]> git.saurik.com Git - apple/xnu.git/blob - EXTERNAL_HEADERS/corecrypto/ccmode_factory.h
projects / apple / xnu.git / blob
? search:


8ffe1fbd6e43428ce01db4e3d49b8eaa46f7449a
[apple/xnu.git] / EXTERNAL_HEADERS / corecrypto / ccmode_factory.h
1 /*
2 * ccmode_factory.h
3 * corecrypto
4 *
5 * Created by Fabrice Gautier on 1/21/11.
6 * Copyright 2011 Apple, Inc. All rights reserved.
7 *
8 */
9
10 #ifndef _CORECRYPTO_CCMODE_FACTORY_H_
11 #define _CORECRYPTO_CCMODE_FACTORY_H_
12
13 #include <corecrypto/ccn.h> /* TODO: Remove dependency on this header. */
14 #include <corecrypto/ccmode_impl.h>
15
16 /* For CBC, direction of underlying ecb is the same as the cbc direction */
17 #define CCMODE_CBC_FACTORY(_cipher_, _dir_) \
18 static struct ccmode_cbc cbc_##_cipher_##_##_dir_; \
19 \
20 const struct ccmode_cbc *cc##_cipher_##_cbc_##_dir_##_mode(void) \
21 { \
22 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_##_dir_##_mode(); \
23 ccmode_factory_cbc_##_dir_(&cbc_##_cipher_##_##_dir_, ecb); \
24 return &cbc_##_cipher_##_##_dir_; \
25 }
26
27 /* For CTR, only one direction, underlying ecb is always encrypt */
28 #define CCMODE_CTR_FACTORY(_cipher_) \
29 static struct ccmode_ctr ctr_##_cipher_; \
30 \
31 const struct ccmode_ctr *cc##_cipher_##_ctr_crypt_mode(void) \
32 { \
33 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_encrypt_mode(); \
34 ccmode_factory_ctr_crypt(&ctr_##_cipher_, ecb); \
35 return &ctr_##_cipher_; \
36 }
37
38 /* OFB, same as CTR */
39 #define CCMODE_OFB_FACTORY(_cipher_) \
40 static struct ccmode_ofb ofb_##_cipher_; \
41 \
42 const struct ccmode_ofb *cc##_cipher_##_ofb_crypt_mode(void) \
43 { \
44 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_encrypt_mode(); \
45 ccmode_factory_ofb_crypt(&ofb_##_cipher_, ecb); \
46 return &ofb_##_cipher_; \
47 }
48
49
50 /* For CFB, the underlying ecb operation is encrypt for both directions */
51 #define CCMODE_CFB_FACTORY(_cipher_, _mode_, _dir_) \
52 static struct ccmode_##_mode_ _mode_##_##_cipher_##_##_dir_; \
53 \
54 const struct ccmode_##_mode_ *cc##_cipher_##_##_mode_##_##_dir_##_mode(void) \
55 { \
56 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_encrypt_mode(); \
57 ccmode_factory_##_mode_##_##_dir_(&_mode_##_##_cipher_##_##_dir_, ecb); \
58 return &_mode_##_##_cipher_##_##_dir_; \
59 }
60
61 /* For GCM, same as CFB */
62 #define CCMODE_GCM_FACTORY(_cipher_, _dir_) CCMODE_CFB_FACTORY(_cipher_, gcm, _dir_)
63
64 /* For CCM, same as CFB */
65 #define CCMODE_CCM_FACTORY(_cipher_, _dir_) CCMODE_CFB_FACTORY(_cipher_, ccm, _dir_)
66
67
68 /* Fot XTS, you always need an ecb encrypt */
69 #define CCMODE_XTS_FACTORY(_cipher_ , _dir_) \
70 static struct ccmode_xts xts##_cipher_##_##_dir_; \
71 \
72 const struct ccmode_xts *cc##_cipher_##_xts_##_dir_##_mode(void) \
73 { \
74 const struct ccmode_ecb *ecb=cc##_cipher_##_ecb_##_dir_##_mode(); \
75 const struct ccmode_ecb *ecb_enc=cc##_cipher_##_ecb_encrypt_mode(); \
76 \
77 ccmode_factory_xts_##_dir_(&xts##_cipher_##_##_dir_, ecb, ecb_enc); \
78 return &xts##_cipher_##_##_dir_; \
79 }
80
81 #if 0
82
83 /* example of how to make the selection function thread safe */
