+++ /dev/null
-/*
- * Copyright (c) 1999-2001,2005-2008,2010-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-/*
- * symCipher.c - CommonCrypto-based symmetric cipher module
- */
-
-/* THIS FILE CONTAINS KERNEL CODE */
-
-#include "sslBuildFlags.h"
-#include "sslDebug.h"
-#include "sslMemory.h"
-#include "symCipher.h"
-#include "cipherSpecs.h"
-#include "SSLRecordInternal.h"
-
-#ifdef KERNEL
-
-#include <corecrypto/ccaes.h>
-#include <corecrypto/ccdes.h>
-#include <corecrypto/ccmode.h>
-
-#include <AssertMacros.h>
-
-struct SymCipherContext {
- const struct ccmode_cbc *cbc;
- cccbc_ctx u[]; /* this will have the key and iv */
-};
-
-/* Macros for accessing the content of a SymCipherContext */
-
-/*
- SymCipherContext looks like this in memory:
-
- {
- const struct ccmode_cbc *cbc;
- cccbc_ctx key[n];
- cccbc_iv iv[m];
- }
-
- cccbc_ctx and cccbc_iv are typedef-ined as aligned opaque struct, the actual contexts are arrays
- of those types normally declared with a cc_ctx_decl macro.
- The cc_ctx_n macros gives the number of elements in those arrays that are needed to store the
- contexts.
- The size of the context depends on the actual cbc implementation used.
-*/
-
-
-/* CTX_SIZE: Total size of the SymCipherContext struct for a cbc implementation */
-static inline
-size_t CTX_SIZE(const struct ccmode_cbc *cbc)
-{
-#ifdef __CC_HAS_FIX_FOR_11468135__
- return (sizeof(SymCipherContext) + (sizeof(cccbc_ctx) * (cc_ctx_n(cccbc_ctx, cbc->size) + cc_ctx_n(cccbc_iv, cbc->block_size))));
-#else
- /* This is approximate, but will work in that case, this code will go away after we transition */
- return (sizeof(SymCipherContext) + sizeof(cccbc_ctx) + cbc->size);
-#endif
-}
-
-/* CTX_KEY: Address of the key context in the SymCipherContext struct */
-static inline
-cccbc_ctx *CTX_KEY(struct SymCipherContext *ctx)
-{
- return &ctx->u[0];
-}
-
-
-/* CTX_IV: Address of the iv context in the SymCipherContext struct */
-#ifdef __CC_HAS_FIX_FOR_11468135__
-static inline
-cccbc_iv *CTX_IV(struct SymCipherContext *ctx)
-{
- return (cccbc_iv *)&ctx->u[cc_ctx_n(cccbc_ctx, ctx->cbc->size)];
-}
-#endif
-
-static
-const void *ccmode(SSL_CipherAlgorithm alg, int enc)
-{
- switch(alg) {
- case SSL_CipherAlgorithmAES_128_CBC:
- case SSL_CipherAlgorithmAES_256_CBC:
- return enc?ccaes_cbc_encrypt_mode():ccaes_cbc_decrypt_mode();
- case SSL_CipherAlgorithm3DES_CBC:
- return enc?ccdes3_cbc_encrypt_mode():ccdes3_cbc_decrypt_mode();
- case SSL_CipherAlgorithmAES_128_GCM:
- case SSL_CipherAlgorithmAES_256_GCM:
- case SSL_CipherAlgorithmRC4_128:
- /* TODO: we should do RC4 for TLS, but we dont need it for DTLS */
- default:
- check(0);
- return NULL; /* This will cause CCCryptorCreate to return an error */
- }
-}
-
-static
-int CCSymmInit(
- const SSLSymmetricCipherParams *params,
- int encrypting,
- uint8_t *key,
- uint8_t* iv,
- SymCipherContext *cipherCtx)
-{
- check(cipherCtx!=NULL);
- check(params);
- SymCipherContext ctx = *cipherCtx;
-
- /*
- * Cook up a cccbx_ctx object. Assumes:
- * cipherCtx->symCipher.keyAlg
- * cipherCtx->encrypting
- * key (raw key bytes)
- * iv (raw bytes)
- * On successful exit:
- * Resulting ccmode --> cipherCtx
- */
-
- /* FIXME: this should not be needed as long as CCSymFinish is called */
- if(ctx) {
