[apple/security.git] / OSX / libsecurity_apple_csp / lib / gladmanContext.cpp

/*
 * Copyright (c) 2000-2001,2011-2012,2014 Apple Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
 * gladmanContext.cpp - glue between BlockCryptor and Gladman AES implementation
 */
 
#include "gladmanContext.h"
#include "cspdebugging.h"
#include <CommonCrypto/CommonCryptor.h>

/*
 * AES encrypt/decrypt.
 */
GAESContext::GAESContext(AppleCSPSession &session) : 
    BlockCryptor(session),
	mAesKey(NULL),
	mInitFlag(false),
	mRawKeySize(0),
	mWasEncrypting(false)
{ 
	cbcCapable(false);
	multiBlockCapable(false);
}

GAESContext::~GAESContext()
{
    if(mAesKey) {
        CCCryptorFinal(mAesKey,NULL,0,NULL);
        CCCryptorRelease(mAesKey);
        mAesKey = NULL;
    }
    
	deleteKey();
	memset(mRawKey, 0, MAX_AES_KEY_BITS / 8);
	mInitFlag = false;
}
	
void GAESContext::deleteKey()
{
	mRawKeySize = 0;
}

/* 
 * Standard CSPContext init, called from CSPFullPluginSession::init().
 * Reusable, e.g., query followed by en/decrypt. Even reusable after context
 * changed (i.e., new IV in Encrypted File System). 
 */
void GAESContext::init( 
	const Context &context, 
	bool encrypting)
{
	if(mInitFlag && !opStarted()) {
		return;
	}
	
	CSSM_SIZE	keyLen;
	uint8 		*keyData = NULL;
	bool		sameKeySize = false;
	
	/* obtain key from context */
	symmetricKeyBits(context, session(), CSSM_ALGID_AES, 
		encrypting ? CSSM_KEYUSE_ENCRYPT : CSSM_KEYUSE_DECRYPT,
		keyData, keyLen);
	
	switch(keyLen) {
		case kCCKeySizeAES128:
		case kCCKeySizeAES192:
		case kCCKeySizeAES256:
			break;
		default:
			CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
	}
	
	/*
	 * Delete existing key if key size changed
	 */
	if(mRawKeySize == keyLen) {
		sameKeySize = true;
	}
	else {
		deleteKey();
	}
	
	/* 
	 * Init key only if key size or key bits have changed, or 
	 * we're doing a different operation than the previous key
	 * was scheduled for.
	 */
	if(!sameKeySize || (mWasEncrypting != encrypting) ||
		memcmp(mRawKey, keyData, mRawKeySize)) {
        (void) CCCryptorCreateWithMode(0, kCCModeECB, kCCAlgorithmAES128, ccDefaultPadding, NULL, keyData, keyLen, NULL, 0, 0, 0, &mAesKey);

		/* save this raw key data */
		memmove(mRawKey, keyData, keyLen); 
		mRawKeySize = (uint32)keyLen;
		mWasEncrypting = encrypting;
	}

	/* we handle CBC, and hence the IV, ourselves */
	CSSM_ENCRYPT_MODE cssmMode = context.getInt(CSSM_ATTRIBUTE_MODE);
    switch (cssmMode) {
		/* no mode attr --> 0 == CSSM_ALGMODE_NONE, not currently supported */
 		case CSSM_ALGMODE_CBCPadIV8:
		case CSSM_ALGMODE_CBC_IV8:
		{
			CssmData *iv = context.get<CssmData>(CSSM_ATTRIBUTE_INIT_VECTOR);
			if(iv == NULL) {
				CssmError::throwMe(CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR);
			}
			if(iv->Length != kCCBlockSizeAES128) {
				CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR);
			}
		}
		break;
		default:
		break;
	}
	
	/* Finally, have BlockCryptor do its setup */
	setup(GLADMAN_BLOCK_SIZE_BYTES, context);
	mInitFlag = true;
}	

/*
 * Functions called by BlockCryptor
 * FIXME make this multi-block capabl3e 
 */
void GAESContext::encryptBlock(
	const void		*plainText,			// length implied (one block)
	size_t			plainTextLen,
	void 			*cipherText,	
	size_t			&cipherTextLen,		// in/out, throws on overflow
	bool			final)				// ignored
{
	if(cipherTextLen < plainTextLen) {
		CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
	}
    (void) CCCryptorEncryptDataBlock(mAesKey, NULL, plainText, plainTextLen, cipherText);