84
85 struct ccmode_cbc cc3des_cbc_mode_encrypt;
86 dispatch_once_t cc3des_mode_encrypt_init_once;
87
88 void cc3des_mode_encrypt_init(void *ctx) {
89 struct ccmode_ecb *ecb = cc3des_ecb_encrypt_mode();
90 ccmode_factory_cbc_encrypt(&cc3des_mode_encrypt, ecb);
91 }
92
93 const struct ccmode_cbc *cc3des_cbc_encrypt_mode(void) {
94 dispatch_once_f(&cc3des_mode_encrypt_init_once, NULL, cc3des_mode_encrypt_init);
95 return &cc3des_mode_encrypt;
96 }
97
98 struct ccmode_cbc cc3des_cbc_mode_encrypt = {
99 .n = CC3DES_LTC_ECB_ENCRYPT_N,
100 .init = ccmode_cbc_init,
101 .cbc = ccmode_cbc_encrypt,
102 .custom = &cc3des_ltc_ecb_encrypt
103 };
104
105 const struct ccmode_cbc *cc3des_cbc_encrypt_mode(void) {
106 return &cc3des_mode_encrypt;
107 }
108
109 #endif
110
111
112
113 void ccmode_cbc_init(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
114 size_t rawkey_len, const void *rawkey);
115 void ccmode_cbc_decrypt(const cccbc_ctx *ctx, cccbc_iv *iv, unsigned long nblocks,
116 const void *in, void *out);
117 void ccmode_cbc_encrypt(const cccbc_ctx *ctx, cccbc_iv *iv, unsigned long nblocks,
118 const void *in, void *out);
119
120 struct _ccmode_cbc_key {
121 const struct ccmode_ecb *ecb;
122 cc_unit u[];
123 };
124
125 /* Use this to statically initialize a ccmode_cbc object for decryption. */
126 #define CCMODE_FACTORY_CBC_DECRYPT(ECB) { \
127 .size = ccn_sizeof_size(sizeof(struct _ccmode_cbc_key)) + ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
128 .block_size = (ECB)->block_size, \
129 .init = ccmode_cbc_init, \
130 .cbc = ccmode_cbc_decrypt, \
131 .custom = (ECB) \
132 }
133
134 /* Use this to statically initialize a ccmode_cbc object for encryption. */
135 #define CCMODE_FACTORY_CBC_ENCRYPT(ECB) { \
136 .size = ccn_sizeof_size(sizeof(struct _ccmode_cbc_key)) + ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
137 .block_size = (ECB)->block_size, \
138 .init = ccmode_cbc_init, \
139 .cbc = ccmode_cbc_encrypt, \
140 .custom = (ECB) \
141 }
142
143 /* Use these function to runtime initialize a ccmode_cbc decrypt object (for
144 example if it's part of a larger structure). Normally you would pass a
145 ecb decrypt mode implementation of some underlying algorithm as the ecb
146 parameter. */
147 CC_INLINE
148 void ccmode_factory_cbc_decrypt(struct ccmode_cbc *cbc,
149 const struct ccmode_ecb *ecb) {
150 struct ccmode_cbc cbc_decrypt = CCMODE_FACTORY_CBC_DECRYPT(ecb);
151 *cbc = cbc_decrypt;
152 }
153
154 /* Use these function to runtime initialize a ccmode_cbc encrypt object (for
155 example if it's part of a larger structure). Normally you would pass a
156 ecb encrypt mode implementation of some underlying algorithm as the ecb
157 parameter. */
158 CC_INLINE
159 void ccmode_factory_cbc_encrypt(struct ccmode_cbc *cbc,
160 const struct ccmode_ecb *ecb) {
161 struct ccmode_cbc cbc_encrypt = CCMODE_FACTORY_CBC_ENCRYPT(ecb);
162 *cbc = cbc_encrypt;
163 }
164
165
166 void ccmode_cfb_init(const struct ccmode_cfb *cfb, cccfb_ctx *ctx,
167 size_t rawkey_len, const void *rawkey,
168 const void *iv);
169 void ccmode_cfb_decrypt(cccfb_ctx *ctx, size_t nbytes,
