[apple/xnu.git] / libkern / crypto / corecrypto_aes.c

/*
 * Copyright (c) 2012 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */

#include <libkern/crypto/crypto_internal.h>
#include <libkern/crypto/aes.h>
#include <corecrypto/ccmode.h>
#include <corecrypto/ccaes.h>
#include <kern/debug.h>

aes_rval aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
{
	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_encrypt;

    /* Make sure the context size for the mode fits in the one we have */
    if(cbc->size>sizeof(aes_encrypt_ctx))
        panic("%s: inconsistent size for AES encrypt context", __FUNCTION__);

	cccbc_init(cbc, cx[0].ctx, key_len, key);

	return aes_good;
}

aes_rval aes_encrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
					 unsigned char *out_blk, aes_encrypt_ctx cx[1])
{
	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_encrypt;
	cccbc_iv_decl(cbc->block_size, ctx_iv);

	cccbc_set_iv(cbc, ctx_iv, in_iv);
	cccbc_update(cbc, cx[0].ctx, ctx_iv, num_blk, in_blk, out_blk);	//Actually cbc encrypt.

	return aes_good;
}

#if defined (__i386__) || defined (__x86_64__) || defined (__arm64__)
/* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */
aes_rval aes_encrypt(const unsigned char *in_blk, unsigned char *out_blk, aes_encrypt_ctx cx[1])
{
       return aes_encrypt_cbc(in_blk, NULL, 1, out_blk, cx);    
}
#endif

aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
{
	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_decrypt;

    /* Make sure the context size for the mode fits in the one we have */
    if(cbc->size>sizeof(aes_decrypt_ctx))
        panic("%s: inconsistent size for AES decrypt context", __FUNCTION__);

	cccbc_init(cbc, cx[0].ctx, key_len, key);

	return aes_good;
}

aes_rval aes_decrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
					 	 unsigned char *out_blk, aes_decrypt_ctx cx[1])
{
	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_decrypt;
	cccbc_iv_decl(cbc->block_size, ctx_iv);

	cccbc_set_iv(cbc, ctx_iv, in_iv);
	cccbc_update(cbc, cx[0].ctx, ctx_iv, num_blk, in_blk, out_blk);	//Actually cbc decrypt.

	return aes_good;
}

#if defined (__i386__) || defined (__x86_64__) || defined (__arm64__)
/* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */
aes_rval aes_decrypt(const unsigned char *in_blk, unsigned char *out_blk, aes_decrypt_ctx cx[1])
{
	return aes_decrypt_cbc(in_blk, NULL, 1, out_blk, cx);
}
#endif

aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
{
	return aes_encrypt_key(key, 16, cx);
}

aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
{
	return aes_decrypt_key(key, 16, cx);
}


aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
{
	return aes_encrypt_key(key, 32, cx);
}

aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
{
	return aes_decrypt_key(key, 32, cx);
}

aes_rval aes_encrypt_key_gcm(const unsigned char *key, int key_len, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_init(gcm, ctx, key_len, key);
	return aes_good;
}

aes_rval aes_encrypt_set_iv_gcm(const unsigned char *in_iv, unsigned int len, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_set_iv(gcm, ctx, len, in_iv);
	return aes_good;
}

aes_rval aes_encrypt_aad_gcm(const unsigned char *aad, unsigned int aad_bytes, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_gmac(gcm, ctx, aad_bytes, aad);
	return aes_good;
}

aes_rval aes_encrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes, 
			 unsigned char *out_blk, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk);	//Actually gcm encrypt.
	return aes_good;
}

aes_rval aes_encrypt_finalize_gcm(unsigned char *tag, unsigned int tag_bytes, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_finalize(gcm, ctx, tag_bytes, tag);
	ccgcm_reset(gcm, ctx);
	return aes_good;
}

aes_rval aes_decrypt_key_gcm(const unsigned char *key, int key_len, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_init(gcm, ctx, key_len, key);
	return aes_good;
}

aes_rval aes_decrypt_set_iv_gcm(const unsigned char *in_iv, unsigned int len, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_set_iv(gcm, ctx, len, in_iv);
	return aes_good;
}

aes_rval aes_decrypt_aad_gcm(const unsigned char *aad, unsigned int aad_bytes, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_gmac(gcm, ctx, aad_bytes, aad);
	return aes_good;
}

