]> git.saurik.com Git - apple/xnu.git/blob - EXTERNAL_HEADERS/corecrypto/ccmode_factory.h
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-4570.1.46.tar.gz
[apple/xnu.git] / EXTERNAL_HEADERS / corecrypto / ccmode_factory.h
1 /*
2 * ccmode_factory.h
3 * corecrypto
4 *
5 * Created on 01/21/2011
6 *
7 * Copyright (c) 2011,2012,2013,2014,2015 Apple Inc. All rights reserved.
8 *
9 */
10
11 #ifndef _CORECRYPTO_CCMODE_FACTORY_H_
12 #define _CORECRYPTO_CCMODE_FACTORY_H_
13
14 #include <corecrypto/ccn.h> /* TODO: Remove dependency on this header. */
15 #include <corecrypto/ccmode_impl.h>
16
17 /* Function and macros defined in this file are only to be used
18 within corecrypto files.
19 */
20
21 /* For CBC, direction of underlying ecb is the same as the cbc direction */
22 #define CCMODE_CBC_FACTORY(_cipher_, _dir_) \
23 static struct ccmode_cbc cbc_##_cipher_##_##_dir_; \
24 \
25 const struct ccmode_cbc *cc##_cipher_##_cbc_##_dir_##_mode(void) \
26 { \
27 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_##_dir_##_mode(); \
28 ccmode_factory_cbc_##_dir_(&cbc_##_cipher_##_##_dir_, ecb); \
29 return &cbc_##_cipher_##_##_dir_; \
30 }
31
32 /* For CTR, only one direction, underlying ecb is always encrypt */
33 #define CCMODE_CTR_FACTORY(_cipher_) \
34 static struct ccmode_ctr ctr_##_cipher_; \
35 \
36 const struct ccmode_ctr *cc##_cipher_##_ctr_crypt_mode(void) \
37 { \
38 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_encrypt_mode(); \
39 ccmode_factory_ctr_crypt(&ctr_##_cipher_, ecb); \
40 return &ctr_##_cipher_; \
41 }
42
43 /* OFB, same as CTR */
44 #define CCMODE_OFB_FACTORY(_cipher_) \
45 static struct ccmode_ofb ofb_##_cipher_; \
46 \
47 const struct ccmode_ofb *cc##_cipher_##_ofb_crypt_mode(void) \
48 { \
49 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_encrypt_mode(); \
50 ccmode_factory_ofb_crypt(&ofb_##_cipher_, ecb); \
51 return &ofb_##_cipher_; \
52 }
53
54
55 /* For CFB, the underlying ecb operation is encrypt for both directions */
56 #define CCMODE_CFB_FACTORY(_cipher_, _mode_, _dir_) \
57 static struct ccmode_##_mode_ _mode_##_##_cipher_##_##_dir_; \
58 \
59 const struct ccmode_##_mode_ *cc##_cipher_##_##_mode_##_##_dir_##_mode(void) \
60 { \
61 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_encrypt_mode(); \
62 ccmode_factory_##_mode_##_##_dir_(&_mode_##_##_cipher_##_##_dir_, ecb); \
63 return &_mode_##_##_cipher_##_##_dir_; \
64 }
65
66 /* For GCM, same as CFB */
67 #define CCMODE_GCM_FACTORY(_cipher_, _dir_) CCMODE_CFB_FACTORY(_cipher_, gcm, _dir_)
68
69 /* For CCM, same as CFB */
70 #define CCMODE_CCM_FACTORY(_cipher_, _dir_) CCMODE_CFB_FACTORY(_cipher_, ccm, _dir_)
71
72
73 /* Fot XTS, you always need an ecb encrypt */
74 #define CCMODE_XTS_FACTORY(_cipher_ , _dir_) \
75 static struct ccmode_xts xts##_cipher_##_##_dir_; \
76 \
77 const struct ccmode_xts *cc##_cipher_##_xts_##_dir_##_mode(void) \
78 { \
79 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_##_dir_##_mode(); \
80 const struct ccmode_ecb *ecb_enc=cc##_cipher_##_ecb_encrypt_mode(); \
81 \
82 ccmode_factory_xts_##_dir_(&xts##_cipher_##_##_dir_, ecb, ecb_enc); \
83 return &xts##_cipher_##_##_dir_; \
84 }
85
86 #if 0
87
88 /* example of how to make the selection function thread safe */
89
90 struct ccmode_cbc cc3des_cbc_mode_encrypt;
91 dispatch_once_t cc3des_mode_encrypt_init_once;
92
93 void cc3des_mode_encrypt_init(void *ctx) {
94 struct ccmode_ecb *ecb = cc3des_ecb_encrypt_mode();
95 ccmode_factory_cbc_encrypt(&cc3des_mode_encrypt, ecb);
96 }
97
98 const struct ccmode_cbc *cc3des_cbc_encrypt_mode(void) {