170 const void *in, void *out);
171 void ccmode_cfb_encrypt(cccfb_ctx *ctx, size_t nbytes,
172 const void *in, void *out);
173
174 struct _ccmode_cfb_key {
175 const struct ccmode_ecb *ecb;
176 size_t pad_len;
177 cc_unit u[];
178 };
179
180 /* Use this to statically initialize a ccmode_cfb object for decryption. */
181 #define CCMODE_FACTORY_CFB_DECRYPT(ECB) { \
182 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
183 .block_size = 1, \
184 .init = ccmode_cfb_init, \
185 .cfb = ccmode_cfb_decrypt, \
186 .custom = (ECB) \
187 }
188
189 /* Use this to statically initialize a ccmode_cfb object for encryption. */
190 #define CCMODE_FACTORY_CFB_ENCRYPT(ECB) { \
191 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
192 .block_size = 1, \
193 .init = ccmode_cfb_init, \
194 .cfb = ccmode_cfb_encrypt, \
195 .custom = (ECB) \
196 }
197
198 /* Use these function to runtime initialize a ccmode_cfb decrypt object (for
199 example if it's part of a larger structure). Normally you would pass a
200 ecb encrypt mode implementation of some underlying algorithm as the ecb
201 parameter. */
202 CC_INLINE
203 void ccmode_factory_cfb_decrypt(struct ccmode_cfb *cfb,
204 const struct ccmode_ecb *ecb) {
205 struct ccmode_cfb cfb_decrypt = CCMODE_FACTORY_CFB_DECRYPT(ecb);
206 *cfb = cfb_decrypt;
207 }
208
209 /* Use these function to runtime initialize a ccmode_cfb encrypt object (for
210 example if it's part of a larger structure). Normally you would pass a
211 ecb encrypt mode implementation of some underlying algorithm as the ecb
212 parameter. */
213 CC_INLINE
214 void ccmode_factory_cfb_encrypt(struct ccmode_cfb *cfb,
215 const struct ccmode_ecb *ecb) {
216 struct ccmode_cfb cfb_encrypt = CCMODE_FACTORY_CFB_ENCRYPT(ecb);
217 *cfb = cfb_encrypt;
218 }
219
220
221 void ccmode_cfb8_init(const struct ccmode_cfb8 *cfb8, cccfb8_ctx *ctx,
222 size_t rawkey_len, const void *rawkey, const void *iv);
223 void ccmode_cfb8_decrypt(cccfb8_ctx *ctx, size_t nbytes,
224 const void *in, void *out);
225 void ccmode_cfb8_encrypt(cccfb8_ctx *ctx, size_t nbytes,
226 const void *in, void *out);
227
228 struct _ccmode_cfb8_key {
229 const struct ccmode_ecb *ecb;
230 cc_unit u[];
231 };
232
233 /* Use this to statically initialize a ccmode_cfb8 object for decryption. */
234 #define CCMODE_FACTORY_CFB8_DECRYPT(ECB) { \
235 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb8_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
236 .block_size = 1, \
237 .init = ccmode_cfb8_init, \
238 .cfb8 = ccmode_cfb8_decrypt, \
239 .custom = (ECB) \
240 }
241
242 /* Use this to statically initialize a ccmode_cfb8 object for encryption. */
243 #define CCMODE_FACTORY_CFB8_ENCRYPT(ECB) { \
244 .size = ccn_sizeof_size(sizeof(struct _ccmode_cfb8_key)) + 2 * ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
245 .block_size = 1, \
246 .init = ccmode_cfb8_init, \
247 .cfb8 = ccmode_cfb8_encrypt, \
248 .custom = (ECB) \
249 }
250
251 /* Use these function to runtime initialize a ccmode_cfb8 decrypt object (for
252 example if it's part of a larger structure). Normally you would pass a