aes_rval aes_decrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes,
			 unsigned char *out_blk, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk);	//Actually gcm decrypt.
	return aes_good;
}

aes_rval aes_decrypt_finalize_gcm(unsigned char *tag, unsigned int tag_bytes, ccgcm_ctx *ctx)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	if (!gcm) {
	        return aes_error;
	}

	ccgcm_finalize(gcm, ctx, tag_bytes, tag);
	ccgcm_reset(gcm, ctx);
	return aes_good;
}

unsigned aes_encrypt_get_ctx_size_gcm(void)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	if (!gcm) {
	        return 0;
	}
	return (cc_ctx_sizeof(ccgcm_ctx, gcm->size));
}

unsigned aes_decrypt_get_ctx_size_gcm(void)
{
	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	if (!gcm) {
	        return 0;
	}
	return (cc_ctx_sizeof(ccgcm_ctx, gcm->size));
}
Commit	Line	Data
316670eb A	1	/*
	2	* Copyright (c) 2012 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
	14	*
	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
	25	*
	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
	27	*/
	28
	29	#include <libkern/crypto/crypto_internal.h>
	30	#include <libkern/crypto/aes.h>
	31	#include <corecrypto/ccmode.h>
	32	#include <corecrypto/ccaes.h>
	33	#include <kern/debug.h>
	34
	35	aes_rval aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
	36	{
	37	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_encrypt;
	38
	39	/* Make sure the context size for the mode fits in the one we have */
	40	if(cbc->size>sizeof(aes_encrypt_ctx))
	41	panic("%s: inconsistent size for AES encrypt context", __FUNCTION__);
	42
	43	cccbc_init(cbc, cx[0].ctx, key_len, key);
	44
	45	return aes_good;
	46	}
	47
	48	aes_rval aes_encrypt_cbc(const unsigned char in_blk, const unsigned char in_iv, unsigned int num_blk,
	49	unsigned char *out_blk, aes_encrypt_ctx cx[1])
	50	{
	51	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_encrypt;
	52	cccbc_iv_decl(cbc->block_size, ctx_iv);
	53
	54	cccbc_set_iv(cbc, ctx_iv, in_iv);
	55	cccbc_update(cbc, cx[0].ctx, ctx_iv, num_blk, in_blk, out_blk); //Actually cbc encrypt.
	56
	57	return aes_good;
	58	}
	59
fe8ab488	60	#if defined (__i386__) \|\| defined (__x86_64__) \|\| defined (__arm64__)
316670eb A	61	/* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */
	62	aes_rval aes_encrypt(const unsigned char in_blk, unsigned char out_blk, aes_encrypt_ctx cx[1])
	63	{
	64	return aes_encrypt_cbc(in_blk, NULL, 1, out_blk, cx);
	65	}
39236c6e	66	#endif
316670eb A	67
	68	aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
	69	{
	70	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_decrypt;
	71
	72	/* Make sure the context size for the mode fits in the one we have */
	73	if(cbc->size>sizeof(aes_decrypt_ctx))
	74	panic("%s: inconsistent size for AES decrypt context", __FUNCTION__);
	75
	76	cccbc_init(cbc, cx[0].ctx, key_len, key);
	77
	78	return aes_good;
	79	}
	80
	81	aes_rval aes_decrypt_cbc(const unsigned char in_blk, const unsigned char in_iv, unsigned int num_blk,
	82	unsigned char *out_blk, aes_decrypt_ctx cx[1])
	83	{
	84	const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_decrypt;
	85	cccbc_iv_decl(cbc->block_size, ctx_iv);
	86
	87	cccbc_set_iv(cbc, ctx_iv, in_iv);
	88	cccbc_update(cbc, cx[0].ctx, ctx_iv, num_blk, in_blk, out_blk); //Actually cbc decrypt.
	89
	90	return aes_good;
	91	}
	92
fe8ab488	93	#if defined (__i386__) \|\| defined (__x86_64__) \|\| defined (__arm64__)
316670eb A	94	/* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */
	95	aes_rval aes_decrypt(const unsigned char in_blk, unsigned char out_blk, aes_decrypt_ctx cx[1])
	96	{
	97	return aes_decrypt_cbc(in_blk, NULL, 1, out_blk, cx);
	98	}
39236c6e	99	#endif
316670eb A	100
	101	aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
	102	{
	103	return aes_encrypt_key(key, 16, cx);
	104	}
	105