99 dispatch_once_f(&cc3des_mode_encrypt_init_once, NULL, cc3des_mode_encrypt_init);
100 return &cc3des_mode_encrypt;
101 }
102
103 struct ccmode_cbc cc3des_cbc_mode_encrypt = {
104 .n = CC3DES_LTC_ECB_ENCRYPT_N,
105 .init = ccmode_cbc_init,
106 .cbc = ccmode_cbc_encrypt,
107 .custom = &cc3des_ltc_ecb_encrypt
108 };
109
110 const struct ccmode_cbc *cc3des_cbc_encrypt_mode(void) {
111 return &cc3des_mode_encrypt;
112 }
113
114 #endif
115
116
117
118 int ccmode_cbc_init(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
119 size_t rawkey_len, const void *rawkey);
120 int ccmode_cbc_decrypt(const cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks,
121 const void *in, void *out);
122 int ccmode_cbc_encrypt(const cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks,
123 const void *in, void *out);
124
125 struct _ccmode_cbc_key {
126 const struct ccmode_ecb *ecb;
127 cc_unit u[];
128 };
129
130 /* Use this to statically initialize a ccmode_cbc object for decryption. */
131 #define CCMODE_FACTORY_CBC_DECRYPT(ECB) { \
132 .size = ccn_sizeof_size(sizeof(struct _ccmode_cbc_key)) + ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
133 .block_size = (ECB)->block_size, \
134 .init = ccmode_cbc_init, \
135 .cbc = ccmode_cbc_decrypt, \
136 .custom = (ECB) \
137 }
138
139 /* Use this to statically initialize a ccmode_cbc object for encryption. */
140 #define CCMODE_FACTORY_CBC_ENCRYPT(ECB) { \
141 .size = ccn_sizeof_size(sizeof(struct _ccmode_cbc_key)) + ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
142 .block_size = (ECB)->block_size, \
143 .init = ccmode_cbc_init, \
144 .cbc = ccmode_cbc_encrypt, \
145 .custom = (ECB) \
146 }
147
148 /* Use these function to runtime initialize a ccmode_cbc decrypt object (for
149 example if it's part of a larger structure). Normally you would pass a
150 ecb decrypt mode implementation of some underlying algorithm as the ecb
151 parameter. */
152 void ccmode_factory_cbc_decrypt(struct ccmode_cbc *cbc,
153 const struct ccmode_ecb *ecb);
154
155 /* Use these function to runtime initialize a ccmode_cbc encrypt object (for
156 example if it's part of a larger structure). Normally you would pass a
157 ecb encrypt mode implementation of some underlying algorithm as the ecb
158 parameter. */
159 void ccmode_factory_cbc_encrypt(struct ccmode_cbc *cbc,
160 const struct ccmode_ecb *ecb);
161
162
163 int ccmode_cfb_init(const struct ccmode_cfb *cfb, cccfb_ctx *ctx,
164 size_t rawkey_len, const void *rawkey,
165 const void *iv);
166 int ccmode_cfb_decrypt(cccfb_ctx *ctx, size_t nbytes,
167 const void *in, void *out);
168 int ccmode_cfb_encrypt(cccfb_ctx *ctx, size_t nbytes,
169 const void *in, void *out);
170 struct _ccmode_cfb_key {
171 const struct ccmode_ecb *ecb;
172 size_t pad_len;
173 cc_unit u[];
174 };
175
176 /* Use this to statically initialize a ccmode_cfb object for decryption. */
177 #define CCMODE_FACTORY_CFB_DECRYPT(ECB) { \
178 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
179 .block_size = 1, \
180 .init = ccmode_cfb_init, \
181 .cfb = ccmode_cfb_decrypt, \
182 .custom = (ECB) \
183 }
184
185 /* Use this to statically initialize a ccmode_cfb object for encryption. */
186 #define CCMODE_FACTORY_CFB_ENCRYPT(ECB) { \
187 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
188 .block_size = 1, \
189 .init = ccmode_cfb_init, \
190 .cfb = ccmode_cfb_encrypt, \
191 .custom = (ECB) \
192 }
193
194 /* Use these function to runtime initialize a ccmode_cfb decrypt object (for
195 example if it's part of a larger structure). Normally you would pass a
196 ecb encrypt mode implementation of some underlying algorithm as the ecb
