OSX/libsecurity_apple_csp/lib/desContext.cpp

   1 /*
   2  * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 /*
  20  * desContext.cpp - glue between BlockCrytpor and DES implementation
  21  */
  22
  23 #include "desContext.h"
  24 #include <security_utilities/debugging.h>
  25 #include <security_utilities/globalizer.h>
  26 #include <security_utilities/threading.h>
  27
  28 #define DESDebug(args...)       secinfo("desContext", ## args)
  29
  30 /*
  31  * DES encrypt/decrypt.
  32  */
  33 DESContext::DESContext(AppleCSPSession &session) : BlockCryptor(session), DesInst(NULL)
  34 {
  35 }
  36
  37 DESContext::~DESContext()
  38 {
  39     if (DesInst != NULL) {
  40         CCCryptorRelease(DesInst);
  41     }
  42
  43     DesInst = NULL;
  44 }
  45
  46 /*
  47  * Standard CSPContext init, called from CSPFullPluginSession::init().
  48  * Reusable, e.g., query followed by en/decrypt.
  49  */
  50 void DESContext::init(
  51         const Context &context,
  52         bool encrypting)
  53 {
  54         CSSM_SIZE       keyLen;
  55         uint8           *keyData        = NULL;
  56
  57         /* obtain key from context */
  58         symmetricKeyBits(context, session(), CSSM_ALGID_DES,
  59                 encrypting ? CSSM_KEYUSE_ENCRYPT : CSSM_KEYUSE_DECRYPT,
  60                 keyData, keyLen);
  61         if(keyLen != (DES_KEY_SIZE_BITS_EXTERNAL / 8)) {
  62                 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
  63         }
  64
  65     if (DesInst != NULL)
  66     {
  67         CCCryptorRelease(DesInst);
  68         DesInst = NULL;
  69     }
  70
  71     (void) CCCryptorCreateWithMode(0, kCCModeECB, kCCAlgorithmDES, ccDefaultPadding, NULL, keyData, kCCKeySizeDES, NULL, 0, 0, 0, &DesInst);
  72
  73         /* Finally, have BlockCryptor do its setup */
  74         setup(DES_BLOCK_SIZE_BYTES, context);
  75 }
  76
  77 /*
  78  * Functions called by BlockCryptor
  79  * DES does encrypt/decrypt in place
  80  */
  81 void DESContext::encryptBlock(
  82         const void              *plainText,                     // length implied (one block)
  83         size_t                  plainTextLen,
  84         void                    *cipherText,
  85         size_t                  &cipherTextLen,         // in/out, throws on overflow
  86         bool                    final)                          // ignored
  87 {
  88         if(plainTextLen != DES_BLOCK_SIZE_BYTES) {
  89                 CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
  90         }
  91         if(cipherTextLen < DES_BLOCK_SIZE_BYTES) {
  92                 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
  93         }
  94     (void) CCCryptorEncryptDataBlock(DesInst, NULL, plainText, DES_BLOCK_SIZE_BYTES, cipherText);
  95         cipherTextLen = DES_BLOCK_SIZE_BYTES;
  96 }
  97
  98 void DESContext::decryptBlock(
  99         const void              *cipherText,            // length implied (one block)
 100         size_t                  cipherTextLen,
 101         void                    *plainText,
 102         size_t                  &plainTextLen,          // in/out, throws on overflow
 103         bool                    final)                          // ignored
 104 {
 105         if(plainTextLen < DES_BLOCK_SIZE_BYTES) {
 106                 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
 107         }
 108         if(plainText != cipherText) {
 109                 /* little optimization for callers who want to decrypt in place */
 110                 memmove(plainText, cipherText, DES_BLOCK_SIZE_BYTES);
 111         }
 112     (void) CCCryptorDecryptDataBlock(DesInst, NULL, cipherText, DES_BLOCK_SIZE_BYTES, plainText);
 113         plainTextLen = DES_BLOCK_SIZE_BYTES;
 114 }
 115
 116 /***
 117  *** Triple-DES - EDE, 24-bit key only
 118  ***/
 119
 120 DES3Context::DES3Context(AppleCSPSession &session) : BlockCryptor(session), DesInst(NULL)
 121 {
 122 }
 123
 124
 125
 126 DES3Context::~DES3Context()
 127 {
 128     if (DesInst != NULL) {
 129         CCCryptorRelease(DesInst);
 130     }
 131
 132     DesInst = NULL;
 133 }
 134
 135 /*
 136  * Standard CSPContext init, called from CSPFullPluginSession::init().
 137  * Reusable, e.g., query followed by en/decrypt.
 138  */
 139 void DES3Context::init(
 140         const Context &context,
 141         bool encrypting)
 142 {
 143         CSSM_SIZE       keyLen;
 144         uint8           *keyData        = NULL;
 145
 146         /* obtain key from context */
 147         symmetricKeyBits(context, session(), CSSM_ALGID_3DES_3KEY_EDE,
 148                 encrypting ? CSSM_KEYUSE_ENCRYPT : CSSM_KEYUSE_DECRYPT,
 149                 keyData, keyLen);
 150         if(keyLen != DES3_KEY_SIZE_BYTES) {
 151                 CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_KEY);
 152         }
 153
 154     if (DesInst != NULL) {
 155         CCCryptorRelease(DesInst);
 156         DesInst = NULL;
 157     }
 158
 159     (void) CCCryptorCreateWithMode(0, kCCModeECB, kCCAlgorithm3DES, ccDefaultPadding, NULL, keyData, kCCKeySize3DES, NULL, 0, 0, 0, &DesInst);
 160
 161         /* Finally, have BlockCryptor do its setup */
 162         setup(DES3_BLOCK_SIZE_BYTES, context);
 163 }
 164
 165 /*
 166  * Functions called by BlockCryptor
 167  * DES does encrypt/decrypt in place
 168  */
 169 void DES3Context::encryptBlock(
 170         const void              *plainText,                     // length implied (one block)
 171         size_t                  plainTextLen,
 172         void                    *cipherText,
 173         size_t                  &cipherTextLen,         // in/out, throws on overflow
 174         bool                    final)                          // ignored
 175 {
 176         if(plainTextLen != DES3_BLOCK_SIZE_BYTES) {
 177                 CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
 178         }
 179         if(cipherTextLen < DES3_BLOCK_SIZE_BYTES) {
 180                 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
 181         }
 182     (void) CCCryptorEncryptDataBlock(DesInst, NULL, plainText, DES3_BLOCK_SIZE_BYTES, cipherText);
 183         cipherTextLen = DES3_BLOCK_SIZE_BYTES;
 184 }
 185
 186 void DES3Context::decryptBlock(
 187         const void              *cipherText,            // length implied (one block)
 188         size_t                  cipherTextLen,
 189         void                    *plainText,
 190         size_t                  &plainTextLen,          // in/out, throws on overflow
 191         bool                    final)                          // ignored
 192 {
 193         if(plainTextLen < DES3_BLOCK_SIZE_BYTES) {
 194                 CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
 195         }
 196     (void) CCCryptorDecryptDataBlock(DesInst, NULL, cipherText, DES3_BLOCK_SIZE_BYTES, plainText);
 197         plainTextLen = DES3_BLOCK_SIZE_BYTES;
 198 }