2 * Copyright (c) 2000-2001,2011-2012,2014 Apple Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 * aescsp.cpp - glue between BlockCryptor and AES implementation
24 #include "rijndaelApi.h"
25 #include "rijndael-alg-ref.h"
26 #include "cspdebugging.h"
28 #define DEFAULT_BLOCK_SIZE (MIN_AES_BLOCK_BITS / 8)
31 * AES symmetric key generation.
32 * This algorithm has key size restrictions which don't fit with the
33 * standard AppleSymmKeyGenContext model so we have to do some addditional
36 void AESKeyGenContext::generate(
37 const Context
&context
,
41 uint32 reqKeySize
= context
.getInt(
42 CSSM_ATTRIBUTE_KEY_LENGTH
,
43 CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH
);
45 case MIN_AES_KEY_BITS
:
46 case MID_AES_KEY_BITS
:
47 case MAX_AES_KEY_BITS
:
50 CssmError::throwMe(CSSMERR_CSP_UNSUPPORTED_KEY_SIZE
);
52 AppleSymmKeyGenContext::generateSymKey(
59 * AES encrypt/decrypt.
61 AESContext::~AESContext()
64 memset(mRawKey
, 0, MAX_AES_KEY_BITS
/ 8);
68 void AESContext::aesError(
73 errorLog2("AESContext: %s : %d\n", errStr
, artn
);
75 case BAD_KEY_INSTANCE
:
77 crtn
= CSSMERR_CSP_INTERNAL_ERROR
;
80 crtn
= CSSMERR_CSP_INVALID_KEY
;
83 CssmError::throwMe(crtn
);
86 void AESContext::deleteKey()
89 memset(mAesKey
, 0, sizeof(keyInstance
));
90 session().free(mAesKey
);
96 * Standard CSPContext init, called from CSPFullPluginSession::init().
97 * Reusable, e.g., query followed by en/decrypt. Even reusable after context
98 * changed (i.e., new IV in Encrypted File System).
100 void AESContext::init(
101 const Context
&context
,
104 if(mInitFlag
&& !opStarted()) {
109 uint8
*keyData
= NULL
;
110 unsigned lastBlockSize
= mBlockSize
; // may be 0 (first time thru)
111 bool sameKeyAndBlockSizes
= false;
113 /* obtain key from context */
114 symmetricKeyBits(context
, session(), CSSM_ALGID_AES
,
115 encrypting
? CSSM_KEYUSE_ENCRYPT
: CSSM_KEYUSE_DECRYPT
,
119 case MIN_AES_KEY_BITS
/ 8:
120 case MID_AES_KEY_BITS
/ 8:
121 case MAX_AES_KEY_BITS
/ 8:
124 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY
);
129 * block size is optional
131 mBlockSize
= context
.getInt(CSSM_ATTRIBUTE_BLOCK_SIZE
);
132 if(mBlockSize
== 0) {
133 mBlockSize
= DEFAULT_BLOCK_SIZE
;
138 * Delete existing key if key size or block size changed
140 if((lastBlockSize
== mBlockSize
) && (mRawKeySize
== keyLen
)) {
141 sameKeyAndBlockSizes
= true;
143 if((mAesKey
!= NULL
) && !sameKeyAndBlockSizes
) {
148 #if !GLADMAN_AES_128_ENABLE
149 if((mBlockSize
== (MIN_AES_BLOCK_BITS
/8)) &&
150 (keyLen
== (MIN_AES_KEY_BITS
/8)) &&
154 #endif /* !GLADMAN_AES_128_ENABLE */
156 /* create new key if needed */
157 if(mAesKey
== NULL
) {
158 mAesKey
= (keyInstance
*)session().malloc(sizeof(keyInstance
));
161 /* init key only if key size, block size, or key bits have changed */
162 if(!sameKeyAndBlockSizes
|| memcmp(mRawKey
, keyData
, mRawKeySize
)) {
163 int artn
= makeKey((keyInstance
*)mAesKey
,
169 aesError(artn
, "makeKey");
172 /* save this raw key data */
173 memmove(mRawKey
, keyData
, mRawKeySize
);
174 mRawKeySize
= (uint32
)keyLen
;
177 #if !GLADMAN_AES_128_ENABLE
180 mEncryptFcn
= rijndaelBlockEncrypt128
;
181 mDecryptFcn
= rijndaelBlockDecrypt128
;
184 /* common standard path */
185 mEncryptFcn
= rijndaelBlockEncrypt
;
186 mDecryptFcn
= rijndaelBlockDecrypt
;
189 /* common standard path */
190 mEncryptFcn
= rijndaelBlockEncrypt
;
191 mDecryptFcn
= rijndaelBlockDecrypt
;
192 #endif /* !GLADMAN_AES_128_ENABLE */
194 /* Finally, have BlockCryptor do its setup */
195 setup(mBlockSize
, context
);
200 * Functions called by BlockCryptor
202 void AESContext::encryptBlock(
203 const void *plainText
, // length implied (one block)
206 size_t &cipherTextLen
, // in/out, throws on overflow
207 bool final
) // ignored
209 if(plainTextLen
!= mBlockSize
) {
210 CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR
);
212 if(cipherTextLen
< mBlockSize
) {
213 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR
);
215 int artn
= mEncryptFcn(mAesKey
,
217 (word8
*)cipherText
);
219 aesError(artn
, "rijndaelBlockEncrypt");
221 cipherTextLen
= mBlockSize
;
224 void AESContext::decryptBlock(
225 const void *cipherText
, // length implied (one cipher block)
226 size_t cipherTextLen
,
228 size_t &plainTextLen
, // in/out, throws on overflow
229 bool final
) // ignored
231 if(plainTextLen
< mBlockSize
) {
232 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR
);
234 int artn
= mDecryptFcn(mAesKey
,
238 aesError(artn
, "rijndaelBlockDecrypt");
240 plainTextLen
= mBlockSize
;