197 parameter. */
198 void ccmode_factory_cfb_decrypt(struct ccmode_cfb *cfb,
199 const struct ccmode_ecb *ecb);
200
201 /* Use these function to runtime initialize a ccmode_cfb encrypt object (for
202 example if it's part of a larger structure). Normally you would pass a
203 ecb encrypt mode implementation of some underlying algorithm as the ecb
204 parameter. */
205 void ccmode_factory_cfb_encrypt(struct ccmode_cfb *cfb,
206 const struct ccmode_ecb *ecb);
207
208 int ccmode_cfb8_init(const struct ccmode_cfb8 *cfb8, cccfb8_ctx *ctx,
209 size_t rawkey_len, const void *rawkey, const void *iv);
210 int ccmode_cfb8_decrypt(cccfb8_ctx *ctx, size_t nbytes,
211 const void *in, void *out);
212 int ccmode_cfb8_encrypt(cccfb8_ctx *ctx, size_t nbytes,
213 const void *in, void *out);
214
215 struct _ccmode_cfb8_key {
216 const struct ccmode_ecb *ecb;
217 cc_unit u[];
218 };
219
220 /* Use this to statically initialize a ccmode_cfb8 object for decryption. */
221 #define CCMODE_FACTORY_CFB8_DECRYPT(ECB) { \
222 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb8_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
223 .block_size = 1, \
224 .init = ccmode_cfb8_init, \
225 .cfb8 = ccmode_cfb8_decrypt, \
226 .custom = (ECB) \
227 }
228
229 /* Use this to statically initialize a ccmode_cfb8 object for encryption. */
230 #define CCMODE_FACTORY_CFB8_ENCRYPT(ECB) { \
231 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb8_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
232 .block_size = 1, \
233 .init = ccmode_cfb8_init, \
234 .cfb8 = ccmode_cfb8_encrypt, \
235 .custom = (ECB) \
236 }
237
238 /* Use these function to runtime initialize a ccmode_cfb8 decrypt object (for
239 example if it's part of a larger structure). Normally you would pass a
240 ecb decrypt mode implementation of some underlying algorithm as the ecb
241 parameter. */
242 void ccmode_factory_cfb8_decrypt(struct ccmode_cfb8 *cfb8,
243 const struct ccmode_ecb *ecb);
244
245 /* Use these function to runtime initialize a ccmode_cfb8 encrypt object (for
246 example if it's part of a larger structure). Normally you would pass a
247 ecb encrypt mode implementation of some underlying algorithm as the ecb
248 parameter. */
249 void ccmode_factory_cfb8_encrypt(struct ccmode_cfb8 *cfb8,
250 const struct ccmode_ecb *ecb);
251
252 int ccmode_ctr_init(const struct ccmode_ctr *ctr, ccctr_ctx *ctx,
253 size_t rawkey_len, const void *rawkey, const void *iv);
254 int ccmode_ctr_setctr(const struct ccmode_ctr *mode, ccctr_ctx *ctx, const void *ctr);
255 int ccmode_ctr_crypt(ccctr_ctx *ctx, size_t nbytes,
256 const void *in, void *out);
257
258 struct _ccmode_ctr_key {
259 const struct ccmode_ecb *ecb;
260 size_t pad_offset;
261 cc_unit u[];
262 };
263
264 /* Use this to statically initialize a ccmode_ctr object for decryption. */
265 #define CCMODE_FACTORY_CTR_CRYPT(ECB_ENCRYPT) { \
266 .size = ccn_sizeof_size(sizeof(struct _ccmode_ctr_key)) + 2 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
267 .block_size = 1, \
268 .ecb_block_size = (ECB_ENCRYPT)->block_size, \
269 .init = ccmode_ctr_init, \
270 .setctr = ccmode_ctr_setctr, \
271 .ctr = ccmode_ctr_crypt, \
272 .custom = (ECB_ENCRYPT) \
273 }
274
275 /* Use these function to runtime initialize a ccmode_ctr decrypt object (for
276 example if it's part of a larger structure). Normally you would pass a
277 ecb encrypt mode implementation of some underlying algorithm as the ecb
278 parameter. */
279 void ccmode_factory_ctr_crypt(struct ccmode_ctr *ctr,
280 const struct ccmode_ecb *ecb);
281
282
283 /* Create a gcm key from a gcm mode object.