- sslFree(ctx);
- ctx = NULL;
- }
-
- const struct ccmode_cbc *cbc = ccmode(params->keyAlg, encrypting);
-
- ctx = sslMalloc(CTX_SIZE(cbc));
-
- if(ctx==NULL) {
- sslErrorLog("CCSymmInit: Can't allocate context\n");
- return errSSLRecordInternal;
- }
-
- ctx->cbc = cbc;
-
-#ifdef __CC_HAS_FIX_FOR_11468135__
- cccbc_init(cbc, CTX_KEY(ctx), params->keySize, key);
- cccbc_set_iv(cbc, CTX_IV(ctx), iv);
-#else
- cccbc_init(cbc, CTX_KEY(ctx), params->keySize, key, iv);
-#endif
-
- *cipherCtx = ctx;
- return 0;
-}
-
-/* same for en/decrypt */
-static
-int CCSymmEncryptDecrypt(
- const uint8_t *src,
- uint8_t *dest,
- size_t len,
- SymCipherContext cipherCtx)
-{
-
- ASSERT(cipherCtx != NULL);
- ASSERT(cipherCtx->cbc != NULL);
-
- if(cipherCtx == NULL || cipherCtx->cbc == NULL) {
- sslErrorLog("CCSymmEncryptDecrypt: NULL cipherCtx\n");
- return errSSLRecordInternal;
- }
-
- ASSERT((len%cipherCtx->cbc->block_size)==0);
-
- if(len%cipherCtx->cbc->block_size) {
- sslErrorLog("CCSymmEncryptDecrypt: Invalid size\n");
- return errSSLRecordInternal;
- }
-
- unsigned long nblocks = len/cipherCtx->cbc->block_size;
-
-#ifdef __CC_HAS_FIX_FOR_11468135__
- cccbc_update(cipherCtx->cbc, CTX_KEY(cipherCtx), CTX_IV(cipherCtx), nblocks, src, dest);
-#else
- cipherCtx->cbc->cbc(CTX_KEY(cipherCtx), nblocks, src, dest);
-#endif
- return 0;
-}
-
-static
-int CCSymmFinish(
- SymCipherContext cipherCtx)
-{
- if(cipherCtx) {
- sslFree(cipherCtx);
- }
- return 0;
-}
-
-
-#else
-
-#define ENABLE_RC4 1
-#define ENABLE_3DES 1
-#define ENABLE_AES 1
-#define ENABLE_AES256 1
-
-/*
- * CommonCrypto-based symmetric cipher callouts
- */
-#include <CommonCrypto/CommonCryptor.h>
-#include <CommonCrypto/CommonCryptorSPI.h>
-#include <assert.h>
-
-static
-CCAlgorithm CCAlg(SSL_CipherAlgorithm alg)
-{
- switch(alg) {
- case SSL_CipherAlgorithmAES_128_CBC:
- case SSL_CipherAlgorithmAES_256_CBC:
- case SSL_CipherAlgorithmAES_128_GCM:
- case SSL_CipherAlgorithmAES_256_GCM:
- return kCCAlgorithmAES128; /* AES128 here means 128bit block size, not key size */
- case SSL_CipherAlgorithm3DES_CBC:
- return kCCAlgorithm3DES;
- case SSL_CipherAlgorithmDES_CBC:
- return kCCAlgorithmDES;
- case SSL_CipherAlgorithmRC4_128:
- return kCCAlgorithmRC4;
- case SSL_CipherAlgorithmRC2_128:
- return kCCAlgorithmRC2;
- default:
- assert(0);
- return (CCAlgorithm)(-1); /* This will cause CCCryptorCreate to return an error */
- }
-}
-
-static CCOptions CCOpt(CipherType cipherType)
-{
-#if 0
- if(cipherType==aeadCipherType) return kCCModeGCM;
-#endif
- return 0;
-}
-
-static
-int CCSymmInit(
- const SSLSymmetricCipherParams *params,
- int encrypting,
- uint8_t *key,
- uint8_t* iv,
- SymCipherContext *cipherCtx)
-{
- assert(cipherCtx!=NULL);
-
- /*
- * Cook up a CCCryptorRef. Assumes:
- * cipherCtx->symCipher.keyAlg
- * cipherCtx->encrypting
- * key (raw key bytes)
- * iv (raw bytes)
- * On successful exit:
- * Resulting CCCryptorRef --> cipherCtx->cryptorRef
- */
- CCCryptorStatus ccrtn;
- CCOperation op = encrypting ? kCCEncrypt : kCCDecrypt;
- CCCryptorRef cryptorRef = (CCCryptorRef)*cipherCtx;
-
- /* FIXME: this should not be needed as long as CCSymFinish is called */
- if(cryptorRef) {
- CCCryptorRelease(cryptorRef);
- cryptorRef = NULL;
- }
-
- ccrtn = CCCryptorCreate(op, CCAlg(params->keyAlg),
