPHER_##num, \ - (void (*)(void))name} -#define IMPLEMENT_cipher(cmd, CMD, flags, kbits, blkbits, ivbits) \ -static OSSL_FUNC_cipher_get_params_fn null_hmac_##cmd##_get_params; \ -static int null_hmac_##cmd##_get_params(OSSL_PARAM params[]) \ -{ \ - return ossl_cipher_generic_get_params(params, 0, flags, \ - kbits, blkbits, ivbits); \ -} \ - \ -static OSSL_FUNC_cipher_newctx_fn null_hmac_##cmd##_newctx; \ -static void *null_hmac_##cmd##_newctx(void *provctx) \ -{ \ - PROV_NULL_HMAC_CTX *ctx; \ - \ - if (!ossl_prov_is_running()) \ - return NULL; \ - \ - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) \ - return NULL; \ - \ - if ((ctx->hmac = HMAC_CTX_new()) == NULL) { \ - OPENSSL_free(ctx); \ - return NULL; \ - } \ - if (ossl_prov_digest_fetch(&ctx->md, PROV_LIBCTX_OF(provctx), \ - #CMD, NULL) == NULL) { \ - null_hmac_freectx(ctx); \ - return NULL; \ - } \ - ctx->tag_len = NULL_HMAC_##CMD##_TAGLEN; \ - ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, 0, flags, \ - ossl_prov_cipher_hw_null_hmac(kbits), \ - provctx); \ - return ctx; \ -} \ - \ -const OSSL_DISPATCH ossl_null_hmac_##cmd##_functions[] = { \ - OSSL_DISPATCHALG(NEWCTX, null_hmac_##cmd##_newctx), \ - OSSL_DISPATCHALG(FREECTX, null_hmac_freectx), \ - OSSL_DISPATCHALG(DUPCTX, null_hmac_dupctx), \ - OSSL_DISPATCHALG(ENCRYPT_INIT, null_hmac_einit), \ - OSSL_DISPATCHALG(DECRYPT_INIT, null_hmac_dinit), \ - OSSL_DISPATCHALG(UPDATE, null_hmac_update), \ - OSSL_DISPATCHALG(FINAL, null_hmac_final), \ - OSSL_DISPATCHALG(CIPHER, null_hmac_cipher), \ - OSSL_DISPATCHALG(GET_PARAMS, null_hmac_##cmd##_get_params), \ - OSSL_DISPATCHALG(GETTABLE_PARAMS, null_hmac_gettable_params), \ - OSSL_DISPATCHALG(GET_CTX_PARAMS, null_hmac_get_ctx_params), \ - OSSL_DISPATCHALG(GETTABLE_CTX_PARAMS, null_hmac_gettable_ctx_params), \ - OSSL_DISPATCHALG(SET_CTX_PARAMS, null_hmac_set_ctx_params), \ - OSSL_DISPATCHALG(SETTABLE_CTX_PARAMS, null_hmac_settable_ctx_params), \ - OSSL_DISPATCH_END \ -} - -IMPLEMENT_cipher(sha256, SHA256, NULL_HMAC_SHA256_FLAGS, - NULL_HMAC_SHA256_KEYLEN * 8, NULL_HMAC_SHA256_BLKLEN * 8, - NULL_HMAC_SHA256_IVLEN * 8); -IMPLEMENT_cipher(sha384, SHA384, NULL_HMAC_SHA384_FLAGS, - NULL_HMAC_SHA384_KEYLEN * 8, NULL_HMAC_SHA384_BLKLEN * 8, - NULL_HMAC_SHA384_IVLEN * 8); diff --git a/providers/implementations/ciphers/cipher_null_hmac.h b/providers/implementations/ciphers/cipher_null_hmac.h deleted file mode 100644 index 3222886331c48..0000000000000 --- a/providers/implementations/ciphers/cipher_null_hmac.