-/*
- * ccmode_impl.h
- * corecrypto
- *
- * Created on 12/07/2010
- *
- * Copyright (c) 2012,2015 Apple Inc. All rights reserved.
+/* Copyright (c) (2010,2011,2012,2015,2016,2017,2018,2019) Apple Inc. All rights reserved.
*
+ * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
+ * is contained in the License.txt file distributed with corecrypto) and only to
+ * people who accept that license. IMPORTANT: Any license rights granted to you by
+ * Apple Inc. (if any) are limited to internal use within your organization only on
+ * devices and computers you own or control, for the sole purpose of verifying the
+ * security characteristics and correct functioning of the Apple Software. You may
+ * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
*/
#ifndef _CORECRYPTO_CCMODE_IMPL_H_
/* ECB mode. */
cc_aligned_struct(16) ccecb_ctx;
-
/* Actual symmetric algorithm implementation should provide you one of these. */
struct ccmode_ecb {
- size_t size; /* first argument to ccecb_ctx_decl(). */
+ size_t size; /* first argument to ccecb_ctx_decl(). */
size_t block_size;
- void (*init)(const struct ccmode_ecb *ecb, ccecb_ctx *ctx,
- size_t key_len, const void *key);
- void (*ecb)(const ccecb_ctx *ctx, size_t nblocks, const void *in,
- void *out);
+ int (*CC_SPTR(ccmode_ecb, init))(const struct ccmode_ecb *ecb, ccecb_ctx *ctx, size_t key_nbytes, const void *key);
+ int (*CC_SPTR(ccmode_ecb, ecb))(const ccecb_ctx *ctx, size_t nblocks, const void *in, void *out);
+ void (*CC_SPTR(ccmode_ecb, roundkey))(const ccecb_ctx *ctx, unsigned r, void *key);
};
/*!
* 1- ccmod_xxx_init()
* 2- ccmod_xxx_decrypt()
* 3- ccmod_xxx_encrypt()
- *
+ *
* stateful modes CCM and GCM: They provide 7 interface functions that return error codes if a function is called out of state
* 1- ccmod_xxx_init()
* 2- ccmod_xxx_setiv()
cc_aligned_struct(16) cccbc_iv;
struct ccmode_cbc {
- size_t size; /* first argument to cccbc_ctx_decl(). */
+ size_t size; /* first argument to cccbc_ctx_decl(). */
size_t block_size;
- void (*init)(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
- size_t key_len, const void *key);
+ int (*CC_SPTR(ccmode_cbc, init))(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, size_t key_len, const void *key);
/* cbc encrypt or decrypt nblocks from in to out, iv will be used and updated. */
- void (*cbc)(const cccbc_ctx *ctx, cccbc_iv *iv,
- size_t nblocks, const void *in, void *out);
+ int (*CC_SPTR(ccmode_cbc, cbc))(const cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks, const void *in, void *out);
const void *custom;
};
cc_aligned_struct(16) cccfb_ctx;
struct ccmode_cfb {
- size_t size; /* first argument to cccfb_ctx_decl(). */
+ size_t size; /* first argument to cccfb_ctx_decl(). */
size_t block_size;
- void (*init)(const struct ccmode_cfb *cfb, cccfb_ctx *ctx,
- size_t key_len, const void *key, const void *iv);
- void (*cfb)(cccfb_ctx *ctx, size_t nbytes, const void *in, void *out);
+ int (*CC_SPTR(ccmode_cfb,
+ init))(const struct ccmode_cfb *cfb, cccfb_ctx *ctx, size_t key_len, const void *key, const void *iv);
+ int (*CC_SPTR(ccmode_cfb, cfb))(cccfb_ctx *ctx, size_t nbytes, const void *in, void *out);
const void *custom;
};
cc_aligned_struct(16) cccfb8_ctx;
struct ccmode_cfb8 {
- size_t size; /* first argument to cccfb8_ctx_decl(). */
+ size_t size; /* first argument to cccfb8_ctx_decl(). */
size_t block_size;
- void (*init)(const struct ccmode_cfb8 *cfb8, cccfb8_ctx *ctx,
- size_t key_len, const void *key, const void *iv);
- void (*cfb8)(cccfb8_ctx *ctx, size_t nbytes, const void *in, void *out);
+ int (*CC_SPTR(ccmode_cfb8,
+ init))(const struct ccmode_cfb8 *cfb8, cccfb8_ctx *ctx, size_t key_len, const void *key, const void *iv);
+ int (*CC_SPTR(ccmode_cfb8, cfb8))(cccfb8_ctx *ctx, size_t nbytes, const void *in, void *out);
const void *custom;
};
cc_aligned_struct(16) ccctr_ctx;
struct ccmode_ctr {
- size_t size; /* first argument to ccctr_ctx_decl(). */
- size_t block_size;
- void (*init)(const struct ccmode_ctr *ctr, ccctr_ctx *ctx,
- size_t key_len, const void *key, const void *iv);
- void (*ctr)(ccctr_ctx *ctx, size_t nbytes, const void *in, void *out);
+ size_t size; /* first argument to ccctr_ctx_decl(). */
+ size_t block_size; /* for historical reasons, this is set to 1 */
+ size_t ecb_block_size; /* the actual block size of the underlying cipher */
+ int (*CC_SPTR(ccmode_ctr,
+ init))(const struct ccmode_ctr *mode, ccctr_ctx *ctx, size_t key_len, const void *key, const void *iv);
+ int (*CC_SPTR(ccmode_ctr, setctr))(const struct ccmode_ctr *mode, ccctr_ctx *ctx, const void *ctr);
+ int (*CC_SPTR(ccmode_ctr, ctr))(ccctr_ctx *ctx, size_t nbytes, const void *in, void *out);
const void *custom;
};
cc_aligned_struct(16) ccofb_ctx;
struct ccmode_ofb {
- size_t size; /* first argument to ccofb_ctx_decl(). */
+ size_t size; /* first argument to ccofb_ctx_decl(). */
size_t block_size;
- void (*init)(const struct ccmode_ofb *ofb, ccofb_ctx *ctx,
- size_t key_len, const void *key, const void *iv);
- void (*ofb)(ccofb_ctx *ctx, size_t nbytes, const void *in, void *out);
+ int (*CC_SPTR(ccmode_ofb,
+ init))(const struct ccmode_ofb *ofb, ccofb_ctx *ctx, size_t key_len, const void *key, const void *iv);
+ int (*CC_SPTR(ccmode_ofb, ofb))(ccofb_ctx *ctx, size_t nbytes, const void *in, void *out);
const void *custom;
};
cc_aligned_struct(16) ccxts_tweak;
struct ccmode_xts {
- size_t size; /* first argument to ccxts_ctx_decl(). */
- size_t tweak_size; /* first argument to ccxts_tweak_decl(). */
+ size_t size; /* first argument to ccxts_ctx_decl(). Size of the ctx data structure */
+ size_t tweak_size; /* first argument to ccxts_tweak_decl(). Size of the tweak structure, not the expected tweak size */
size_t block_size;
- /* Create a xts key from a xts mode object. The tweak_len here
- determines how long the tweak is in bytes, for each subsequent call to
- ccmode_xts->xts().