253 ecb decrypt mode implementation of some underlying algorithm as the ecb
254 parameter. */
255 CC_INLINE
256 void ccmode_factory_cfb8_decrypt(struct ccmode_cfb8 *cfb8,
257 const struct ccmode_ecb *ecb) {
258 struct ccmode_cfb8 cfb8_decrypt = CCMODE_FACTORY_CFB8_DECRYPT(ecb);
259 *cfb8 = cfb8_decrypt;
260 }
261
262 /* Use these function to runtime initialize a ccmode_cfb8 encrypt object (for
263 example if it's part of a larger structure). Normally you would pass a
264 ecb encrypt mode implementation of some underlying algorithm as the ecb
265 parameter. */
266 CC_INLINE
267 void ccmode_factory_cfb8_encrypt(struct ccmode_cfb8 *cfb8,
268 const struct ccmode_ecb *ecb) {
269 struct ccmode_cfb8 cfb8_encrypt = CCMODE_FACTORY_CFB8_ENCRYPT(ecb);
270 *cfb8 = cfb8_encrypt;
271 }
272
273 void ccmode_ctr_init(const struct ccmode_ctr *ctr, ccctr_ctx *ctx,
274 size_t rawkey_len, const void *rawkey, const void *iv);
275 void ccmode_ctr_crypt(ccctr_ctx *ctx, size_t nbytes,
276 const void *in, void *out);
277
278 struct _ccmode_ctr_key {
279 const struct ccmode_ecb *ecb;
280 size_t pad_len;
281 cc_unit u[];
282 };
283
284 /* Use this to statically initialize a ccmode_ctr object for decryption. */
285 #define CCMODE_FACTORY_CTR_CRYPT(ECB_ENCRYPT) { \
286 .size = ccn_sizeof_size(sizeof(struct _ccmode_ctr_key)) + 2 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
287 .block_size = 1, \
288 .init = ccmode_ctr_init, \
289 .ctr = ccmode_ctr_crypt, \
290 .custom = (ECB_ENCRYPT) \
291 }
292
293 /* Use these function to runtime initialize a ccmode_ctr decrypt object (for
294 example if it's part of a larger structure). Normally you would pass a
295 ecb encrypt mode implementation of some underlying algorithm as the ecb
296 parameter. */
297 CC_INLINE
298 void ccmode_factory_ctr_crypt(struct ccmode_ctr *ctr,
299 const struct ccmode_ecb *ecb) {
300 struct ccmode_ctr ctr_crypt = CCMODE_FACTORY_CTR_CRYPT(ecb);
301 *ctr = ctr_crypt;
302 }
303
304 /* GCM FEATURES. */
305 //#define CCMODE_GCM_TABLES 1
306 #define CCMODE_GCM_FAST 1
307
308 #ifdef CCMODE_GCM_FAST
309 #define CCMODE_GCM_FAST_TYPE cc_unit
310 #endif
311
312 #ifdef CCMODE_GCM_TABLES
313
314 //#define CCMODE_GCM_TABLES_SSE2 1
315
316 extern const unsigned char gcm_shift_table[256*2];
317 #endif
318 #if defined(__x86_64__) || defined(__arm64__)
319 #define VNG_SPEEDUP 1
320 #endif
321
322 /* Create a gcm key from a gcm mode object.
323 key must point to at least sizeof(CCMODE_GCM_KEY(ecb)) bytes of free
324 storage. */
325 void ccmode_gcm_init(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx,
326 size_t rawkey_len, const void *rawkey);
327 void ccmode_gcm_set_iv(ccgcm_ctx *ctx, size_t iv_size, const void *iv);
328 void ccmode_gcm_gmac(ccgcm_ctx *ctx, size_t nbytes, const void *in);
329 void ccmode_gcm_decrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
330 void *out);
331 void ccmode_gcm_encrypt(ccgcm_ctx *ctx, size_t nbytes, const void *in,
332 void *out);
333 void ccmode_gcm_finalize(ccgcm_ctx *key, size_t tag_size, void *tag);
334 void ccmode_gcm_reset(ccgcm_ctx *key);
335
336 struct _ccmode_gcm_key {
337 // 5 blocks of temp space.