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include "prov/ciphercommon.h" -#include "prov/provider_ctx.h" -#include "prov/implementations.h" -#include "prov/provider_util.h" - -#define NULL_HMAC_SHA256_KEYLEN 32 -#define NULL_HMAC_SHA256_BLKLEN 1 -#define NULL_HMAC_SHA256_TAGLEN 32 -#define NULL_HMAC_SHA256_IVLEN 32 -#define NULL_HMAC_SHA256_MODE 0 -#define NULL_HMAC_SHA256_FLAGS (PROV_CIPHER_FLAG_AEAD \ - | PROV_CIPHER_FLAG_CUSTOM_IV) - -#define NULL_HMAC_SHA384_KEYLEN 48 -#define NULL_HMAC_SHA384_BLKLEN 1 -#define NULL_HMAC_SHA384_TAGLEN 48 -#define NULL_HMAC_SHA384_IVLEN 48 -#define NULL_HMAC_SHA384_MODE 0 -#define NULL_HMAC_SHA384_FLAGS (PROV_CIPHER_FLAG_AEAD \ - | PROV_CIPHER_FLAG_CUSTOM_IV) - -#define NULL_HMAC_MAX_KEYLEN 48 /* NULL_HMAC_SHA384_KEYLEN */ -#define NULL_HMAC_MAX_TAGLEN 48 /* NULL_HMAC_SHA384_TAGLEN */ -#define NULL_HMAC_MAX_IVLEN 48 /* NULL_HMAC_SHA384_IVLEN */ - -typedef struct { - PROV_CIPHER_CTX base; /* must be first */ - HMAC_CTX *hmac; - PROV_DIGEST md; - unsigned char key[NULL_HMAC_MAX_KEYLEN]; /* len is in base.keylen */ - unsigned char tag[NULL_HMAC_MAX_TAGLEN]; - unsigned int tag_len; -} PROV_NULL_HMAC_CTX; - -typedef struct prov_cipher_hw_null_hmac_st { - PROV_CIPHER_HW base; /* must be first */ - int (*initiv)(PROV_CIPHER_CTX *ctx, const unsigned char *iv, size_t ivlen); -} PROV_CIPHER_HW_NULL_HMAC; - -const PROV_CIPHER_HW *ossl_prov_cipher_hw_null_hmac(size_t keybits); - -OSSL_FUNC_cipher_encrypt_init_fn ossl_hmac_sha256_einit; -OSSL_FUNC_cipher_decrypt_init_fn ossl_hmac_sha256_dinit; -void ossl_hmac_sha256_initctx(PROV_NULL_HMAC_CTX *ctx); diff --git a/providers/implementations/ciphers/cipher_null_hmac_hw.c b/providers/implementations/ciphers/cipher_null_hmac_hw.c deleted file mode 100644 index 40dfabced0a6a..0000000000000 --- a/providers/implementations/ciphers/cipher_null_hmac_hw.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright 2023-2024 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* null_hmac cipher implementation */ - -/* - * HMAC low level APIs are deprecated for public use, but still ok for internal - * use. - */ -#include "internal/deprecated.h" -#include -#include -#include "cipher_null_hmac.h" - -static int null_hmac_initkey(PROV_CIPHER_CTX *bctx, const uint8_t *key, - size_t keylen) -{ - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)bctx; - - if (key == NULL || keylen > sizeof(ctx->key)) { - ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); - return 0; - } - - memcpy(ctx->key, key, keylen); - return 1; -} - -static int null_hmac_initiv(PROV_CIPHER_CTX *bctx, - const unsigned char *iv, size_t ivlen) -{ - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)bctx; - - if (iv == NULL || ivlen > NULL_HMAC_MAX_IVLEN) { - ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); - return 0; - } - - if (!HMAC_Init_ex(ctx->hmac, ctx->key, ctx->base.keylen, - ossl_prov_digest_md(&ctx->md), NULL)) - return 0; - - return HMAC_Update(ctx->hmac, iv, ivlen); -} - -static int null_hmac_cipher(PROV_CIPHER_CTX *bctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ - PROV_NULL_HMAC_CTX *ctx = (PROV_NULL_HMAC_CTX *)bctx; - unsigned char ltag[NULL_HMAC_MAX_TAGLEN]; - unsigned int ltag_len = 0; - - if (in != NULL) { - if (!HMAC_Update(ctx->hmac, in, inl)) - return 0; - } else { - if (!HMAC_Final(ctx->hmac, - bctx->enc ? ctx->tag : ltag, - bctx->enc ? &ctx->tag_len : <ag_len)) - return 0; - - if (!bctx->enc) { - if (ltag_len != ctx->tag_len - || CRYPTO_memcmp(ltag, ctx->tag, ctx->tag_len) != 0) - return 0; - } - } - - /* Just copying because we don't encrypt or decrypt */ - if (in != NULL && out != NULL && in != out) - memcpy(out, in, inl); - - return 1; -} - -static const PROV_CIPHER_HW_NULL_HMAC null_hmac_hw = { - { null_hmac_initkey, null_hmac_cipher }, - null_hmac_initiv -}; - -const PROV_CIPHER_HW *ossl_prov_cipher_hw_null_hmac(size_t keybits) -{ - return (PROV_CIPHER_HW *)&null_hmac_hw; -} diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h index 5648eda293273..45002ad594a00 100644 --- a/providers/implementations/include/prov/ciphercommon.h +++ b/providers/implementations/include/prov/ciphercommon.h @@ -21,7 +21,7 @@ # define MAXCHUNK ((size_t)1 << 30) # define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4)) -# define GENERIC_BLOCK_SIZE 48 /* EVP_MAX_AEAD_TAG_LENGTH */ +# define GENERIC_BLOCK_SIZE 16 # define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */ # define IV_STATE_BUFFERED 1 /* iv has been copied to the iv buffer */ # define IV_STATE_COPIED 2 /* iv has been copied from the iv buffer */ diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index 3222b0b61f7a5..80b544c4297ae 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -241,10 +241,7 @@ extern const OSSL_DISPATCH ossl_chacha20_functions[]; extern const OSSL_DISPATCH ossl_chacha20_ossl_poly1305_functions[]; # endif /* OPENSSL_NO_POLY1305 */ #endif /* OPENSSL_NO_CHACHA */ -#ifndef OPENSSL_NO_TLS1_3_INTEGRITY_ONLY_CIPHER -extern const OSSL_DISPATCH ossl_null_hmac_sha256_functions[]; -extern const OSSL_DISPATCH ossl_null_hmac_sha384_functions[]; -#endif + #ifndef OPENSSL_NO_SIV extern const OSSL_DISPATCH ossl_aes128siv_functions[]; diff --git a/providers/implementations/include/prov/names.h b/providers/implementations/include/prov/names.h index ed4eaa21f0993..f0ad4353460d2 100644 --- a/providers/implementations/include/prov/names.h +++ b/providers/implementations/include/prov/names.h @@ -170,8 +170,6 @@ #define PROV_NAMES_SM4_XTS "SM4-XTS:1.2.156.10197.1.104.10" #define PROV_NAMES_ChaCha20 "ChaCha20" #define PROV_NAMES_ChaCha20_Poly1305 "ChaCha20-Poly1305" -#define PROV_NAMES_NULL_HMAC_SHA256 "NULL-HMAC-SHA256" -#define PROV_NAMES_NULL_HMAC_SHA384 "NULL-HMAC-SHA384" #define PROV_NAMES_CAST5_ECB "CAST5-ECB" #define PROV_NAMES_CAST5_CBC "CAST5-CBC:CAST-CBC:CAST:1.2.840.113533.7.66.10" #define PROV_NAMES_CAST5_OFB "CAST5-OFB" diff --git a/ssl/record/methods/tls13_meth.c b/ssl/record/methods/tls13_meth.c index 526927bb78e00..a7b66666800e8 100644 --- a/ssl/record/methods/tls13_meth.c +++ b/ssl/record/methods/tls13_meth.c @@ -91,7 +91,7 @@ static int tls13_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs, size_t macsize) { EVP_CIPHER_CTX *ctx; - unsigned char