284 key must point to at least sizeof(CCMODE_GCM_KEY(ecb)) bytes of free
285 storage. */
286 int ccmode_gcm_init(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx,
287 size_t rawkey_len, const void *rawkey);
288 int ccmode_gcm_set_iv(ccgcm_ctx *ctx, size_t iv_nbytes, const void *iv);
289 int ccmode_gcm_aad(ccgcm_ctx *ctx, size_t nbytes, const void *in);
290 int ccmode_gcm_decrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
291 void *out);
292 int ccmode_gcm_encrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
293 void *out);
294
295 /*!
296 @function ccmode_gcm_finalize() finalizes AES-GCM call sequence
297 @param key encryption or decryption key
298 @param tag_nbytes length of tag in bytes
299 @param tag authentication tag
300 @result 0=success or non zero= error
301 @discussion For decryption, the tag parameter must be the expected-tag. A secure compare is performed between the provided expected-tag and the computed-tag. If they are the same, 0 is returned. Otherwise, non zero is returned. For encryption, tag is output and provides the authentication tag.
302
303 */
304 int ccmode_gcm_finalize(ccgcm_ctx *key, size_t tag_nbytes, void *tag);
305 int ccmode_gcm_reset(ccgcm_ctx *key);
306
307 #define CCGCM_FLAGS_INIT_WITH_IV 1
308
309 // Here is what the structure looks like in memory
310 // [ temp space | length | *ecb | *ecb_key | table | ecb_key ]
311 // size of table depends on the implementation (VNG vs factory)
312 // currently, VNG and factory share the same "header" described here
313 // VNG may add additional data after the header
314 struct _ccmode_gcm_key {
315 // 5 blocks of temp space.
316 unsigned char H[16]; /* multiplier */
317 unsigned char X[16]; /* accumulator */
318 unsigned char Y[16]; /* counter */
319 unsigned char Y_0[16]; /* initial counter */
320 unsigned char buf[16]; /* buffer for stuff */
321
322 // State and length
323 uint16_t state; /* state the GCM code is in */
324 uint16_t flags; /* flags (persistent across reset) */
325 uint32_t buf_nbytes; /* length of data in buf */
326
327 uint64_t aad_nbytes; /* 64-bit counter used for IV and AAD */
328 uint64_t text_nbytes; /* 64-bit counter for the plaintext PT */
329
330 // ECB
331 const struct ccmode_ecb *ecb; // ecb mode
332 // Pointer to the ECB key in the buffer
333 void *ecb_key; // address of the ecb_key in u, set in init function
334 int encdec; //is it an encrypt or decrypt object
335
336 // Buffer with ECB key and H table if applicable
337 CC_ALIGNED(16) unsigned char u[]; // ecb key + tables
338 };
339
340 #define GCM_ECB_KEY_SIZE(ECB_ENCRYPT) \
341 ((5 * ccn_sizeof_size((ECB_ENCRYPT)->block_size)) \
342 + ccn_sizeof_size((ECB_ENCRYPT)->size))
343
344 /* Use these function to runtime initialize a ccmode_gcm decrypt object (for
345 example if it's part of a larger structure). For GCM you always pass a
346 ecb encrypt mode implementation of some underlying algorithm as the ecb
347 parameter. */
348 void ccmode_factory_gcm_decrypt(struct ccmode_gcm *gcm,
349 const struct ccmode_ecb *ecb_encrypt);
350
351 /* Use these function to runtime initialize a ccmode_gcm encrypt object (for
352 example if it's part of a larger structure). For GCM you always pass a
353 ecb encrypt mode implementation of some underlying algorithm as the ecb
354 parameter. */
355 void ccmode_factory_gcm_encrypt(struct ccmode_gcm *gcm,