338 unsigned char H[16]; /* multiplier */
339 unsigned char X[16]; /* accumulator */
340 unsigned char Y[16]; /* counter */
341 unsigned char Y_0[16]; /* initial counter */
342 unsigned char buf[16]; /* buffer for stuff */
343
344 const struct ccmode_ecb *ecb;
345 uint32_t ivmode; /* Which mode is the IV in? */
346 uint32_t mode; /* mode the GCM code is in */
347 uint32_t buflen; /* length of data in buf */
348
349 uint64_t totlen; /* 64-bit counter used for IV and AAD */
350 uint64_t pttotlen; /* 64-bit counter for the PT */
351
352 #ifdef CCMODE_GCM_TABLES
353 /* TODO: Make table based gcm a separate mode object. */
354 unsigned char PC[16][256][16] /* 16 tables of 8x128 */
355 #ifdef CCMODE_GCM_TABLES_SSE2
356 __attribute__ ((aligned (16)))
357 #endif /* CCMODE_GCM_TABLES_SSE2 */
358 ;
359 #endif /* CCMODE_GCM_TABLES */
360
361 #ifdef VNG_SPEEDUP
362 unsigned char Htable[16*8*2] __attribute__((aligned(16)));
363 #endif
364
365 cc_unit u[];
366
367 };
368
369 /* Use this to statically initialize a ccmode_gcm object for decryption. */
370 #define CCMODE_FACTORY_GCM_DECRYPT(ECB_ENCRYPT) { \
371 .size = ccn_sizeof_size(sizeof(struct _ccmode_gcm_key)) + 5 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
372 .block_size = 1, \
373 .init = ccmode_gcm_init, \
374 .set_iv = ccmode_gcm_set_iv, \
375 .gmac = ccmode_gcm_gmac, \
376 .gcm = ccmode_gcm_decrypt, \
377 .finalize = ccmode_gcm_finalize, \
378 .reset = ccmode_gcm_reset, \
379 .custom = (ECB_ENCRYPT) \
380 }
381
382 /* Use this to statically initialize a ccmode_gcm object for encryption. */
383 #define CCMODE_FACTORY_GCM_ENCRYPT(ECB_ENCRYPT) { \
384 .size = ccn_sizeof_size(sizeof(struct _ccmode_gcm_key)) + 5 * ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
385 .block_size = 1, \
386 .init = ccmode_gcm_init, \
387 .set_iv = ccmode_gcm_set_iv, \
388 .gmac = ccmode_gcm_gmac, \
389 .gcm = ccmode_gcm_encrypt, \
390 .finalize = ccmode_gcm_finalize, \
391 .reset = ccmode_gcm_reset, \
392 .custom = (ECB_ENCRYPT) \
393 }
394
395 /* Use these function to runtime initialize a ccmode_gcm decrypt object (for
396 example if it's part of a larger structure). For GCM you always pass a
397 ecb encrypt mode implementation of some underlying algorithm as the ecb
398 parameter. */
399 CC_INLINE
400 void ccmode_factory_gcm_decrypt(struct ccmode_gcm *gcm,
401 const struct ccmode_ecb *ecb_encrypt) {
402 struct ccmode_gcm gcm_decrypt = CCMODE_FACTORY_GCM_DECRYPT(ecb_encrypt);
403 *gcm = gcm_decrypt;
404 }
405
406 /* Use these function to runtime initialize a ccmode_gcm encrypt object (for
407 example if it's part of a larger structure). For GCM you always pass a
408 ecb encrypt mode implementation of some underlying algorithm as the ecb
409 parameter. */
410 CC_INLINE
411 void ccmode_factory_gcm_encrypt(struct ccmode_gcm *gcm,
412 const struct ccmode_ecb *ecb_encrypt) {
413 struct ccmode_gcm gcm_encrypt = CCMODE_FACTORY_GCM_ENCRYPT(ecb_encrypt);
414 *gcm = gcm_encrypt;
415 }
416
417
418 /* CCM (only NIST approved with AES) */
419 void ccmode_ccm_init(const struct ccmode_ccm *ccm, ccccm_ctx *ctx,
420 size_t rawkey_len, const void *rawkey);
421 void ccmode_ccm_set_iv(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nonce_len, const void *nonce,
422 size_t mac_size, size_t auth_len, size_t data_len);
423 /* internal function */
424 void ccmode_ccm_macdata(ccccm_ctx *key, ccccm_nonce *nonce_ctx, unsigned new_block, size_t nbytes, const void *in);
