]> git.saurik.com Git - apple/xnu.git/blob - osfmk/corecrypto/ccmode/src/ccmode_internal.h
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-4570.1.46.tar.gz
[apple/xnu.git] / osfmk / corecrypto / ccmode / src / ccmode_internal.h
1 /*
2 * ccmode_internal.h
3 * corecrypto
4 *
5 * Created on 12/12/2010
6 *
7 * Copyright (c) 2010,2011,2012,2014,2015 Apple Inc. All rights reserved.
8 *
9 *
10 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
11 *
12 * This file contains Original Code and/or Modifications of Original Code
13 * as defined in and that are subject to the Apple Public Source License
14 * Version 2.0 (the 'License'). You may not use this file except in
15 * compliance with the License. The rights granted to you under the License
16 * may not be used to create, or enable the creation or redistribution of,
17 * unlawful or unlicensed copies of an Apple operating system, or to
18 * circumvent, violate, or enable the circumvention or violation of, any
19 * terms of an Apple operating system software license agreement.
20 *
21 * Please obtain a copy of the License at
22 * http://www.opensource.apple.com/apsl/ and read it before using this file.
23 *
24 * The Original Code and all software distributed under the License are
25 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
26 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
27 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
28 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
29 * Please see the License for the specific language governing rights and
30 * limitations under the License.
31 *
32 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
33 */
34
35 #ifndef _CORECRYPTO_CCMODE_INTERNAL_H_
36 #define _CORECRYPTO_CCMODE_INTERNAL_H_
37
38 #include <corecrypto/ccmode.h>
39 #include <corecrypto/ccmode_factory.h>
40 #include <corecrypto/cc_priv.h>
41 #include <corecrypto/cc_macros.h>
42
43 #define CCMODE_INVALID_INPUT -1
44 #define CCMODE_INVALID_CALL_SEQUENCE -2
45 #define CCMODE_INTEGRITY_FAILURE -3
46 #define CCMODE_NOT_SUPPORTED -4
47 #define CCMODE_INTERNAL_ERROR -5
48
49 // VNG speed up for GCM's AES encrypton and finite fileld multiplication
50 #if \
51 ((CCAES_INTEL_ASM && defined(__x86_64__)) || (CCAES_ARM_ASM && defined(__ARM_NEON__)))
52 #define CCMODE_GCM_VNG_SPEEDUP 1
53 #else
54 #define CCMODE_GCM_VNG_SPEEDUP 0
55 #endif
56
57
58 #define CCMODE_GCM_USE_GF_LOOKUP_TABLES 1
59
60 /* Helper function used. TODO: Probably not specific to xts, since
61 gcm uses it too */
62 void ccmode_xts_mult_alpha(cc_unit *tweak);
63
64 /* Macros for accessing a CCMODE_CBC_KEY.
65 {
66 const struct ccmode_ecb *ecb
67 ccn_unit ecb_key[ecb->n]
68 } */
69 #define _CCMODE_CBC_KEY(K) ((struct _ccmode_cbc_key *)(K))
70 #define _CCMODE_CBC_KEY_CONST(K) ((const struct _ccmode_cbc_key *)(K))
71 #define CCMODE_CBC_KEY_ECB(K) (_CCMODE_CBC_KEY(K)->ecb)
72 #define CCMODE_CBC_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_CBC_KEY(K)->u[0])
73
74 CC_CONST CC_INLINE
75 const struct ccmode_ecb * ccmode_cbc_key_ecb(const cccbc_ctx *K) {
76 return ((const struct _ccmode_cbc_key *)K)->ecb;
77 }
78
79 CC_CONST CC_INLINE
80 const ccecb_ctx * ccmode_cbc_key_ecb_key(const cccbc_ctx *K) {
81 return (const ccecb_ctx *)&((const struct _ccmode_cbc_key *)K)->u[0];
82 }
83
84 /* Macros for accessing a CCMODE_CFB_KEY.
85 {
86 const struct ccmode_ecb *ecb
87 cc_size pad_len;
88 ccn_unit pad[ecb->block_size / CCN_UNIT_SIZE];
89 ccn_unit iv[ecb->block_size / CCN_UNIT_SIZE];
90 ccn_unit ecb_key[ecb->n]
91 } */
92 #define _CCMODE_CFB_KEY(K) ((struct _ccmode_cfb_key *)(K))
93 #define CCMODE_CFB_KEY_ECB(K) (_CCMODE_CFB_KEY(K)->ecb)
94 #define CCMODE_CFB_KEY_PAD_LEN(K) (_CCMODE_CFB_KEY(K)->pad_len)
95 #define CCMODE_CFB_KEY_PAD(K) (&_CCMODE_CFB_KEY(K)->u[0])
96 #define CCMODE_CFB_KEY_IV(K) (&_CCMODE_CFB_KEY(K)->u[ccn_nof_size(CCMODE_CFB_KEY_ECB(K)->block_size)])
97 #define CCMODE_CFB_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_CFB_KEY(K)->u[2 * ccn_nof_size(CCMODE_CFB_KEY_ECB(K)->block_size)])
98
99 /* Macros for accessing a CCMODE_CFB8_KEY.
