From c2632c6bf806238c0c2a5db37179f1022060aa40 Mon Sep 17 00:00:00 2001 From: Songling Han Date: Tue, 24 Sep 2024 09:59:27 +0000 Subject: [PATCH] format code Signed-off-by: Songling Han --- oqsprov/oqs_hyb_kem.c | 81 ++++++++++++------------- oqsprov/oqs_kem.c | 9 +-- oqsprov/oqsprov_keys.c | 133 +++++++++++++++++++++++++++-------------- 3 files changed, 133 insertions(+), 90 deletions(-) diff --git a/oqsprov/oqs_hyb_kem.c b/oqsprov/oqs_hyb_kem.c index 491fb2c2..5fce3533 100644 --- a/oqsprov/oqs_hyb_kem.c +++ b/oqsprov/oqs_hyb_kem.c @@ -22,7 +22,8 @@ static int oqs_evp_kem_encaps_keyslot(void *vpkemctx, unsigned char *ct, } const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - if (!pkemctx || !pkemctx->kem || !pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx) { + if (!pkemctx || !pkemctx->kem || + !pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx) { return -1; } const OQSX_EVP_CTX *evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; @@ -221,56 +222,56 @@ static int oqs_hyb_kem_encaps(void *vpkemctx, unsigned char *ct, size_t *ctlen, } static int oqs_hyb_kem_decaps(void *vpkemctx, unsigned char *secret, - size_t *secretlen, const unsigned char *ct, - size_t ctlen) { - int ret = OQS_SUCCESS; - const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; - const OQSX_EVP_CTX *evp_ctx; - const OQS_KEM *qs_ctx; + size_t *secretlen, const unsigned char *ct, + size_t ctlen) { + int ret = OQS_SUCCESS; + const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; + const OQSX_EVP_CTX *evp_ctx; + const OQS_KEM *qs_ctx; - size_t secretLen0 = 0, secretLen1 = 0; - size_t ctLen0 = 0, ctLen1 = 0; - const unsigned char *ct0 = NULL, *ct1 = NULL; - unsigned char *secret0 = NULL, *secret1 = NULL; + size_t secretLen0 = 0, secretLen1 = 0; + size_t ctLen0 = 0, ctLen1 = 0; + const unsigned char *ct0 = NULL, *ct1 = NULL; + unsigned char *secret0 = NULL, *secret1 = NULL; - if (!vpkemctx || !secretlen || !ct) { - return OQS_ERROR; - } + if (!vpkemctx || !secretlen || !ct) { + return OQS_ERROR; + } - evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; - qs_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; + evp_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_evp_ctx; + qs_ctx = pkemctx->kem->oqsx_provider_ctx.oqsx_qs_ctx.kem; - if (!evp_ctx || !qs_ctx) { - return OQS_ERROR; - } + if (!evp_ctx || !qs_ctx) { + return OQS_ERROR; + } - ret = oqs_evp_kem_decaps_keyslot(vpkemctx, NULL, &secretLen0, NULL, 0, 0); - ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - ret = oqs_qs_kem_decaps_keyslot(vpkemctx, NULL, &secretLen1, NULL, 0, 1); - ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); + ret = oqs_evp_kem_decaps_keyslot(vpkemctx, NULL, &secretLen0, NULL, 0, 0); + ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); + ret = oqs_qs_kem_decaps_keyslot(vpkemctx, NULL, &secretLen1, NULL, 0, 1); + ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - *secretlen = secretLen0 + secretLen1; + *secretlen = secretLen0 + secretLen1; - if (secret == NULL) - return 1; + if (secret == NULL) + return 1; - ctLen0 = evp_ctx->evp_info->length_public_key; - ctLen1 = qs_ctx->length_ciphertext; + ctLen0 = evp_ctx->evp_info->length_public_key; + ctLen1 = qs_ctx->length_ciphertext; - ON_ERR_SET_GOTO(ctLen0 + ctLen1 != ctlen, ret, OQS_ERROR, err); + ON_ERR_SET_GOTO(ctLen0 + ctLen1 != ctlen, ret, OQS_ERROR, err); - ct0 = ct; - ct1 = ct + ctLen0; - secret0 = secret; - secret1 = secret + secretLen0; + ct0 = ct; + ct1 = ct + ctLen0; + secret0 = secret; + secret1 = secret + secretLen0; - ret = oqs_evp_kem_decaps_keyslot(vpkemctx, secret0, &secretLen0, ct0, - ctLen0, 0); - ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); - ret = oqs_qs_kem_decaps_keyslot(vpkemctx, secret1, &secretLen1, ct1, ctLen1, - 1); - ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); + ret = oqs_evp_kem_decaps_keyslot(vpkemctx, secret0, &secretLen0, ct0, + ctLen0, 0); + ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); + ret = oqs_qs_kem_decaps_keyslot(vpkemctx, secret1, &secretLen1, ct1, ctLen1, + 1); + ON_ERR_SET_GOTO(ret <= 0, ret, OQS_ERROR, err); err: - return ret; + return ret; } diff --git a/oqsprov/oqs_kem.c b/oqsprov/oqs_kem.c index f85974bb..b13a2b71 100644 --- a/oqsprov/oqs_kem.c +++ b/oqsprov/oqs_kem.c @@ -41,8 +41,8 @@ static OSSL_FUNC_kem_decapsulate_fn oqs_qs_kem_decaps; static OSSL_FUNC_kem_freectx_fn oqs_kem_freectx; /* - * What's passed as an actual key is defined by the KEYMGMT interface. - */ + * What's passed as an actual key is defined by the KEYMGMT interface. + */ typedef struct { OSSL_LIB_CTX *libctx; OQSX_KEY *kem; @@ -121,7 +121,7 @@ static int oqs_kem_decaps_init(void *vpkemctx, void *vkem, } /// Quantum-Safe KEM functions (OQS) - static int oqs_qs_kem_encaps_keyslot(void *vpkemctx, unsigned char *out, +static int oqs_qs_kem_encaps_keyslot(void *vpkemctx, unsigned char *out, size_t *outlen, unsigned char *secret, size_t *secretlen, int keyslot) { const PROV_OQSKEM_CTX *pkemctx = (PROV_OQSKEM_CTX *)vpkemctx; @@ -172,7 +172,8 @@ static int oqs_kem_decaps_init(void *vpkemctx, void *vkem, *outlen = kem_ctx->length_ciphertext; *secretlen = kem_ctx->length_shared_secret; - ret = OQS_KEM_encaps(kem_ctx, out, secret, pkemctx->kem->comp_pubkey[keyslot]); + ret = OQS_KEM_encaps(kem_ctx, out, secret, + pkemctx->kem->comp_pubkey[keyslot]); if (ret != OQS_SUCCESS) { OPENSSL_cleanse(secret, *secretlen); } diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index 70622fa5..083bfd83 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -204,7 +204,8 @@ int oqs_set_nid(char *tlsname, int nid) { return 0; } for (i = 0; i < NID_TABLE_LEN; i++) { - if (nid_names[i].tlsname != NULL && strcmp(nid_names[i].tlsname, tlsname) == 0) { + if (nid_names[i].tlsname != NULL && + strcmp(nid_names[i].tlsname, tlsname) == 0) { nid_names[i].nid = nid; return 1; } @@ -236,8 +237,10 @@ char *get_oqsname_fromtls(const char *tlsname) { } for (i = 0; i < NID_TABLE_LEN; i++) { if (nid_names[i].keytype == KEY_TYPE_SIG) { - if ((nid_names[i].oqsname != NULL && strcmp(nid_names[i].oqsname, tlsname) == 0) || - (nid_names[i].tlsname != NULL && strcmp(nid_names[i].tlsname, tlsname) == 0)) + if ((nid_names[i].oqsname != NULL && + strcmp(nid_names[i].oqsname, tlsname) == 0) || + (nid_names[i].tlsname != NULL && + strcmp(nid_names[i].tlsname, tlsname) == 0)) return nid_names[i].oqsname; } } @@ -390,29 +393,29 @@ void oqsx_key_set0_libctx(OQSX_KEY *key, OSSL_LIB_CTX *libctx) { /* convenience function creating OQSX keys from nids (only for sigs) */ static OQSX_KEY *oqsx_key_new_from_nid(OSSL_LIB_CTX *libctx, const char *propq, - int nid) { + int nid) { OQS_KEY_PRINTF2("Generating OQSX key for nid %d\n", nid); const char *tls_algname = OBJ_nid2sn(nid); if (tls_algname == NULL) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - return NULL; + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + return NULL; } OQS_KEY_PRINTF2(" for tls_name %s\n", tls_algname); const char *oqs_name = get_oqsname(nid); if (oqs_name == NULL) { - ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); - return NULL; + ERR_raise(ERR_LIB_USER, OQSPROV_R_WRONG_PARAMETERS); + return NULL; } int keytype = get_keytype(nid); int secbits = get_secbits(nid); int oqs_idx = get_oqsalg_idx(nid); - return oqsx_key_new(libctx, oqs_name, tls_algname, keytype, - propq, secbits, oqs_idx); + return oqsx_key_new(libctx, oqs_name, tls_algname, keytype, propq, secbits, + oqs_idx); } /* Workaround for not functioning EC PARAM initialization @@ -778,8 +781,9 @@ static OQSX_KEY *oqsx_key_op(const X509_ALGOR *palg, const unsigned char *p, // recreate the pubkey later if (key->oqsx_provider_ctx.oqsx_evp_ctx != NULL && key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info != NULL && - key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype == - EVP_PKEY_RSA) { // get the RSA real key size + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->keytype == + EVP_PKEY_RSA) { // get the RSA real key size if (previous_privlen + previous_publen + 4 > plen) { OPENSSL_free(name); OPENSSL_secure_clear_free(temp_priv, temp_priv_len); @@ -946,15 +950,19 @@ static int recreate_classic_cmp_public_key(OQSX_KEY *key) { const unsigned char *enc_pubkey = key->comp_pubkey[i]; if (get_oqsname_fromtls(name) == 0) { - if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->raw_key_support) { + if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->raw_key_support) { EVP_PKEY *npk = EVP_PKEY_new(); if (npk == NULL) { ERR_raise(ERR_LIB_USER, ERR_R_MALLOC_FAILURE); OPENSSL_free(name); return 0; } - if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype != EVP_PKEY_RSA) { - npk = setECParams(npk, key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid); + if (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype != + EVP_PKEY_RSA) { + npk = setECParams( + npk, + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->nid); if (npk == NULL) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); @@ -998,7 +1006,8 @@ static int recreate_classic_cmp_private_key(OQSX_KEY *key) { } if (get_oqsname_fromtls(name) == 0) { const unsigned char *enc_privkey = key->comp_privkey[i]; - if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->raw_key_support) { + if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->raw_key_support) { key->classical_pkey = d2i_PrivateKey( key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->keytype, NULL, &enc_privkey, key->privkeylen_cmp[i]); @@ -1012,10 +1021,13 @@ static int recreate_classic_cmp_private_key(OQSX_KEY *key) { OPENSSL_free(name); return 0; } - if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->raw_key_support) { + if (!key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->raw_key_support) { unsigned char *comp_pubkey = key->comp_pubkey[i]; - int pubkeylen = i2d_PublicKey(key->classical_pkey, &comp_pubkey); - if (pubkeylen != key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_public_key) { + int pubkeylen = + i2d_PublicKey(key->classical_pkey, &comp_pubkey); + if (pubkeylen != key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->length_public_key) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); EVP_PKEY_free(key->classical_pkey); @@ -1024,7 +1036,8 @@ static int recreate_classic_cmp_private_key(OQSX_KEY *key) { } } else { size_t pubkeylen = key->pubkeylen_cmp[i]; - int ret = EVP_PKEY_get_raw_public_key(key->classical_pkey, key->comp_pubkey[i], &pubkeylen); + int ret = EVP_PKEY_get_raw_public_key( + key->classical_pkey, key->comp_pubkey[i], &pubkeylen); if (ret <= 0) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); OPENSSL_free(name); @@ -1073,7 +1086,8 @@ static int recreate_hybrid_public_key(OQSX_KEY *key) { return 0; } } - key->classical_pkey = d2i_PublicKey(key->evp_info->keytype, &npk, &enc_pubkey, classical_pubkey_len); + key->classical_pkey = d2i_PublicKey(key->evp_info->keytype, &npk, + &enc_pubkey, classical_pubkey_len); if (key->classical_pkey == NULL) { EVP_PKEY_free(npk); } @@ -1108,7 +1122,8 @@ static int recreate_hybrid_private_key(OQSX_KEY *key) { key->classical_pkey = EVP_PKEY_new_raw_private_key( key->evp_info->keytype, NULL, enc_privkey, classical_privkey_len); } else { - key->classical_pkey = d2i_PrivateKey(key->evp_info->keytype, NULL, &enc_privkey, classical_privkey_len); + key->classical_pkey = d2i_PrivateKey( + key->evp_info->keytype, NULL, &enc_privkey, classical_privkey_len); } if (!key->classical_pkey) { ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -1117,9 +1132,11 @@ static int recreate_hybrid_private_key(OQSX_KEY *key) { #ifndef NOPUBKEY_IN_PRIVKEY if (key->evp_info->raw_key_support) { size_t pubkeylen; - if (EVP_PKEY_get_raw_public_key(key->classical_pkey, NULL, &pubkeylen) != 1 || + if (EVP_PKEY_get_raw_public_key(key->classical_pkey, NULL, + &pubkeylen) != 1 || pubkeylen != key->evp_info->length_public_key || - EVP_PKEY_get_raw_public_key(key->classical_pkey, enc_pubkey, &pubkeylen) != 1) { + EVP_PKEY_get_raw_public_key(key->classical_pkey, enc_pubkey, + &pubkeylen) != 1) { EVP_PKEY_free(key->classical_pkey); key->classical_pkey = NULL; ERR_raise(ERR_LIB_USER, OQSPROV_R_INVALID_ENCODING); @@ -1257,7 +1274,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, if (!p8inf || !PKCS8_pkey_get0(NULL, &p, &plen, &palg, p8inf)) return NULL; - if (!palg || get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { + if (!palg || + get_keytype(OBJ_obj2nid(palg->algorithm)) != KEY_TYPE_CMP_SIG) { oct = d2i_ASN1_OCTET_STRING(NULL, &p, plen); if (oct == NULL) { p = NULL; @@ -1307,7 +1325,8 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, p8inf_internal = d2i_PKCS8_PRIV_KEY_INFO(&p8inf_internal, &buf2, buflen); - if (!p8inf_internal || !PKCS8_pkey_get0(NULL, &buf, &buflen, &palg_internal, + if (!p8inf_internal || + !PKCS8_pkey_get0(NULL, &buf, &buflen, &palg_internal, p8inf_internal)) { OPENSSL_free(name); goto err; @@ -1804,12 +1823,12 @@ static int oqsx_key_gen_oqs(OQSX_KEY *key, int gen_kem) { } if (gen_kem) return OQS_KEM_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.kem, - key->comp_pubkey[key->numkeys - 1], - key->comp_privkey[key->numkeys - 1]); + key->comp_pubkey[key->numkeys - 1], + key->comp_privkey[key->numkeys - 1]); else { return OQS_SIG_keypair(key->oqsx_provider_ctx.oqsx_qs_ctx.sig, - key->comp_pubkey[key->numkeys - 1], - key->comp_privkey[key->numkeys - 1]); + key->comp_pubkey[key->numkeys - 1], + key->comp_privkey[key->numkeys - 1]); } } @@ -1893,7 +1912,7 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret, -12, errhyb); // selftest: EVP_PKEY *ck2 = d2i_PrivateKey(ctx->evp_info->keytype, NULL, - &privkey_enc2, privkeylen); + &privkey_enc2, privkeylen); ON_ERR_SET_GOTO(!ck2, ret, -14, errhyb); EVP_PKEY_free(ck2); } @@ -2000,24 +2019,42 @@ int oqsx_key_maxsize(OQSX_KEY *key) { switch (key->keytype) { case KEY_TYPE_KEM: - return key->oqsx_provider_ctx.oqsx_qs_ctx.kem ? key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_shared_secret : 0; + return key->oqsx_provider_ctx.oqsx_qs_ctx.kem + ? key->oqsx_provider_ctx.oqsx_qs_ctx.kem + ->length_shared_secret + : 0; case KEY_TYPE_ECP_HYB_KEM: case KEY_TYPE_ECX_HYB_KEM: - return (key->oqsx_provider_ctx.oqsx_evp_ctx && key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info && key->oqsx_provider_ctx.oqsx_qs_ctx.kem) ? - (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->kex_length_secret + - key->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_shared_secret) : 0; + return (key->oqsx_provider_ctx.oqsx_evp_ctx && + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info && + key->oqsx_provider_ctx.oqsx_qs_ctx.kem) + ? (key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->kex_length_secret + + key->oqsx_provider_ctx.oqsx_qs_ctx.kem + ->length_shared_secret) + : 0; case KEY_TYPE_SIG: - return key->oqsx_provider_ctx.oqsx_qs_ctx.sig ? key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature : 0; + return key->oqsx_provider_ctx.oqsx_qs_ctx.sig + ? key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature + : 0; case KEY_TYPE_HYB_SIG: - return (key->oqsx_provider_ctx.oqsx_qs_ctx.sig && key->oqsx_provider_ctx.oqsx_evp_ctx && key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info) ? - (key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature + - key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + - SIZE_OF_UINT32) : 0; + return (key->oqsx_provider_ctx.oqsx_qs_ctx.sig && + key->oqsx_provider_ctx.oqsx_evp_ctx && + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info) + ? (key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature + + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->length_signature + + SIZE_OF_UINT32) + : 0; case KEY_TYPE_CMP_SIG: - return (key->oqsx_provider_ctx.oqsx_evp_ctx && key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info && key->oqsx_provider_ctx.oqsx_qs_ctx.sig) ? - (sizeof(CompositeSignature) + - key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info->length_signature + - key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature) : 0; + return (key->oqsx_provider_ctx.oqsx_evp_ctx && + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info && + key->oqsx_provider_ctx.oqsx_qs_ctx.sig) + ? (sizeof(CompositeSignature) + + key->oqsx_provider_ctx.oqsx_evp_ctx->evp_info + ->length_signature + + key->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_signature) + : 0; default: OQS_KEY_PRINTF("OQSX KEY: Wrong key type\n"); return 0; @@ -2035,10 +2072,14 @@ int oqsx_key_get_oqs_public_key_len(OQSX_KEY *k) { case KEY_TYPE_KEM: return k->pubkeylen; case KEY_TYPE_HYB_SIG: - return k->oqsx_provider_ctx.oqsx_qs_ctx.sig ? k->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key : -1; + return k->oqsx_provider_ctx.oqsx_qs_ctx.sig + ? k->oqsx_provider_ctx.oqsx_qs_ctx.sig->length_public_key + : -1; case KEY_TYPE_ECX_HYB_KEM: case KEY_TYPE_ECP_HYB_KEM: - return k->oqsx_provider_ctx.oqsx_qs_ctx.kem ? k->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key : -1; + return k->oqsx_provider_ctx.oqsx_qs_ctx.kem + ? k->oqsx_provider_ctx.oqsx_qs_ctx.kem->length_public_key + : -1; default: OQS_KEY_PRINTF2("OQSX_KEY: Unknown key type encountered: %d\n", k->keytype);