356 const struct ccmode_ecb *ecb_encrypt);
357
358
359 /* CCM (only NIST approved with AES) */
360 int ccmode_ccm_init(const struct ccmode_ccm *ccm, ccccm_ctx *ctx,
361 size_t rawkey_len, const void *rawkey);
362 int ccmode_ccm_set_iv(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nonce_len, const void *nonce,
363 size_t mac_size, size_t auth_len, size_t data_len);
364 /* internal function */
365 void ccmode_ccm_macdata(ccccm_ctx *key, ccccm_nonce *nonce_ctx, unsigned new_block, size_t nbytes, const void *in);
366 /* api function - disallows only mac'd data after data to encrypt was sent */
367 int ccmode_ccm_cbcmac(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in);
368 /* internal function */
369 void ccmode_ccm_crypt(ccccm_ctx *key, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in, void *out);
370 int ccmode_ccm_decrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
371 void *out);
372 int ccmode_ccm_encrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
373 void *out);
374 int ccmode_ccm_finalize(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac);
375 int ccmode_ccm_reset(ccccm_ctx *key, ccccm_nonce *nonce_ctx);
376
377 struct _ccmode_ccm_key {
378 const struct ccmode_ecb *ecb;
379 cc_unit u[];
380 };
381
382 struct _ccmode_ccm_nonce {
383 unsigned char A_i[16]; /* crypto block iv */
384 unsigned char B_i[16]; /* mac block iv */
385 unsigned char MAC[16]; /* crypted mac */
386 unsigned char buf[16]; /* crypt buffer */
387
388 uint32_t mode; /* mode: IV -> AD -> DATA */
389 uint32_t buflen; /* length of data in buf */
390 uint32_t b_i_len; /* length of cbcmac data in B_i */
391
392 size_t nonce_size;
393 size_t mac_size;
394 };
395
396 /* Use this to statically initialize a ccmode_ccm object for decryption. */
397 #define CCMODE_FACTORY_CCM_DECRYPT(ECB_ENCRYPT) { \
398 .size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_key)) + ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
399 .nonce_size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_nonce)), \
400 .block_size = 1, \
401 .init = ccmode_ccm_init, \
402 .set_iv = ccmode_ccm_set_iv, \
403 .cbcmac = ccmode_ccm_cbcmac, \
404 .ccm = ccmode_ccm_decrypt, \
405 .finalize = ccmode_ccm_finalize, \
406 .reset = ccmode_ccm_reset, \
407 .custom = (ECB_ENCRYPT) \
408 }
409
410 /* Use this to statically initialize a ccmode_ccm object for encryption. */
411 #define CCMODE_FACTORY_CCM_ENCRYPT(ECB_ENCRYPT) { \
412 .size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_key)) + ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
413 .nonce_size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_nonce)), \
414 .block_size = 1, \
415 .init = ccmode_ccm_init, \
416 .set_iv = ccmode_ccm_set_iv, \
417 .cbcmac = ccmode_ccm_cbcmac, \
418 .ccm = ccmode_ccm_encrypt, \
419 .finalize = ccmode_ccm_finalize, \
420 .reset = ccmode_ccm_reset, \
421 .custom = (ECB_ENCRYPT) \
422 }
423
424 /* Use these function to runtime initialize a ccmode_ccm decrypt object (for
425 example if it's part of a larger structure). For CCM you always pass a
426 ecb encrypt mode implementation of some underlying algorithm as the ecb
427 parameter. */
428
429 void ccmode_factory_ccm_decrypt(struct ccmode_ccm *ccm,
430 const struct ccmode_ecb *ecb_encrypt);
431
432 /* Use these function to runtime initialize a ccmode_ccm encrypt object (for
