latchset · simo5 · Jul 30, 2025 · Jul 2, 2025 · Jul 2, 2025 · Jul 2, 2025
diff --git a/ossl/Cargo.toml b/ossl/Cargo.toml
@@ -33,3 +33,4 @@ dynamic = [] # Builds against system libcrypto.so
 fips = ["ossl350"] # Builds against sources and libfips.a instead of libcrypto
 log = ["dep:log", "dep:vsprintf"] # Error tracing using log crate
 dummy-integrity = [] # USE ONLY for testing as a dev-depenency
+rfc9580 = [] # Enables features required for OpenPGP implementations
diff --git a/ossl/src/cipher.rs b/ossl/src/cipher.rs
@@ -114,6 +114,7 @@ pub enum EncAlg {
     AesCfb8(AesSize),
     AesCfb1(AesSize),
     AesCfb128(AesSize),
+    AesOcb(AesSize),
     AesOfb(AesSize),
     AesWrap(AesSize),
     AesWrapPad(AesSize),
@@ -167,6 +168,11 @@ fn cipher_to_name(alg: EncAlg) -> &'static CStr {
             AesSize::Aes192 => cstr!(LN_aes_192_cfb128),
             AesSize::Aes256 => cstr!(LN_aes_256_cfb128),
         },
+        EncAlg::AesOcb(size) => match size {
+            AesSize::Aes128 => cstr!(LN_aes_128_ocb),
+            AesSize::Aes192 => cstr!(LN_aes_192_ocb),
+            AesSize::Aes256 => cstr!(LN_aes_256_ocb),
+        },
         EncAlg::AesOfb(size) => match size {
             AesSize::Aes128 => cstr!(LN_aes_128_ofb128),
             AesSize::Aes192 => cstr!(LN_aes_192_ofb128),
@@ -224,7 +230,8 @@ pub struct OsslCipher {
     aad: Option<Vec<u8>>,
     /// The block size used in this operation. It is used to
     /// calculate the minimum acceptable output buffer size in
-    /// update operations. This is 1 for streaming ciphers.
+    /// update operations. This is 1 for streaming ciphers and
+    /// AEAD constructions
     blocksize: usize,
 }
 
@@ -273,7 +280,7 @@ impl OsslCipher {
         /* For some modes there is setup that needs to be done
          * early, before the cipher ctx is fully initialized */
         match alg {
-            EncAlg::AesCcm(_) | EncAlg::AesGcm(_) => {
+            EncAlg::AesCcm(_) | EncAlg::AesGcm(_) | EncAlg::AesOcb(_) => {
                 ctx.aead_setup(alg, &aead)?
             }
             EncAlg::AesCts(_, mode) => {
@@ -374,15 +381,15 @@ impl OsslCipher {
                     }
                 }
             }
-            None => (),
+            None => {
+                ctx.blocksize = unsafe {
+                    usize::try_from(EVP_CIPHER_CTX_get_block_size(
+                        ctx.ctx.as_mut_ptr(),
+                    ))?
+                };
+            }
         }
 
-        ctx.blocksize = unsafe {
-            usize::try_from(EVP_CIPHER_CTX_get_block_size(
-                ctx.ctx.as_mut_ptr(),
-            ))?
-        };
-
         Ok(ctx)
     }
 
@@ -565,6 +572,16 @@ impl OsslCipher {
         Ok(())
     }
 
+    /// Returns the block size, or `None` for stream ciphers and AEAD
+    /// constructions.
+    pub fn block_size(&self) -> Option<usize> {
+        if self.blocksize == 1 {
+            None
+        } else {
+            Some(self.blocksize)
+        }
+    }
+
     pub fn buffer_size(&self, input: usize) -> usize {
         if self.blocksize == 1 {
             return input;

diff --git a/ossl/src/lib.rs b/ossl/src/lib.rs
@@ -231,35 +231,59 @@ unsafe impl Sync for OsslContext {}
 /// Manages the lifecycle and provides conversion methods.
 #[derive(Debug)]
 struct BigNum {
-    bn: *const BIGNUM,
+    bn: *mut BIGNUM,
 }
 