	cipherTextLen = plainTextLen;
}

void GAESContext::decryptBlock(
	const void		*cipherText,		// length implied (one cipher block)
	size_t			cipherTextLen,	
	void			*plainText,	
	size_t			&plainTextLen,		// in/out, throws on overflow
	bool			final)				// ignored
{
	if(plainTextLen < cipherTextLen) {
		CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
	}
    (void) CCCryptorDecryptDataBlock(mAesKey, NULL, cipherText, cipherTextLen, plainText);
	plainTextLen = cipherTextLen;
}
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2000-2001,2011-2012,2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	* gladmanContext.cpp - glue between BlockCryptor and Gladman AES implementation
b1ab9ed8 A	21	*/
	22
	23	#include "gladmanContext.h"
	24	#include "cspdebugging.h"
	25	#include <CommonCrypto/CommonCryptor.h>
	26
	27	/*
	28	* AES encrypt/decrypt.
	29	*/
	30	GAESContext::GAESContext(AppleCSPSession &session) :
	31	BlockCryptor(session),
	32	mAesKey(NULL),
	33	mInitFlag(false),
	34	mRawKeySize(0),
	35	mWasEncrypting(false)
	36	{
	37	cbcCapable(false);
	38	multiBlockCapable(false);
	39	}
	40
	41	GAESContext::~GAESContext()
	42	{
	43	if(mAesKey) {
	44	CCCryptorFinal(mAesKey,NULL,0,NULL);
	45	CCCryptorRelease(mAesKey);
	46	mAesKey = NULL;
	47	}
	48
	49	deleteKey();
	50	memset(mRawKey, 0, MAX_AES_KEY_BITS / 8);
	51	mInitFlag = false;
	52	}
	53
	54	void GAESContext::deleteKey()
	55	{
	56	mRawKeySize = 0;
	57	}
	58
	59	/*
	60	* Standard CSPContext init, called from CSPFullPluginSession::init().
	61	* Reusable, e.g., query followed by en/decrypt. Even reusable after context
	62	* changed (i.e., new IV in Encrypted File System).
	63	*/
	64	void GAESContext::init(
	65	const Context &context,
	66	bool encrypting)
	67	{
	68	if(mInitFlag && !opStarted()) {
	69	return;
	70	}
	71
	72	CSSM_SIZE keyLen;
	73	uint8 *keyData = NULL;
	74	bool sameKeySize = false;
	75
	76	/* obtain key from context */
	77	symmetricKeyBits(context, session(), CSSM_ALGID_AES,
	78	encrypting ? CSSM_KEYUSE_ENCRYPT : CSSM_KEYUSE_DECRYPT,
	79	keyData, keyLen);
	80
	81	switch(keyLen) {
	82	case kCCKeySizeAES128:
	83	case kCCKeySizeAES192:
	84	case kCCKeySizeAES256:
85	break;
86	default:
87	CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
88	}
89
90	/*
91	* Delete existing key if key size changed
92	*/
93	if(mRawKeySize == keyLen) {
94	sameKeySize = true;
95	}
96	else {
97	deleteKey();
98	}
99
100	/*
101	* Init key only if key size or key bits have changed, or
102	* we're doing a different operation than the previous key
103	* was scheduled for.
104	*/
105	if(!sameKeySize \|\| (mWasEncrypting != encrypting) \|\|
106	memcmp(mRawKey, keyData, mRawKeySize)) {
107	(void) CCCryptorCreateWithMode(0, kCCModeECB, kCCAlgorithmAES128, ccDefaultPadding, NULL, keyData, keyLen, NULL, 0, 0, 0, &mAesKey);
108
109	/* save this raw key data */
110	memmove(mRawKey, keyData, keyLen);
427c49bc	111	mRawKeySize = (uint32)keyLen;
b1ab9ed8 A	112	mWasEncrypting = encrypting;
	113	}
	114
	115	/* we handle CBC, and hence the IV, ourselves */
	116	CSSM_ENCRYPT_MODE cssmMode = context.getInt(CSSM_ATTRIBUTE_MODE);
	117	switch (cssmMode) {
	118	/* no mode attr --> 0 == CSSM_ALGMODE_NONE, not currently supported */
	119	case CSSM_ALGMODE_CBCPadIV8:
	120	case CSSM_ALGMODE_CBC_IV8:
	121	{
	122	CssmData *iv = context.get<CssmData>(CSSM_ATTRIBUTE_INIT_VECTOR);
	123	if(iv == NULL) {
	124	CssmError::throwMe(CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR);
	125	}
	126	if(iv->Length != kCCBlockSizeAES128) {
	127	CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR);
	128	}
	129	}
	130	break;
	131	default:
	132	break;
	133	}
	134
	135	/* Finally, have BlockCryptor do its setup */
	136	setup(GLADMAN_BLOCK_SIZE_BYTES, context);
	137	mInitFlag = true;
	138	}
	139
	140	/*
	141	* Functions called by BlockCryptor
	142	* FIXME make this multi-block capabl3e
	143	*/
	144	void GAESContext::encryptBlock(
	145	const void *plainText, // length implied (one block)
	146	size_t plainTextLen,
	147	void *cipherText,
	148	size_t &cipherTextLen, // in/out, throws on overflow
	149	bool final) // ignored
	150	{
	151	if(cipherTextLen < plainTextLen) {
	152	CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
	153	}
	154	(void) CCCryptorEncryptDataBlock(mAesKey, NULL, plainText, plainTextLen, cipherText);
	155
	156	cipherTextLen = plainTextLen;
	157	}
	158
	159	void GAESContext::decryptBlock(
	160	const void *cipherText, // length implied (one cipher block)
	161	size_t cipherTextLen,
	162	void *plainText,
	163	size_t &plainTextLen, // in/out, throws on overflow
	164	bool final) // ignored
	165	{
	166	if(plainTextLen < cipherTextLen) {
	167	CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
	168	}
	169	(void) CCCryptorDecryptDataBlock(mAesKey, NULL, cipherText, cipherTextLen, plainText);
	170	plainTextLen = cipherTextLen;
	171	}
	172