433 example if it's part of a larger structure). For CCM you always pass a
434 ecb encrypt mode implementation of some underlying algorithm as the ecb
435 parameter. */
436 void ccmode_factory_ccm_encrypt(struct ccmode_ccm *ccm,
437 const struct ccmode_ecb *ecb_encrypt);
438
439
440 int ccmode_ofb_init(const struct ccmode_ofb *ofb, ccofb_ctx *ctx,
441 size_t rawkey_len, const void *rawkey,
442 const void *iv);
443 int ccmode_ofb_crypt(ccofb_ctx *ctx, size_t nbytes,
444 const void *in, void *out);
445
446 struct _ccmode_ofb_key {
447 const struct ccmode_ecb *ecb;
448 size_t pad_len;
449 cc_unit u[];
450 };
451
452 /* Use this to statically initialize a ccmode_ofb object. */
453 #define CCMODE_FACTORY_OFB_CRYPT(ECB) { \
454 .size = ccn_sizeof_size(sizeof(struct _ccmode_ofb_key)) + ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
455 .block_size = 1, \
456 .init = ccmode_ofb_init, \
457 .ofb = ccmode_ofb_crypt, \
458 .custom = (ECB) \
459 }
460
461 /* Use these function to runtime initialize a ccmode_ofb encrypt object (for
462 example if it's part of a larger structure). Normally you would pass a
463 ecb encrypt mode implementation of some underlying algorithm as the ecb
464 parameter. */
465 void ccmode_factory_ofb_crypt(struct ccmode_ofb *ofb,
466 const struct ccmode_ecb *ecb);
467
468 int ccmode_omac_decrypt(ccomac_ctx *ctx, size_t nblocks,
469 const void *tweak, const void *in, void *out);
470 int ccmode_omac_encrypt(ccomac_ctx *ctx, size_t nblocks,
471 const void *tweak, const void *in, void *out);
472
473 /* Create a omac key from a omac mode object. The tweak_len here
474 determines how long the tweak is in bytes, for each subsequent call to
475 ccmode_omac->omac().
476 key must point to at least sizeof(CCMODE_OMAC_KEY(ecb)) bytes of free
477 storage. */
478 int ccmode_omac_init(const struct ccmode_omac *omac, ccomac_ctx *ctx,
479 size_t tweak_len, size_t rawkey_len,
480 const void *rawkey);
481
482 struct _ccmode_omac_key {
483 const struct ccmode_ecb *ecb;
484 size_t tweak_len;
485 cc_unit u[];
486 };
487
488 /* Use this to statically initialize a ccmode_omac object for decryption. */
489 #define CCMODE_FACTORY_OMAC_DECRYPT(ECB) { \
490 .size = ccn_sizeof_size(sizeof(struct _ccmode_omac_key)) + 2 * ccn_sizeof_size((ECB)->size), \
491 .block_size = (ECB)->block_size, \
492 .init = ccmode_omac_init, \
493 .omac = ccmode_omac_decrypt, \
494 .custom = (ECB) \
495 }
496
497 /* Use this to statically initialize a ccmode_omac object for encryption. */
498 #define CCMODE_FACTORY_OMAC_ENCRYPT(ECB) { \
499 .size = ccn_sizeof_size(sizeof(struct _ccmode_omac_key)) + 2 * ccn_sizeof_size((ECB)->size), \
500 .block_size = (ECB)->block_size, \
501 .init = ccmode_omac_init, \
502 .omac = ccmode_omac_encrypt, \
503 .custom = (ECB) \
504 }
505
506 /* Use these function to runtime initialize a ccmode_omac decrypt object (for
507 example if it's part of a larger structure). Normally you would pass a
508 ecb decrypt mode implementation of some underlying algorithm as the ecb
509 parameter. */
510 void ccmode_factory_omac_decrypt(struct ccmode_omac *omac,
511 const struct ccmode_ecb *ecb);
512
513 /* Use these function to runtime initialize a ccmode_omac encrypt object (for
514 example if it's part of a larger structure). Normally you would pass a