iv[EVP_MAX_IV_LENGTH], recheader[SSL3_RT_HEADER_LENGTH]; + unsigned char recheader[SSL3_RT_HEADER_LENGTH]; unsigned char tag[EVP_MAX_MD_SIZE]; size_t ivlen, offset, loop, hdrlen, taglen; unsigned char *staticiv; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index ea87224a21b37..01187a8027ba2 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -136,8 +136,8 @@ static SSL_CIPHER tls13_ciphers[] = { TLS1_3_CK_SHA384_SHA384, SSL_kANY, SSL_aANY, - SSL_eNULLHMACSHA384, - SSL_AEAD, + SSL_eNULL, + SSL_SHA384, TLS1_3_VERSION, TLS1_3_VERSION, 0, 0, SSL_NOT_DEFAULT | SSL_STRONG_NONE, diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 3764f1c3bcac0..9566cac56330e 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -55,10 +55,6 @@ static const ssl_cipher_table ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = { {SSL_ARIA256GCM, NID_aria_256_gcm}, /* SSL_ENC_ARIA256GCM_IDX 21 */ {SSL_MAGMA, NID_magma_ctr_acpkm}, /* SSL_ENC_MAGMA_IDX */ {SSL_KUZNYECHIK, NID_kuznyechik_ctr_acpkm}, /* SSL_ENC_KUZNYECHIK_IDX */ - /* SSL_ENC_eNULLHMACSHA256_IDX 24 */ - {SSL_eNULLHMACSHA256, NID_null_hmac_sha256}, - /* SSL_ENC_eNULLHMACSHA384_IDX 25 */ - {SSL_eNULLHMACSHA384, NID_null_hmac_sha384}, }; #define SSL_COMP_NULL_IDX 0 @@ -85,9 +81,8 @@ static const ssl_cipher_table ssl_cipher_table_mac[SSL_MD_NUM_IDX] = { {0, NID_md5_sha1}, /* SSL_MD_MD5_SHA1_IDX 9 */ {0, NID_sha224}, /* SSL_MD_SHA224_IDX 10 */ {0, NID_sha512}, /* SSL_MD_SHA512_IDX 11 */ - {SSL_MAGMAOMAC, NID_magma_mac}, /* sSL_MD_MAGMAOMAC_IDX 12 */ - {SSL_KUZNYECHIKOMAC, NID_kuznyechik_mac}, /* SSL_MD_KUZNYECHIKOMAC_IDX 13 */ - {SSL_HMACSHA256, NID_sha256} /* SSL_HMACSHA256_IDX 14 */ + {SSL_MAGMAOMAC, NID_magma_mac}, /* sSL_MD_MAGMAOMAC_IDX */ + {SSL_KUZNYECHIKOMAC, NID_kuznyechik_mac} /* SSL_MD_KUZNYECHIKOMAC_IDX */ }; /* *INDENT-OFF* */ diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 46e575176d841..a2f779d640d64 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -152,8 +152,6 @@ # define SSL_ARIA256GCM 0x00200000U # define SSL_MAGMA 0x00400000U # define SSL_KUZNYECHIK 0x00800000U -# define SSL_eNULLHMACSHA256 0x01000000U -# define SSL_eNULLHMACSHA384 0x02000000U # define SSL_AESGCM (SSL_AES128GCM | SSL_AES256GCM) # define SSL_AESCCM (SSL_AES128CCM | SSL_AES256CCM | SSL_AES128CCM8 | SSL_AES256CCM8) @@ -165,7 +163,6 @@ # define SSL_CBC (SSL_DES | SSL_3DES | SSL_RC2 | SSL_IDEA \ | SSL_AES128 | SSL_AES256 | SSL_CAMELLIA128 \ | SSL_CAMELLIA256 | SSL_SEED) -# define SSL_eNULLHMAC (SSL_eNULLHMACSHA256 | SSL_eNULLHMACSHA384) /* Bits for algorithm_mac (symmetric authentication) */ @@ -182,8 +179,6 @@ # define SSL_GOST12_512 0x00000200U # define SSL_MAGMAOMAC 0x00000400U # define SSL_KUZNYECHIKOMAC 0x00000800U -# define SSL_HMACSHA256 0x00001000U -# define SSL_HMACSHA384 0x00002000U /* * When adding new digest in the ssl_ciph.c and increment SSL_MD_NUM_IDX make @@ -204,8 +199,7 @@ # define SSL_MD_SHA512_IDX 11 # define SSL_MD_MAGMAOMAC_IDX 12 # define