 impl BigNum {
+    /// Returns a const pointer to the underlying `BIGNUM`.
+    #[allow(dead_code)]
+    pub fn as_ptr(&self) -> *const BIGNUM {
+        self.bn
+    }
+
+    /// Returns a mutable pointer to the underlying `BIGNUM`.
+    pub fn as_mut_ptr(&mut self) -> *mut BIGNUM {
+        self.bn
+    }
+
+    /// Allocates a new BIGNUM.
+    pub fn new() -> Result<BigNum, Error> {
+        let bn = unsafe { BN_secure_new() };
+
+        if bn.is_null() {
+            trace_ossl!("BN_secure_new()");
+            Err(Error::new(ErrorKind::NullPtr))
+        } else {
+            Ok(BigNum { bn })
+        }
+    }
+
     /// Allocates a new BIGNUM from a slice of bytes with the binary
     /// representation of the number in big endian byte order (most
     /// significant byte first).
     ///
     /// Returns a wrapped `BigNum` or an error if the import fails.
     pub fn from_bigendian_slice(v: &[u8]) -> Result<BigNum, Error> {
-        let bn = unsafe {
+        let mut bn = BigNum::new()?;
+
+        let ret = unsafe {
             BN_bin2bn(
                 v.as_ptr() as *mut u8,
                 c_int::try_from(v.len())?,
-                std::ptr::null_mut(),
+                bn.as_mut_ptr(),
             )
         };
-        if bn.is_null() {
+        if ret.is_null() {
             trace_ossl!("BN_bin2bn()");
             return Err(Error::new(ErrorKind::NullPtr));
         }
-        Ok(BigNum {
-            bn: bn as *const BIGNUM,
-        })
+
+        Ok(bn)
     }
 
     /// Calculates the minimum number of bytes needed to represent the `BIGNUM`.
     pub fn len(&self) -> Result<usize, Error> {
-        let x = unsafe { (BN_num_bits(self.bn) + 7) / 8 };
+        let x = unsafe { (BN_num_bits(self.as_ptr()) + 7) / 8 };
         Ok(usize::try_from(x)?)
     }
 
@@ -269,9 +293,7 @@ impl BigNum {
         if unsafe { OSSL_PARAM_get_BN(p, &mut bn) } != 1 {
             return Err(Error::new(ErrorKind::OsslError));
         }
-        Ok(BigNum {
-            bn: bn as *const BIGNUM,
-        })
+        Ok(BigNum { bn })
     }
 
     /// Converts the `BIGNUM` to a byte vector in native-endian format, padded
@@ -283,7 +305,11 @@ impl BigNum {
             v.push(0);
         }
         let ret = unsafe {
-            BN_bn2nativepad(self.bn, v.as_mut_ptr(), c_int::try_from(v.len())?)
+            BN_bn2nativepad(
+                self.as_ptr(),
+                v.as_mut_ptr(),
+                c_int::try_from(v.len())?,
+            )
         };
         if ret < 1 {
             trace_ossl!("BN_bn2nativepad()");
@@ -297,7 +323,7 @@ impl BigNum {
     pub fn to_bigendian_vec(&self) -> Result<Vec<u8>, Error> {
         let len = self.len()?;
         let mut v = vec![0u8; self.len()?];
-        let ret = unsafe { BN_bn2bin(self.bn, v.as_mut_ptr()) };
+        let ret = unsafe { BN_bn2bin(self.as_ptr(), v.as_mut_ptr()) };
         if usize::try_from(ret)? != len {
             return Err(Error::new(ErrorKind::WrapperError));
         }
@@ -308,7 +334,7 @@ impl BigNum {
 impl Drop for BigNum {
     fn drop(&mut self) {
         unsafe {
-            BN_free(self.bn as *mut BIGNUM);
+            BN_free(self.as_mut_ptr());
         }
     }
 }