	106	aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
	107	{
	108	return aes_decrypt_key(key, 16, cx);
	109	}
	110
	111
	112	aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
	113	{
	114	return aes_encrypt_key(key, 32, cx);
	115	}
	116
	117	aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
	118	{
	119	return aes_decrypt_key(key, 32, cx);
	120	}
bb59bff1 A	121
	122	aes_rval aes_encrypt_key_gcm(const unsigned char key, int key_len, ccgcm_ctx ctx)
	123	{
	124	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	125	if (!gcm) {
	126	return aes_error;
	127	}
	128
	129	ccgcm_init(gcm, ctx, key_len, key);
	130	return aes_good;
	131	}
	132
	133	aes_rval aes_encrypt_set_iv_gcm(const unsigned char in_iv, unsigned int len, ccgcm_ctx ctx)
	134	{
	135	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	136	if (!gcm) {
	137	return aes_error;
	138	}
	139
	140	ccgcm_set_iv(gcm, ctx, len, in_iv);
	141	return aes_good;
	142	}
	143
	144	aes_rval aes_encrypt_aad_gcm(const unsigned char aad, unsigned int aad_bytes, ccgcm_ctx ctx)
	145	{
	146	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	147	if (!gcm) {
	148	return aes_error;
	149	}
	150
	151	ccgcm_gmac(gcm, ctx, aad_bytes, aad);
	152	return aes_good;
	153	}
	154
	155	aes_rval aes_encrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes,
	156	unsigned char out_blk, ccgcm_ctx ctx)
	157	{
	158	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	159	if (!gcm) {
	160	return aes_error;
	161	}
	162
	163	ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk); //Actually gcm encrypt.
	164	return aes_good;
	165	}
	166
	167	aes_rval aes_encrypt_finalize_gcm(unsigned char tag, unsigned int tag_bytes, ccgcm_ctx ctx)
	168	{
	169	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
	170	if (!gcm) {
	171	return aes_error;
	172	}
	173
	174	ccgcm_finalize(gcm, ctx, tag_bytes, tag);
	175	ccgcm_reset(gcm, ctx);
	176	return aes_good;
	177	}
	178
	179	aes_rval aes_decrypt_key_gcm(const unsigned char key, int key_len, ccgcm_ctx ctx)
	180	{
	181	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
	182	if (!gcm) {
	183	return aes_error;
	184	}
185
186	ccgcm_init(gcm, ctx, key_len, key);
187	return aes_good;
188	}
189
190	aes_rval aes_decrypt_set_iv_gcm(const unsigned char in_iv, unsigned int len, ccgcm_ctx ctx)
191	{
192	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
193	if (!gcm) {
194	return aes_error;
195	}
196
197	ccgcm_set_iv(gcm, ctx, len, in_iv);
198	return aes_good;
199	}
200
201	aes_rval aes_decrypt_aad_gcm(const unsigned char aad, unsigned int aad_bytes, ccgcm_ctx ctx)
202	{
203	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
204	if (!gcm) {
205	return aes_error;
206	}
207
208	ccgcm_gmac(gcm, ctx, aad_bytes, aad);
209	return aes_good;
210	}
211
212	aes_rval aes_decrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes,
213	unsigned char out_blk, ccgcm_ctx ctx)
214	{
215	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
216	if (!gcm) {
217	return aes_error;
218	}
219
220	ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk); //Actually gcm decrypt.
221	return aes_good;
222	}
223
224	aes_rval aes_decrypt_finalize_gcm(unsigned char tag, unsigned int tag_bytes, ccgcm_ctx ctx)
225	{
226	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
227	if (!gcm) {
228	return aes_error;
229	}
230
231	ccgcm_finalize(gcm, ctx, tag_bytes, tag);
232	ccgcm_reset(gcm, ctx);
233	return aes_good;
234	}
235
236	unsigned aes_encrypt_get_ctx_size_gcm(void)
237	{
238	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
239	if (!gcm) {
240	return 0;
241	}
242	return (cc_ctx_sizeof(ccgcm_ctx, gcm->size));
243	}
244
245	unsigned aes_decrypt_get_ctx_size_gcm(void)
246	{
247	const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
248	if (!gcm) {
249	return 0;
250	}
251	return (cc_ctx_sizeof(ccgcm_ctx, gcm->size));
252	}
253