SSL_MD_KUZNYECHIKOMAC_IDX 13 -# define SSL_HMACSHA256_IDX 14 -# define SSL_MAX_DIGEST 15 +# define SSL_MAX_DIGEST 14 #define SSL_MD_NUM_IDX SSL_MAX_DIGEST @@ -367,9 +361,7 @@ # define SSL_ENC_ARIA256GCM_IDX 21 # define SSL_ENC_MAGMA_IDX 22 # define SSL_ENC_KUZNYECHIK_IDX 23 -# define SSL_ENC_NULL_HMAC_SHA256_IDX 24 -# define SSL_ENC_NULL_HMAC_SHA384_IDX 25 -# define SSL_ENC_NUM_IDX 26 +# define SSL_ENC_NUM_IDX 24 /*- * SSL_kRSA <- RSA_ENC diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 47d39f9530ce9..058a8b0c41bdb 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -408,18 +408,6 @@ static int derive_secret_key_and_iv(SSL_CONNECTION *s, const EVP_MD *md, if (mode == EVP_CIPH_GCM_MODE) { *taglen = EVP_GCM_TLS_TAG_LEN; - } else if (EVP_CIPHER_is_a(ciph, SN_null_hmac_sha256)) { - /* - * SN_null_hmac_sha256 must be consistent - * with PROV_NAMES_NULL_HMAC_SHA256 - */ - *taglen = EVP_HMACSHA256_TLS_TAG_LEN; - } else if (EVP_CIPHER_is_a(ciph, SN_null_hmac_sha384)) { - /* - * SN_null_hmac_sha384 must be consistent - * with PROV_NAMES_NULL_HMAC_SHA384 - */ - *taglen = EVP_HMACSHA384_TLS_TAG_LEN; } else { /* CHACHA20P-POLY1305 */ *taglen = EVP_CHACHAPOLY_TLS_TAG_LEN; @@ -483,7 +471,6 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which) int ret = 0; const EVP_MD *md = NULL, *mac_md = NULL; const EVP_CIPHER *cipher = NULL; - const EVP_MAC *mac = NULL; int mac_pkey_type = NID_undef; SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s); size_t keylen, ivlen, taglen, mac_secret_size; diff --git a/test/quicapitest.c b/test/quicapitest.c index a3865debf47a6..9fd987e83ca0a 100644 --- a/test/quicapitest.c +++ b/test/quicapitest.c @@ -593,7 +593,7 @@ static int test_quic_forbidden_apis_ctx(void) "TLS_AES_256_CCM_SHA384:" \ "TLS_AES_128_CCM_8_SHA256:" \ "TLS_SHA256_SHA256:" \ - "TLS_SHA384_SHA384" \ + "TLS_SHA384_SHA384" /* Set TLSv1.3 ciphersuite list for the SSL_CTX. */ if (!TEST_true(SSL_CTX_set_ciphersuites(ctx, diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t index 94364e2bfe5e3..eddca5c58ea39 100644 --- a/test/recipes/30-test_evp.t +++ b/test/recipes/30-test_evp.t @@ -31,7 +31,6 @@ my $no_ec2m = disabled("ec2m"); my $no_sm2 = disabled("sm2"); my $no_siv = disabled("siv"); my $no_argon2 = disabled("argon2"); -my $no_tls1_3_integrity_only_ciphers = disabled("tls1_3-integrity-only_ciphers"); # Default config depends on if the legacy module is built or not my $defaultcnf = $no_legacy ? 'default.cnf' : 'default-and-legacy.cnf'; @@ -132,7 +131,6 @@ push @defltfiles, qw(evppkey_dsa_rfc6979.txt) unless $no_dsa; push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; push @defltfiles, qw(evpciph_aes_gcm_siv.txt) unless $no_siv; push @defltfiles, qw(evpciph_aes_siv.txt) unless $no_siv; -push @defltfiles, qw(evpciph_null_hmac.txt) unless $no_tls1_3_integrity_only_ciphers; push @defltfiles, qw(evpkdf_argon2.txt) unless $no_argon2; plan tests => diff --git