100 {
101 const struct ccmode_ecb *ecb
102 ccn_unit pad[ecb->block_size / CCN_UNIT_SIZE];
103 ccn_unit iv[ecb->block_size / CCN_UNIT_SIZE];
104 ccn_unit ecb_key[ecb->n]
105 } */
106 #define _CCMODE_CFB8_KEY(K) ((struct _ccmode_cfb8_key *)(K))
107 #define CCMODE_CFB8_KEY_ECB(K) (_CCMODE_CFB8_KEY(K)->ecb)
108 #define CCMODE_CFB8_KEY_PAD(K) (&_CCMODE_CFB8_KEY(K)->u[0])
109 #define CCMODE_CFB8_KEY_IV(K) (&_CCMODE_CFB8_KEY(K)->u[ccn_nof_size(CCMODE_CFB8_KEY_ECB(K)->block_size)])
110 #define CCMODE_CFB8_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_CFB8_KEY(K)->u[2 * ccn_nof_size(CCMODE_CFB8_KEY_ECB(K)->block_size)])
111
112
113 /* Macros for accessing a CCMODE_CTR_KEY.
114 {
115 const struct ccmode_ecb *ecb
116 cc_size pad_offset;
117 ccn_unit pad[ecb->block_size / CCN_UNIT_SIZE];
118 ccn_unit ctr[ecb->block_size / CCN_UNIT_SIZE];
119 ccn_unit ecb_key[ecb->n]
120 } */
121 #define _CCMODE_CTR_KEY(K) ((struct _ccmode_ctr_key *)(K))
122 #define CCMODE_CTR_KEY_ECB(K) (_CCMODE_CTR_KEY(K)->ecb)
123 #define CCMODE_CTR_KEY_PAD_OFFSET(K) (_CCMODE_CTR_KEY(K)->pad_offset)
124 #define CCMODE_CTR_KEY_PAD(K) (&_CCMODE_CTR_KEY(K)->u[0])
125 #define CCMODE_CTR_KEY_CTR(K) (&_CCMODE_CTR_KEY(K)->u[ccn_nof_size(CCMODE_CTR_KEY_ECB(K)->block_size)])
126 #define CCMODE_CTR_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_CTR_KEY(K)->u[2 * ccn_nof_size(CCMODE_CTR_KEY_ECB(K)->block_size)])
127
128 CC_INLINE int ccctr_setctr(const struct ccmode_ctr *mode, ccctr_ctx *ctx, const void *ctr)
129 {
130 return mode->setctr(mode, ctx, ctr);
131 }
132
133 /* Macros for accessing a CCMODE_OFB_KEY.
134 {
135 const struct ccmode_ecb *ecb
136 cc_size pad_len;
137 ccn_unit iv[ecb->block_size / CCN_UNIT_SIZE];
138 ccn_unit ecb_key[ecb->n]
139 } */
140 #define _CCMODE_OFB_KEY(K) ((struct _ccmode_ofb_key *)(K))
141 #define CCMODE_OFB_KEY_ECB(K) (_CCMODE_OFB_KEY(K)->ecb)
142 #define CCMODE_OFB_KEY_PAD_LEN(K) (_CCMODE_OFB_KEY(K)->pad_len)
143 #define CCMODE_OFB_KEY_IV(K) (&_CCMODE_OFB_KEY(K)->u[0])
144 #define CCMODE_OFB_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_OFB_KEY(K)->u[ccn_nof_size(CCMODE_OFB_KEY_ECB(K)->block_size)])
145
146
147 /* Macros for accessing a CCMODE_XTS_KEY.