425 /* api function - disallows only mac'd data after data to encrypt was sent */
426 void ccmode_ccm_cbcmac(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in);
427 /* internal function */
428 void ccmode_ccm_crypt(ccccm_ctx *key, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in, void *out);
429 void ccmode_ccm_decrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
430 void *out);
431 void ccmode_ccm_encrypt(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in,
432 void *out);
433 void ccmode_ccm_finalize(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac);
434 void ccmode_ccm_reset(ccccm_ctx *key, ccccm_nonce *nonce_ctx);
435
436 struct _ccmode_ccm_key {
437 const struct ccmode_ecb *ecb;
438 cc_unit u[];
439 };
440
441 struct _ccmode_ccm_nonce {
442 unsigned char A_i[16]; /* crypto block iv */
443 unsigned char B_i[16]; /* mac block iv */
444 unsigned char MAC[16]; /* crypted mac */
445 unsigned char buf[16]; /* crypt buffer */
446
447 uint32_t mode; /* mode: IV -> AD -> DATA */
448 uint32_t buflen; /* length of data in buf */
449 uint32_t b_i_len; /* length of cbcmac data in B_i */
450
451 size_t nonce_size;
452 size_t mac_size;
453 };
454
455 /* Use this to statically initialize a ccmode_ccm object for decryption. */
456 #define CCMODE_FACTORY_CCM_DECRYPT(ECB_ENCRYPT) { \
457 .size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_key)) + ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
458 .nonce_size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_nonce)), \
459 .block_size = 1, \
460 .init = ccmode_ccm_init, \
461 .set_iv = ccmode_ccm_set_iv, \
462 .cbcmac = ccmode_ccm_cbcmac, \
463 .ccm = ccmode_ccm_decrypt, \
464 .finalize = ccmode_ccm_finalize, \
465 .reset = ccmode_ccm_reset, \
466 .custom = (ECB_ENCRYPT) \
467 }
468
469 /* Use this to statically initialize a ccmode_ccm object for encryption. */
470 #define CCMODE_FACTORY_CCM_ENCRYPT(ECB_ENCRYPT) { \
471 .size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_key)) + ccn_sizeof_size((ECB_ENCRYPT)->block_size) + ccn_sizeof_size((ECB_ENCRYPT)->size), \
472 .nonce_size = ccn_sizeof_size(sizeof(struct _ccmode_ccm_nonce)), \
473 .block_size = 1, \
474 .init = ccmode_ccm_init, \
475 .set_iv = ccmode_ccm_set_iv, \
476 .cbcmac = ccmode_ccm_cbcmac, \
477 .ccm = ccmode_ccm_encrypt, \
478 .finalize = ccmode_ccm_finalize, \
479 .reset = ccmode_ccm_reset, \
480 .custom = (ECB_ENCRYPT) \
481 }
482
483 /* Use these function to runtime initialize a ccmode_ccm decrypt object (for
484 example if it's part of a larger structure). For CCM you always pass a
485 ecb encrypt mode implementation of some underlying algorithm as the ecb
486 parameter. */
487 CC_INLINE
488 void ccmode_factory_ccm_decrypt(struct ccmode_ccm *ccm,
489 const struct ccmode_ecb *ecb_encrypt) {
490 struct ccmode_ccm ccm_decrypt = CCMODE_FACTORY_CCM_DECRYPT(ecb_encrypt);
491 *ccm = ccm_decrypt;
492 }
493
494 /* Use these function to runtime initialize a ccmode_ccm encrypt object (for
495 example if it's part of a larger structure). For CCM you always pass a
496 ecb encrypt mode implementation of some underlying algorithm as the ecb
497 parameter. */
498 CC_INLINE
499 void ccmode_factory_ccm_encrypt(struct ccmode_ccm *ccm,
500 const struct ccmode_ecb *ecb_encrypt) {
501 struct ccmode_ccm ccm_encrypt = CCMODE_FACTORY_CCM_ENCRYPT(ecb_encrypt);