a/test/recipes/30-test_evp_data/evpciph_null_hmac.txt b/test/recipes/30-test_evp_data/evpciph_null_hmac.txt index 1349089e212f7..e69de29bb2d1d 100644 --- a/test/recipes/30-test_evp_data/evpciph_null_hmac.txt +++ b/test/recipes/30-test_evp_data/evpciph_null_hmac.txt @@ -1,104 +0,0 @@ -# -# Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the Apache License 2.0 (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - -# Tests start with one of these keywords -# Cipher Decrypt Derive Digest Encoding KDF MAC PBE -# PrivPubKeyPair Sign Verify VerifyRecover -# and continue until a blank line. Lines starting with a pound sign are ignored. - -Title = Test vectors for TLS1_3 integrity-only ciphers - -# self-generated - -Cipher = NULL-HMAC-SHA256 -Key = d39e38d50e5f292e909dab90baffa94f9dee079cf42684ebfa9acea691a0ec67 -IV = d0e3ca88e3061efc82a01bdee2bedbd5d576a4ed2ae2551d5961d851386f5f11 -AAD = a7c121c002008692ce378502ae443242 -Tag = ba12646c0660c251d2078c2f0a4a7fc97de2c2693b71a6e5ee952c1370167fa2 -Plaintext = c33caf56ac18930afb753b039e86fb52271adfa48310ead4b2d003e50469d006636669e94642affe091524538273b02f1d94b84dc3 -Ciphertext = c33caf56ac18930afb753b039e86fb52271adfa48310ead4b2d003e50469d006636669e94642affe091524538273b02f1d94b84dc3 - -Cipher = NULL-HMAC-SHA256 -Key = 4bd2ff014e96f282eb9c46cbf91fb2f8ec49c1075e3eb5bfd2cde9f77f28059a -IV = 9ad73ea6bdc490b13f63ad5469c29d22bd57e1ccf33a195aed3f4caa5561f87f -AAD = b2386b80232c9cee10c16f2cd7eba83f -Tag = 7fe6919c588f082814c304ecc06f3dc74ee6a925f1c94bdc52bef03dbbe1589c -Plaintext = 342ec0a55180d378a2be7486384502c5 -Ciphertext = 342ec0a55180d378a2be7486384502c5 - -Cipher = NULL-HMAC-SHA256 -Key = ff6b4c6e933b722b56b027269fca1e247494b5efaa882eb5e0080ec2a0627bf7 -IV = aa4a62f9168e19ea6183734e1bf5e1cb30dc9ee5c8409b97a5b47b -AAD = e6c7451bbebe9e951817580541c31686 -Tag = 2df54be430a45352b9819a8fd1520eed8f79b138fe6138c72b66e31db76358de -Plaintext = 2a11905e67a36eb1ffe63917794d8c01 -Ciphertext = 2a11905e67a36eb1ffe63917794d8c01 -Result = INVALID_IV_LENGTH - -Cipher = NULL-HMAC-SHA256 -Key = 8161ebe250e72836fc7b921800f7031dabb82b10c1070ad61c4b470efdd2d638 -IV = 9b3585f400107d1d00a4c73d1ccf5c6298cc31f31d7eb6bf16125aad981c38f4 -AAD = 303646bafecf6437cf0608bee640ea3a -Tag = 308ede06619e016da2b2a5bc4cad2a83bbed3a9b8e7f48d8cf129641370dee19 -Plaintext = 15d16f28104e53a2b4c52405b696beab19ac1794cbe3f723781948ee5306cce6905afab06b30cc84a4ea2aadbbf5c66fa6b812ada3 -Ciphertext = 15d16f28104e53a2b4c52405b696beab19ac1794cbe3f723781948ee5306cce6905afab06b30cc84a4ea2aadbbf5c66fa6b812ada3 -Operation = DECRYPT -Result = CIPHERFINAL_ERROR - -Cipher = NULL-HMAC-SHA256 -Key = 4bd2ff014e96f282eb9c46cbf91fb2f8ec49c1075e3eb5bfd2cde9f77f28059a -IV = 9ad73ea6bdc490b13f63ad5469c29d22bd57e1ccf33a195aed3f4caa5561f87a -AAD = b2386b80232c9cee10c16f2cd7eba83f -Tag = 7fe6919c588f082814c304ecc06f3dc74ee6a925f1c94bdc52bef03dbbe1589c -Plaintext = 342ec0a55180d378a2be7486384502c5 -Ciphertext = 342ec0a55180d378a2be7486384502c5 -Operation = DECRYPT -Result = CIPHERFINAL_ERROR - -Cipher = NULL-HMAC-SHA384 -Key = 89b1805bd63d4fc480e326600aa503d9a013850decd16ee9ad62c78ccf3933aa81e76745c8880d0c0b650e04f5618cdf -IV = 8edaf8503b55553042ce8df39c0f36fb6ebc1b747066c40001f6eaa772386d11773358cb179af672df221de9ce961ca7 -AAD = 0132a0a2eb8739df5377f7ba5ba943b1 -Tag = 1b3d387ec9f32790f9e1556371743b10c18a4cb53ebe3a1fff005bcf10262ee4fa923f80c6013b14c3d5934666470dec -Plaintext = 3ef534d83d90c06202b4a6ed890b522ab1cfd88c55f09302d513110861042e28731b360e3d32eb8573a738128006cefb9a71db9f20 -Ciphertext = 3ef534d83d90c06202b4a6ed890b522ab1cfd88c55f09302d513110861042e28731b360e3d32eb8573a738128006cefb9a71db9f20 - -Cipher = NULL-HMAC-SHA384 -Key = 7c8add456590f28bada7019409b6035cb7738b8c1520278102b53f5eae5c6aec91945e566445e6c73a7f9495c5d4e478 -IV = 012acc710cd8a57da8f0eccb8cb79c8136f6e65ba19eb1681a6abe5667840a260a716ce0d0f2264573938af7ba457673 -AAD = 5220730c154a9413ba591f600e271ba1 -Tag = 666c95d04fcf546df116098cfc86e1bd5fc054d7c1556401606a37ac5107007e9166bb32ea49143a777647813e60ff43 -Plaintext = 2f2e7819b01d74a0923cd0d4608eb442f1ee11385d12ed92fc186bdc2ef41add320e851af9ee62fa716f5745662e25c279f5 -Ciphertext = 2f2e7819b01d74a0923cd0d4608eb442f1ee11385d12ed92fc186bdc2ef41add320e851af9ee62fa716f5745662e25c279f5 - -Cipher = NULL-HMAC-SHA384 -Key = 8d47db7047c3275322a48b6c524fc6042752a5f7fe08b30f2521facff8bd55a21525ccd46bee3e1a4a748705d791bfab -IV = 5299a18c72a8959e3b926778cfcdce656b5374d98e98071831f0169c43a25ad06f4876638da29aee2427381502e21749 -AAD = c86661ac3848f504 -Tag = 8656f4fe6309696930e23db23f8cc9b3335c1fd1e1b50478ebb36482e2b8e7b49bcc2d10c42050f118c0c62f0ab0588b -Plaintext = 3454bb97690f8931af15b26dc35217c4 -Ciphertext = 3454bb97690f8931af15b26dc35217c4 - -Cipher = NULL-HMAC-SHA384 -Key = 8d47db7047c3275322a48b6c524fc6042752a5f7fe08b30f2521facff8bd55a21525ccd46bee3e1a4a748705d791bfab -IV = 5299a18c72a8959e3b926778cfcdce656b5374d98e98071831f0169c43a25ad06f4876638da29aee2427381502e21749 -AAD = c86661ac3848f504 -Tag = 8656f4fe6309696930e23db23f8cc9b3335c1fd1e1b50478ebb36482e2b8e7b49bcc2d10c42050f118c0c62f0ab0588c -Plaintext = 3454bb97690f8931af15b26dc35217c4 -Ciphertext = 3454bb97690f8931af15b26dc35217c4 -Operation = DECRYPT -Result = CIPHERFINAL_ERROR - -Cipher = NULL-HMAC-SHA384 -Key = 7c8add456590f28bada7019409b6035cb7738b8c1520278102b53f5eae5c6aec91945e566445e6c73a7f9495c5d4e478 -IV = 012acc710cd8a57da8f0eccb8cb79c8136f6e65ba19eb1681a6abe5667840a260a716ce0d0f2264573938af7ba4576 -AAD = 5220730c154a9413ba591f600e271ba1 -Tag = 666c95d04fcf546df116098cfc86e1bd5fc054d7c1556401606a37ac5107007e9166bb32ea49143a777647813e60ff43 -Plaintext = 2f2e7819b01d74a0923cd0d4608eb442f1ee11385d12ed92fc186bdc2ef41add320e851af9ee62fa716f5745662e25c279f5 -Ciphertext = 2f2e7819b01d74a0923cd0d4608eb442f1ee11385d12ed92fc186bdc2ef41add320e851af9ee62fa716f5745662e25c279f5 -Result = INVALID_IV_LENGTH