- /* options - gcm or no padding, default CBC */
- CCOpt(params->cipherType),
- key, params->keySize,
- iv,
- &cryptorRef);
- if(ccrtn) {
- sslErrorLog("CCCryptorCreate returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
- *cipherCtx = (SymCipherContext)cryptorRef;
- return 0;
-}
-
-/* same for en/decrypt */
-static
-int CCSymmEncryptDecrypt(
- const uint8_t *src,
- uint8_t *dest,
- size_t len,
- SymCipherContext cipherCtx)
-{
- CCCryptorStatus ccrtn;
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
- ASSERT(cryptorRef != NULL);
- if(cryptorRef == NULL) {
- sslErrorLog("CCSymmEncryptDecrypt: NULL cryptorRef\n");
- return errSSLRecordInternal;
- }
- size_t data_moved;
- ccrtn = CCCryptorUpdate(cryptorRef, src, len,
- dest, len, &data_moved);
- assert(data_moved == len);
-#if SSL_DEBUG
- if(ccrtn) {
- sslErrorLog("CCSymmEncryptDecrypt: returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
-#endif
- return 0;
-}
-
-#if ENABLE_AES_GCM
-
-/* same for en/decrypt */
-static
-int CCSymmAEADSetIV(
- const uint8_t *iv,
- size_t len,
- SymCipherContext cipherCtx)
-{
- CCCryptorStatus ccrtn;
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
-
- ASSERT(cryptorRef != NULL);
- if(cryptorRef == NULL) {
- sslErrorLog("CCSymmAEADAddIV: NULL cryptorRef\n");
- return errSecInternalComponent;
- }
- ccrtn = CCCryptorGCMAddIV(cryptorRef, iv, len);
-#if SSL_DEBUG
- if(ccrtn) {
- sslErrorLog("CCSymmAEADAddIV: returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
-#endif
- return 0;
-}
-
-/* same for en/decrypt */
-static
-int CCSymmAddADD(
- const uint8_t *src,
- size_t len,
- SymCipherContext cipherCtx)
-{
- CCCryptorStatus ccrtn;
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
-
- ASSERT(cryptorRef != NULL);
- if(cryptorRef == NULL) {
- sslErrorLog("CCSymmAddADD: NULL cryptorRef\n");
- return errSSLRecordInternal;
- }
- ccrtn = CCCryptorGCMAddADD(cryptorRef, src, len);
-#if SSL_DEBUG
- if(ccrtn) {
- sslErrorLog("CCSymmAddADD: returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
-#endif
- return 0;
-}
-
-static
-int CCSymmAEADEncrypt(
- const uint8_t *src,
- uint8_t *dest,
- size_t len,
- SymCipherContext cipherCtx)
-{
- CCCryptorStatus ccrtn;
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
-
- ASSERT(cryptorRef != NULL);
- if(cryptorRef == NULL) {
- sslErrorLog("CCSymmAEADEncrypt: NULL cryptorRef\n");
- return errSSLRecordInternal;
- }
- ccrtn = CCCryptorGCMEncrypt(cryptorRef, src, len, dest);
-#if SSL_DEBUG
- if(ccrtn) {
- sslErrorLog("CCSymmAEADEncrypt: returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
-#endif
- return 0;
-}
-
-
-static
-int CCSymmAEADDecrypt(
- const uint8_t *src,
- uint8_t *dest,
- size_t len,
- SymCipherContext cipherCtx)
-{
- CCCryptorStatus ccrtn;
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
-
- ASSERT(cipherCtx != NULL);
- ASSERT(cipherCtx->cryptorRef != NULL);
- if(cipherCtx->cryptorRef == NULL) {
- sslErrorLog("CCSymmAEADDecrypt: NULL cryptorRef\n");
- return errSSLRecordInternal;
- }
- ccrtn = CCCryptorGCMDecrypt(cryptorRef, src, len, dest);
-#if SSL_DEBUG
- if(ccrtn) {
- sslErrorLog("CCSymmAEADDecrypt: returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
-#endif
- return 0;
-}
-
-
-static
-int CCSymmAEADDone(
- uint8_t *mac,
