libkern/crypto/corecrypto_aes.c

   1 /*
   2  * Copyright (c) 2012 Apple Computer, Inc. All rights reserved.
   3  *
   4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. The rights granted to you under the License
  10  * may not be used to create, or enable the creation or redistribution of,
  11  * unlawful or unlicensed copies of an Apple operating system, or to
  12  * circumvent, violate, or enable the circumvention or violation of, any
  13  * terms of an Apple operating system software license agreement.
  14  *
  15  * Please obtain a copy of the License at
  16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
  17  *
  18  * The Original Code and all software distributed under the License are
  19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  23  * Please see the License for the specific language governing rights and
  24  * limitations under the License.
  25  *
  26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  27  */
  28
  29 #include <libkern/crypto/crypto_internal.h>
  30 #include <libkern/crypto/aes.h>
  31 #include <corecrypto/ccmode.h>
  32 #include <corecrypto/ccaes.h>
  33 #include <kern/debug.h>
  34
  35 aes_rval aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
  36 {
  37         const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_encrypt;
  38
  39     /* Make sure the context size for the mode fits in the one we have */
  40     if(cbc->size>sizeof(aes_encrypt_ctx))
  41         panic("%s: inconsistent size for AES encrypt context", __FUNCTION__);
  42
  43         cccbc_init(cbc, cx[0].ctx, key_len, key);
  44
  45         return aes_good;
  46 }
  47
  48 aes_rval aes_encrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
  49                                          unsigned char *out_blk, aes_encrypt_ctx cx[1])
  50 {
  51         const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_encrypt;
  52         cccbc_iv_decl(cbc->block_size, ctx_iv);
  53
  54         cccbc_set_iv(cbc, ctx_iv, in_iv);
  55         cccbc_update(cbc, cx[0].ctx, ctx_iv, num_blk, in_blk, out_blk); //Actually cbc encrypt.
  56
  57         return aes_good;
  58 }
  59
  60 #if defined (__i386__) || defined (__x86_64__) || defined (__arm64__)
  61 /* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */
  62 aes_rval aes_encrypt(const unsigned char *in_blk, unsigned char *out_blk, aes_encrypt_ctx cx[1])
  63 {
  64        return aes_encrypt_cbc(in_blk, NULL, 1, out_blk, cx);
  65 }
  66 #endif
  67
  68 aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
  69 {
  70         const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_decrypt;
  71
  72     /* Make sure the context size for the mode fits in the one we have */
  73     if(cbc->size>sizeof(aes_decrypt_ctx))
  74         panic("%s: inconsistent size for AES decrypt context", __FUNCTION__);
  75
  76         cccbc_init(cbc, cx[0].ctx, key_len, key);
  77
  78         return aes_good;
  79 }
  80
  81 aes_rval aes_decrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
  82                                                  unsigned char *out_blk, aes_decrypt_ctx cx[1])
  83 {
  84         const struct ccmode_cbc *cbc = g_crypto_funcs->ccaes_cbc_decrypt;
  85         cccbc_iv_decl(cbc->block_size, ctx_iv);
  86
  87         cccbc_set_iv(cbc, ctx_iv, in_iv);
  88         cccbc_update(cbc, cx[0].ctx, ctx_iv, num_blk, in_blk, out_blk); //Actually cbc decrypt.