148 {
149 const struct ccmode_ecb *ecb
150 const struct ccmode_ecb *ecb_encrypt
151 ccn_unit data_key[ecb->size]
152 ccn_unit tweak_key[ecb_encrypt->size]
153 } */
154 #define _CCMODE_XTS_KEY(K) ((struct _ccmode_xts_key *)(K))
155 #define CCMODE_XTS_KEY_ECB(K) (_CCMODE_XTS_KEY(K)->ecb)
156 #define CCMODE_XTS_KEY_ECB_ENCRYPT(K) (_CCMODE_XTS_KEY(K)->ecb_encrypt)
157 #define CCMODE_XTS_KEY_DATA_KEY(K) ((ccecb_ctx *)&_CCMODE_XTS_KEY(K)->u[0])
158 #define CCMODE_XTS_KEY_TWEAK_KEY(K) ((ccecb_ctx *)&_CCMODE_XTS_KEY(K)->u[ccn_nof_size(CCMODE_XTS_KEY_ECB(K)->size)])
159
160 CC_CONST CC_INLINE
161 const struct ccmode_ecb * ccmode_xts_key_ecb(const ccxts_ctx *K) {
162 return ((const struct _ccmode_xts_key *)K)->ecb;
163 }
164
165 CC_CONST CC_INLINE
166 const struct ccmode_ecb * ccmode_xts_key_ecb_encrypt(const ccxts_ctx *K) {
167 return ((const struct _ccmode_xts_key *)K)->ecb_encrypt;
168 }
169
170 CC_CONST CC_INLINE
171 const ccecb_ctx * ccmode_xts_key_data_key(const ccxts_ctx *K) {
172 return (const ccecb_ctx *)&((const struct _ccmode_xts_key *)K)->u[0];
173 }
174
175 CC_CONST CC_INLINE
176 const ccecb_ctx * ccmode_xts_key_tweak_key(const ccxts_ctx *K) {
177 return (const ccecb_ctx *)&((const struct _ccmode_xts_key *)K)->u[ccn_nof_size(ccmode_xts_key_ecb(K)->size)];
178 }
179
180 /* Macros for accessing a CCMODE_XTS_TWEAK.
181 {
182 size_t blocks_processed;
183 uint8_t value[16];
184 } */
185 #define _CCMODE_XTS_TWEAK(T) ((struct _ccmode_xts_tweak *)(T))
186 #define CCMODE_XTS_TWEAK_BLOCK_PROCESSED(T)(_CCMODE_XTS_TWEAK(T)->blocks_processed)
187 #define CCMODE_XTS_TWEAK_VALUE(T) (_CCMODE_XTS_TWEAK(T)->u)
188
189
190 /* Macros for accessing a CCMODE_GCM_KEY.
191 Common to the generic (factory) and the VNG implementation
192 */
193
194 #define _CCMODE_GCM_KEY(K) ((struct _ccmode_gcm_key *)(K))
195 #define CCMODE_GCM_KEY_H(K) (_CCMODE_GCM_KEY(K)->H)
196 #define CCMODE_GCM_KEY_X(K) (_CCMODE_GCM_KEY(K)->X)
197 #define CCMODE_GCM_KEY_Y(K) (_CCMODE_GCM_KEY(K)->Y)
198 #define CCMODE_GCM_KEY_Y_0(K) (_CCMODE_GCM_KEY(K)->Y_0)
199 #define CCMODE_GCM_KEY_PAD_LEN(K) (_CCMODE_GCM_KEY(K)->buf_nbytes)
200 #define CCMODE_GCM_KEY_PAD(K) (_CCMODE_GCM_KEY(K)->buf)
201
202 #define _CCMODE_GCM_ECB_MODE(K) ((struct _ccmode_gcm_key *)(K))
203 #define CCMODE_GCM_KEY_ECB(K) (_CCMODE_GCM_ECB_MODE(K)->ecb)
204 #define CCMODE_GCM_KEY_ECB_KEY(K) ((ccecb_ctx *)_CCMODE_GCM_ECB_MODE(K)->ecb_key) // set in init function
205
206 #define CCMODE_GCM_STATE_IV 1
207 #define CCMODE_GCM_STATE_AAD 2
208 #define CCMODE_GCM_STATE_TEXT 3
209 #define CCMODE_GCM_STATE_FINAL 4
210
211 #define CCMODE_STATE_INIT 2 //first call to init
212 #define CCMODE_STATE_IV_START 3 //first call to set_iv
213
214 // rdar://problem/23523093
215 //this allows users to bypass set_iv().