- size_t *macLen,
- SymCipherContext cipherCtx)
-{
- CCCryptorStatus ccrtn;
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
-
- ASSERT(cipherCtx != NULL);
- ASSERT(cipherCtx->cryptorRef != NULL);
- if(cipherCtx->cryptorRef == NULL) {
- sslErrorLog("CCSymmAEADDone: NULL cryptorRef\n");
- return errSSLRecordInternal;
- }
- ccrtn = CCCryptorGCMFinal(cipherCtx->cryptorRef, mac, macLen);
- CCCryptorStatus ccrtn2 = CCCryptorGCMReset(cipherCtx->cryptorRef);
- if (ccrtn == kCCSuccess)
- ccrtn = ccrtn2;
-#if SSL_DEBUG
- if(ccrtn) {
- sslErrorLog("CCSymmAEADDone: returned %d\n", (int)ccrtn);
- return errSSLRecordInternal;
- }
-#endif
- return 0;
-}
-#endif
-
-static
-int CCSymmFinish(
- SymCipherContext cipherCtx)
-{
- CCCryptorRef cryptorRef = (CCCryptorRef)cipherCtx;
-
- if(cryptorRef) {
- CCCryptorRelease(cryptorRef);
- }
- return 0;
-}
-
-#endif /* KERNEL */
-
-#if ENABLE_DES
-const SSLSymmetricCipher SSLCipherDES_CBC = {
- .params = &SSLCipherDES_CBCParams,
- .c.cipher = {
- .initialize = CCSymmInit,
- .encrypt = CCSymmEncryptDecrypt,
- .decrypt = CCSymmEncryptDecrypt
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_DES */
-
-#if ENABLE_3DES
-const SSLSymmetricCipher SSLCipher3DES_CBC = {
- .params = &SSLCipher3DES_CBCParams,
- .c.cipher = {
- .initialize = CCSymmInit,
- .encrypt = CCSymmEncryptDecrypt,
- .decrypt = CCSymmEncryptDecrypt
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_3DES */
-
-#if ENABLE_RC4
-const SSLSymmetricCipher SSLCipherRC4_128 = {
- .params = &SSLCipherRC4_128Params,
- .c.cipher = {
- .initialize = CCSymmInit,
- .encrypt = CCSymmEncryptDecrypt,
- .decrypt = CCSymmEncryptDecrypt
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_RC4 */
-
-#if ENABLE_RC2
-const SSLSymmetricCipher SSLCipherRC2_128 = {
- .params = &SSLCipherRC2_128Params,
- .c.cipher = {
- .initialize = CCSymmInit,
- .encrypt = CCSymmEncryptDecrypt,
- .decrypt = CCSymmEncryptDecrypt
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_RC2*/
-
-#if ENABLE_AES
-const SSLSymmetricCipher SSLCipherAES_128_CBC = {
- .params = &SSLCipherAES_128_CBCParams,
- .c.cipher = {
- .initialize = CCSymmInit,
- .encrypt = CCSymmEncryptDecrypt,
- .decrypt = CCSymmEncryptDecrypt
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_AES */
-
-#if ENABLE_AES256
-const SSLSymmetricCipher SSLCipherAES_256_CBC = {
- .params = &SSLCipherAES_256_CBCParams,
- .c.cipher = {
- .initialize = CCSymmInit,
- .encrypt = CCSymmEncryptDecrypt,
- .decrypt = CCSymmEncryptDecrypt
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_AES256 */
-
-#if ENABLE_AES_GCM
-const SSLSymmetricCipher SSLCipherAES_128_GCM = {
- .params = &SSLCipherAES_128_GCMParams,
- .c.aead = {
- .initialize = CCSymmInit,
- .setIV = CCSymmAEADSetIV,
- .update = CCSymmAddADD,
- .encrypt = CCSymmAEADEncrypt,
- .decrypt = CCSymmAEADDecrypt,
- .done = CCSymmAEADDone
- },
- .finish = CCSymmFinish
-};
-
-const SSLSymmetricCipher SSLCipherAES_256_GCM = {
- .params = &SSLCipherAES_256_GCMParams,
- .c.aead = {
- .initialize = CCSymmInit,
- .setIV = CCSymmAEADSetIV,
- .update = CCSymmAddADD,
- .encrypt = CCSymmAEADEncrypt,
- .decrypt = CCSymmAEADDecrypt,
- .done = CCSymmAEADDone
- },
- .finish = CCSymmFinish
-};
-#endif /* ENABLE_AES_GCM */
projects / apple / security.git / blobdiff