502 *ccm = ccm_encrypt;
503 }
504
505
506 void ccmode_ofb_init(const struct ccmode_ofb *ofb, ccofb_ctx *ctx,
507 size_t rawkey_len, const void *rawkey,
508 const void *iv);
509 void ccmode_ofb_crypt(ccofb_ctx *ctx, size_t nbytes,
510 const void *in, void *out);
511
512 struct _ccmode_ofb_key {
513 const struct ccmode_ecb *ecb;
514 size_t pad_len;
515 cc_unit u[];
516 };
517
518 /* Use this to statically initialize a ccmode_ofb object. */
519 #define CCMODE_FACTORY_OFB_CRYPT(ECB) { \
520 .size = ccn_sizeof_size(sizeof(struct _ccmode_ofb_key)) + ccn_sizeof_size((ECB)->block_size) + ccn_sizeof_size((ECB)->size), \
521 .block_size = 1, \
522 .init = ccmode_ofb_init, \
523 .ofb = ccmode_ofb_crypt, \
524 .custom = (ECB) \
525 }
526
527 /* Use these function to runtime initialize a ccmode_ofb encrypt object (for
528 example if it's part of a larger structure). Normally you would pass a
529 ecb encrypt mode implementation of some underlying algorithm as the ecb
530 parameter. */
531 CC_INLINE
532 void ccmode_factory_ofb_crypt(struct ccmode_ofb *ofb,
533 const struct ccmode_ecb *ecb) {
534 struct ccmode_ofb ofb_crypt = CCMODE_FACTORY_OFB_CRYPT(ecb);
535 *ofb = ofb_crypt;
536 }
537
538
539 int ccmode_omac_decrypt(ccomac_ctx *ctx, unsigned long nblocks,
540 const void *tweak, const void *in, void *out);
541 int ccmode_omac_encrypt(ccomac_ctx *ctx, unsigned long nblocks,
542 const void *tweak, const void *in, void *out);
543
544 /* Create a omac key from a omac mode object. The tweak_len here
545 determines how long the tweak is in bytes, for each subsequent call to
546 ccmode_omac->omac().
547 key must point to at least sizeof(CCMODE_OMAC_KEY(ecb)) bytes of free
548 storage. */
549 void ccmode_omac_init(const struct ccmode_omac *omac, ccomac_ctx *ctx,
550 cc_size tweak_len, size_t rawkey_len,
551 const void *rawkey);
552
553 struct _ccmode_omac_key {
554 const struct ccmode_ecb *ecb;
555 size_t tweak_len;
556 cc_unit u[];
557 };
558
559 /* Use this to statically initialize a ccmode_omac object for decryption. */
560 #define CCMODE_FACTORY_OMAC_DECRYPT(ECB) { \
561 .size = ccn_sizeof_size(sizeof(struct _ccmode_omac_key)) + 2 * ccn_sizeof_size((ECB)->size), \
562 .block_size = (ECB)->block_size, \
563 .init = ccmode_omac_init, \
564 .omac = ccmode_omac_decrypt, \
565 .custom = (ECB) \
566 }
567
568 /* Use this to statically initialize a ccmode_omac object for encryption. */
569 #define CCMODE_FACTORY_OMAC_ENCRYPT(ECB) { \
570 .size = ccn_sizeof_size(sizeof(struct _ccmode_omac_key)) + 2 * ccn_sizeof_size((ECB)->size), \
571 .block_size = (ECB)->block_size, \
572 .init = ccmode_omac_init, \
573 .omac = ccmode_omac_encrypt, \
574 .custom = (ECB) \
575 }
576
577 /* Use these function to runtime initialize a ccmode_omac decrypt object (for
578 example if it's part of a larger structure). Normally you would pass a
579 ecb decrypt mode implementation of some underlying algorithm as the ecb
580 parameter. */
581 CC_INLINE
582 void ccmode_factory_omac_decrypt(struct ccmode_omac *omac,
583 const struct ccmode_ecb *ecb) {
584 struct ccmode_omac omac_decrypt = CCMODE_FACTORY_OMAC_DECRYPT(ecb);
585 *omac = omac_decrypt;
586 }
587
588 /* Use these function to runtime initialize a ccmode_omac encrypt object (for
589 example if it's part of a larger structure). Normally you would pass a
590 ecb encrypt mode implementation of some underlying algorithm as the ecb