216 //this is a temporary setting mainly to allow Security framework to adapt
217 //ccgcm_set_iv_legacy() and check the tack on decyption without
218 //need to change the Security twice
219 //#define CCMODE_STATE_IV_CONT 2 //subsequent calls to set_iv
220 #define CCMODE_STATE_IV_CONT CCMODE_STATE_IV_START
221
222 #define CCMODE_STATE_AAD 4
223 #define CCMODE_STATE_TEXT 5
224
225 #define CCMODE_CCM_STATE_IV 1
226
227 void ccmode_gcm_gf_mult(const unsigned char *a, const unsigned char *b,
228 unsigned char *c);
229 void ccmode_gcm_mult_h(ccgcm_ctx *key, unsigned char *I);
230
231 /* Macros for accessing a CCMODE_CCM_KEY. */
232 #define _CCMODE_CCM_KEY(K) ((struct _ccmode_ccm_key *)(K))
233 #define CCMODE_CCM_KEY_ECB(K) (_CCMODE_CCM_KEY(K)->ecb)
234 #define CCMODE_CCM_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_CCM_KEY(K)->u[0])
235
236 #define _CCMODE_CCM_NONCE(N) ((struct _ccmode_ccm_nonce *)(N))
237 #define CCMODE_CCM_KEY_MAC(N) (_CCMODE_CCM_NONCE(N)->MAC)
238 #define CCMODE_CCM_KEY_A_I(N) (_CCMODE_CCM_NONCE(N)->A_i)
239 #define CCMODE_CCM_KEY_B_I(N) (_CCMODE_CCM_NONCE(N)->B_i)
240 #define CCMODE_CCM_KEY_PAD_LEN(N) (_CCMODE_CCM_NONCE(N)->buflen)
241 #define CCMODE_CCM_KEY_PAD(N) (_CCMODE_CCM_NONCE(N)->buf)
242 #define CCMODE_CCM_KEY_MAC_LEN(N) (_CCMODE_CCM_NONCE(N)->mac_size)
243 #define CCMODE_CCM_KEY_NONCE_LEN(N) (_CCMODE_CCM_NONCE(N)->nonce_size)
244 #define CCMODE_CCM_KEY_AUTH_LEN(N) (_CCMODE_CCM_NONCE(N)->b_i_len)
245
246 /* Macros for accessing a CCMODE_OMAC_KEY.
247 {
248 const struct ccmode_ecb *ecb
249 cc_size tweak_size;
250 ccn_unit ecb_key1[ecb->n]
251 ccn_unit ecb_key2[ecb->n]
252 } */
253 #define _CCMODE_OMAC_KEY(K) ((struct _ccmode_omac_key *)(K))
254 #define CCMODE_OMAC_KEY_ECB(K) (_CCMODE_OMAC_KEY(K)->ecb)
255 #define CCMODE_OMAC_KEY_TWEAK_LEN(K) (_CCMODE_OMAC_KEY(K)->tweak_len)
256 #define CCMODE_OMAC_KEY_ECB_KEY(K) ((ccecb_ctx *)&_CCMODE_OMAC_KEY(K)->u[0])
257
258 CC_INLINE void inc_uint(uint8_t *buf, size_t nbytes)
259 {
260 size_t i;
261 for (i = 0; i < nbytes; i += 1) {
262 if (++buf[nbytes-1-i] & 255) { break; }
263 }
264 }
265
266 CC_INLINE void ccmode_gcm_update_pad(ccgcm_ctx *key)
267 {
268 inc_uint(CCMODE_GCM_KEY_Y(key) + 12, 4);
269 CCMODE_GCM_KEY_ECB(key)->ecb(CCMODE_GCM_KEY_ECB_KEY(key), 1,
270 CCMODE_GCM_KEY_Y(key),
271 CCMODE_GCM_KEY_PAD(key));
272 }
273
274 CC_INLINE void ccmode_gcm_aad_finalize(ccgcm_ctx *key)
275 {
276 if (_CCMODE_GCM_KEY(key)->state == CCMODE_GCM_STATE_AAD) {
277 if (_CCMODE_GCM_KEY(key)->aad_nbytes % CCGCM_BLOCK_NBYTES > 0) {
278 ccmode_gcm_mult_h(key, CCMODE_GCM_KEY_X(key));
279 }
280 _CCMODE_GCM_KEY(key)->state = CCMODE_GCM_STATE_TEXT;
281 }
282 }
283
284 CC_INLINE void xor_128bits(unsigned char *r, const unsigned char *a, const unsigned char *b)
285 {
286 cc_unit *r1 = (cc_unit *)r;
287 const cc_unit *a1 = (const cc_unit *)a;
288 const cc_unit *b1 = (const cc_unit *)b;
289
290 for (int i=0; i<128/(CCN_UNIT_SIZE*8); i++) {
291 r1[i] = a1[i] ^ b1[i];
292 }
293 }
294
295
296
297 #endif /* _CORECRYPTO_CCMODE_INTERNAL_H_ */
mirror of XNU