  89
  90         return aes_good;
  91 }
  92
  93 #if defined (__i386__) || defined (__x86_64__) || defined (__arm64__)
  94 /* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */
  95 aes_rval aes_decrypt(const unsigned char *in_blk, unsigned char *out_blk, aes_decrypt_ctx cx[1])
  96 {
  97         return aes_decrypt_cbc(in_blk, NULL, 1, out_blk, cx);
  98 }
  99 #endif
 100
 101 aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
 102 {
 103         return aes_encrypt_key(key, 16, cx);
 104 }
 105
 106 aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
 107 {
 108         return aes_decrypt_key(key, 16, cx);
 109 }
 110
 111
 112 aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
 113 {
 114         return aes_encrypt_key(key, 32, cx);
 115 }
 116
 117 aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
 118 {
 119         return aes_decrypt_key(key, 32, cx);
 120 }
 121
 122 aes_rval aes_encrypt_key_gcm(const unsigned char *key, int key_len, ccgcm_ctx *ctx)
 123 {
 124         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
 125         if (!gcm) {
 126                 return aes_error;
 127         }
 128
 129         ccgcm_init(gcm, ctx, key_len, key);
 130         return aes_good;
 131 }
 132
 133 aes_rval aes_encrypt_set_iv_gcm(const unsigned char *in_iv, unsigned int len, ccgcm_ctx *ctx)
 134 {
 135         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
 136         if (!gcm) {
 137                 return aes_error;
 138         }
 139
 140         ccgcm_set_iv(gcm, ctx, len, in_iv);
 141         return aes_good;
 142 }
 143
 144 aes_rval aes_encrypt_aad_gcm(const unsigned char *aad, unsigned int aad_bytes, ccgcm_ctx *ctx)
 145 {
 146         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
 147         if (!gcm) {
 148                 return aes_error;
 149         }
 150
 151         ccgcm_gmac(gcm, ctx, aad_bytes, aad);
 152         return aes_good;
 153 }
 154
 155 aes_rval aes_encrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes,
 156                          unsigned char *out_blk, ccgcm_ctx *ctx)
 157 {
 158         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
 159         if (!gcm) {
 160                 return aes_error;
 161         }
 162
 163         ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk);     //Actually gcm encrypt.
 164         return aes_good;
 165 }
 166
 167 aes_rval aes_encrypt_finalize_gcm(unsigned char *tag, unsigned int tag_bytes, ccgcm_ctx *ctx)
 168 {
 169         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
 170         if (!gcm) {
 171                 return aes_error;
 172         }
 173
 174         ccgcm_finalize(gcm, ctx, tag_bytes, tag);
 175         ccgcm_reset(gcm, ctx);
 176         return aes_good;
 177 }
 178
 179 aes_rval aes_decrypt_key_gcm(const unsigned char *key, int key_len, ccgcm_ctx *ctx)
 180 {
 181         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
 182         if (!gcm) {
 183                 return aes_error;
 184         }
 185
 186         ccgcm_init(gcm, ctx, key_len, key);
 187         return aes_good;
 188 }
 189
 190 aes_rval aes_decrypt_set_iv_gcm(const unsigned char *in_iv, unsigned int len, ccgcm_ctx *ctx)
 191 {
 192         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
 193         if (!gcm) {
 194                 return aes_error;
 195         }
 196
 197         ccgcm_set_iv(gcm, ctx, len, in_iv);
 198         return aes_good;
 199 }
 200
 201 aes_rval aes_decrypt_aad_gcm(const unsigned char *aad, unsigned int aad_bytes, ccgcm_ctx *ctx)
 202 {
 203         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
 204         if (!gcm) {
 205                 return aes_error;
 206         }
 207
 208         ccgcm_gmac(gcm, ctx, aad_bytes, aad);
 209         return aes_good;
 210 }
 211
 212 aes_rval aes_decrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes,
 213                          unsigned char *out_blk, ccgcm_ctx *ctx)
 214 {
 215         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
 216         if (!gcm) {
 217                 return aes_error;
 218         }
 219
 220         ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk);     //Actually gcm decrypt.
 221         return aes_good;
 222 }
 223
 224 aes_rval aes_decrypt_finalize_gcm(unsigned char *tag, unsigned int tag_bytes, ccgcm_ctx *ctx)
 225 {
 226         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
 227         if (!gcm) {
 228                 return aes_error;
 229         }
 230
 231         ccgcm_finalize(gcm, ctx, tag_bytes, tag);
 232         ccgcm_reset(gcm, ctx);
 233         return aes_good;
 234 }
 235
 236 unsigned aes_encrypt_get_ctx_size_gcm(void)
 237 {
 238         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt;
 239         if (!gcm) {
 240                 return 0;
 241         }
 242         return (cc_ctx_sizeof(ccgcm_ctx, gcm->size));
 243 }
 244
 245 unsigned aes_decrypt_get_ctx_size_gcm(void)
 246 {
 247         const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt;
 248         if (!gcm) {
 249                 return 0;
 250         }
 251         return (cc_ctx_sizeof(ccgcm_ctx, gcm->size));
 252 }
 253