591 parameter. */
592 CC_INLINE
593 void ccmode_factory_omac_encrypt(struct ccmode_omac *omac,
594 const struct ccmode_ecb *ecb) {
595 struct ccmode_omac omac_encrypt = CCMODE_FACTORY_OMAC_ENCRYPT(ecb);
596 *omac = omac_encrypt;
597 }
598
599
600 /* Function prototypes used by the macros below, do not call directly. */
601 void ccmode_xts_init(const struct ccmode_xts *xts, ccxts_ctx *ctx,
602 size_t key_len, const void *data_key,
603 const void *tweak_key);
604 void *ccmode_xts_crypt(const ccxts_ctx *ctx, ccxts_tweak *tweak,
605 unsigned long nblocks, const void *in, void *out);
606 void ccmode_xts_set_tweak(const ccxts_ctx *ctx, ccxts_tweak *tweak,
607 const void *iv);
608
609
610 struct _ccmode_xts_key {
611 const struct ccmode_ecb *ecb;
612 const struct ccmode_ecb *ecb_encrypt;
613 cc_unit u[];
614 };
615
616 struct _ccmode_xts_tweak {
617 // FIPS requires that for XTS that no more that 2^20 AES blocks may be processed for any given
618 // Key, Tweak Key, and tweak combination
619 // the bytes_processed field in the context will accumuate the number of blocks processed and
620 // will fail the encrypt/decrypt if the size is violated. This counter will be reset to 0
621 // when set_tweak is called.
622 unsigned long blocks_processed;
623 cc_unit u[];
624 };
625
626 /* Use this to statically initialize a ccmode_xts object for decryption. */
627 #define CCMODE_FACTORY_XTS_DECRYPT(ECB, ECB_ENCRYPT) { \
628 .size = ccn_sizeof_size(sizeof(struct _ccmode_xts_key)) + 2 * ccn_sizeof_size((ECB)->size), \
629 .tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(16), \
630 .block_size = 16, \
631 .init = ccmode_xts_init, \
632 .set_tweak = ccmode_xts_set_tweak, \
633 .xts = ccmode_xts_crypt, \
634 .custom = (ECB), \
635 .custom1 = (ECB_ENCRYPT) \
636 }
637
638 /* Use this to statically initialize a ccmode_xts object for encryption. */
639 #define CCMODE_FACTORY_XTS_ENCRYPT(ECB, ECB_ENCRYPT) { \
640 .size = ccn_sizeof_size(sizeof(struct _ccmode_xts_key)) + 2 * ccn_sizeof_size((ECB)->size), \
641 .tweak_size = ccn_sizeof_size(sizeof(struct _ccmode_xts_tweak)) + ccn_sizeof_size(16), \
642 .block_size = 16, \
643 .init = ccmode_xts_init, \
644 .set_tweak = ccmode_xts_set_tweak, \
645 .xts = ccmode_xts_crypt, \
646 .custom = (ECB), \
647 .custom1 = (ECB_ENCRYPT) \
648 }
649
650 /* Use these function to runtime initialize a ccmode_xts decrypt object (for
651 example if it's part of a larger structure). Normally you would pass a
652 ecb decrypt mode implementation of some underlying algorithm as the ecb
653 parameter. */
654 CC_INLINE
655 void ccmode_factory_xts_decrypt(struct ccmode_xts *xts,
656 const struct ccmode_ecb *ecb,
657 const struct ccmode_ecb *ecb_encrypt) {
658 struct ccmode_xts xts_decrypt = CCMODE_FACTORY_XTS_DECRYPT(ecb, ecb_encrypt);
659 *xts = xts_decrypt;
660 }
661
662 /* Use these function to runtime initialize a ccmode_xts encrypt object (for
663 example if it's part of a larger structure). Normally you would pass a
664 ecb encrypt mode implementation of some underlying algorithm as the ecb
665 parameter. */
666 CC_INLINE
667 void ccmode_factory_xts_encrypt(struct ccmode_xts *xts,
668 const struct ccmode_ecb *ecb,
669 const struct ccmode_ecb *ecb_encrypt) {
670 struct ccmode_xts xts_encrypt = CCMODE_FACTORY_XTS_ENCRYPT(ecb, ecb_encrypt);
671 *xts = xts_encrypt;
672 }
673
674 #endif /* _CORECRYPTO_CCMODE_FACTORY_H_ */
mirror of XNU