515 ecb encrypt mode implementation of some underlying algorithm as the ecb
516 parameter. */
517 void ccmode_factory_omac_encrypt(struct ccmode_omac *omac,
518 const struct ccmode_ecb *ecb);
519
520
521 /* Function prototypes used by the macros below, do not call directly. */
522 int ccmode_xts_init(const struct ccmode_xts *xts, ccxts_ctx *ctx,
523 size_t key_nbytes, const void *data_key,
524 const void *tweak_key);
525 void ccmode_xts_key_sched(const struct ccmode_xts *xts, ccxts_ctx *ctx,
526 size_t key_nbytes, const void *data_key,
527 const void *tweak_key);
528 void *ccmode_xts_crypt(const ccxts_ctx *ctx, ccxts_tweak *tweak,
529 size_t nblocks, const void *in, void *out);
530 int ccmode_xts_set_tweak(const ccxts_ctx *ctx, ccxts_tweak *tweak,
531 const void *iv);
532
533
534 struct _ccmode_xts_key {
535 const struct ccmode_ecb *ecb;
536 const struct ccmode_ecb *ecb_encrypt;
537 cc_unit u[];
538 };
539
540 struct _ccmode_xts_tweak {
541 // FIPS requires that for XTS that no more that 2^20 AES blocks may be processed for any given
542 // Key, Tweak Key, and tweak combination
543 // the bytes_processed field in the context will accumuate the number of blocks processed and
544 // will fail the encrypt/decrypt if the size is violated. This counter will be reset to 0
545 // when set_tweak is called.
546 size_t blocks_processed;
547 cc_unit u[];
548 };
549
550 /* Use this to statically initialize a ccmode_xts object for decryption. */
551 #define CCMODE_FACTORY_XTS_DECRYPT(ECB, ECB_ENCRYPT) { \
552 .size = ccn_sizeof_size(sizeof(struct _ccmode_xts_key)) + 2 * ccn_sizeof_size((ECB)->size), \
553 .tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(ecb->block_size), \
554 .block_size = ecb->block_size, \
555 .init = ccmode_xts_init, \
556 .key_sched = ccmode_xts_key_sched, \
557 .set_tweak = ccmode_xts_set_tweak, \
558 .xts = ccmode_xts_crypt, \
559 .custom = (ECB), \
560 .custom1 = (ECB_ENCRYPT) \
561 }
562
563 /* Use this to statically initialize a ccmode_xts object for encryption. */
564 #define CCMODE_FACTORY_XTS_ENCRYPT(ECB, ECB_ENCRYPT) { \
565 .size = ccn_sizeof_size(sizeof(struct _ccmode_xts_key)) + 2 * ccn_sizeof_size((ECB)->size), \
566 .tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(ecb->block_size), \
567 .block_size = ecb->block_size, \
568 .init = ccmode_xts_init, \
569 .key_sched = ccmode_xts_key_sched, \
570 .set_tweak = ccmode_xts_set_tweak, \
571 .xts = ccmode_xts_crypt, \
572 .custom = (ECB), \
573 .custom1 = (ECB_ENCRYPT) \
574 }
575
576 /* Use these function to runtime initialize a ccmode_xts decrypt object (for
577 example if it's part of a larger structure). Normally you would pass a
578 ecb decrypt mode implementation of some underlying algorithm as the ecb
579 parameter. */
580 void ccmode_factory_xts_decrypt(struct ccmode_xts *xts,
581 const struct ccmode_ecb *ecb,
582 const struct ccmode_ecb *ecb_encrypt);
583
584 /* Use these function to runtime initialize a ccmode_xts encrypt object (for
585 example if it's part of a larger structure). Normally you would pass a
586 ecb encrypt mode implementation of some underlying algorithm as the ecb
587 parameter. */
588 void ccmode_factory_xts_encrypt(struct ccmode_xts *xts,
589 const struct ccmode_ecb *ecb,
590 const struct ccmode_ecb *ecb_encrypt);
591
592 #endif /* _CORECRYPTO_CCMODE_FACTORY_H_ */
mirror of XNU