- key must point to at least 'size' cc_units of free storage.
- tweak_key must point to at least 'tweak_size' cc_units of free storage. */
- void (*init)(const struct ccmode_xts *xts, ccxts_ctx *ctx,
- size_t key_len, const void *key, const void *tweak_key);
+ /* Create a xts key from a xts mode object.
+ key must point to at least 'size' bytes of free storage.
+ tweak_key must point to at least 'tweak_size' bytes of free storage.
+ key and tweak_key must differ.
+ Returns nonzero on failure.
+ */
+ int (*CC_SPTR(ccmode_xts, init))(const struct ccmode_xts *xts,
+ ccxts_ctx *ctx,
+ size_t key_nbytes,
+ const void *data_key,
+ const void *tweak_key);
+
+ void (*CC_SPTR(ccmode_xts, key_sched))(const struct ccmode_xts *xts,
+ ccxts_ctx *ctx,
+ size_t key_nbytes,
+ const void *data_key,
+ const void *tweak_key);
/* Set the tweak (sector number), the block within the sector zero. */
- void (*set_tweak)(const ccxts_ctx *ctx, ccxts_tweak *tweak, const void *iv);
+ int (*CC_SPTR(ccmode_xts, set_tweak))(const ccxts_ctx *ctx, ccxts_tweak *tweak, const void *iv);
/* Encrypt blocks for a sector, clients must call set_tweak before calling
this function. Return a pointer to the tweak buffer */
- void *(*xts)(const ccxts_ctx *ctx, ccxts_tweak *tweak,
- size_t nblocks, const void *in, void *out);
+ void *(*CC_SPTR(ccmode_xts, xts))(const ccxts_ctx *ctx, ccxts_tweak *tweak, size_t nblocks, const void *in, void *out);
const void *custom;
const void *custom1;
};
-//7- GCM mode, statful
+// 7- GCM mode, statful
cc_aligned_struct(16) ccgcm_ctx;
-#define CCMODE_GCM_DECRYPTOR 78647
-#define CCMODE_GCM_ENCRYPTOR 4073947
+#define CCMODE_GCM_DECRYPTOR 78647
+#define CCMODE_GCM_ENCRYPTOR 4073947
struct ccmode_gcm {
- size_t size; /* first argument to ccgcm_ctx_decl(). */
- int encdec; //is it encrypt or decrypt object
+ size_t size; /* first argument to ccgcm_ctx_decl(). */
+ int encdec; // is it encrypt or decrypt object
size_t block_size;
- int (*init)(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx,
- size_t key_len, const void *key);
- int (*set_iv)(ccgcm_ctx *ctx, size_t iv_size, const void *iv);
- int (*gmac)(ccgcm_ctx *ctx, size_t nbytes, const void *in); // could just be gcm with NULL out
- int (*gcm)(ccgcm_ctx *ctx, size_t nbytes, const void *in, void *out);
- int (*finalize)(ccgcm_ctx *key, size_t tag_size, void *tag);
- int (*reset)(ccgcm_ctx *ctx);
+ int (*CC_SPTR(ccmode_gcm, init))(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx, size_t key_nbytes, const void *key);
+ int (*CC_SPTR(ccmode_gcm, set_iv))(ccgcm_ctx *ctx, size_t iv_nbytes, const void *iv);
+ int (*CC_SPTR(ccmode_gcm, gmac))(ccgcm_ctx *ctx, size_t nbytes, const void *in); // could just be gcm with NULL out
+ int (*CC_SPTR(ccmode_gcm, gcm))(ccgcm_ctx *ctx, size_t nbytes, const void *in, void *out);
+ int (*CC_SPTR(ccmode_gcm, finalize))(ccgcm_ctx *key, size_t tag_nbytes, void *tag);
+ int (*CC_SPTR(ccmode_gcm, reset))(ccgcm_ctx *ctx);
const void *custom;
};
-//8- GCM mode, statful
+// 8- CCM mode, stateful
cc_aligned_struct(16) ccccm_ctx;
cc_aligned_struct(16) ccccm_nonce;
struct ccmode_ccm {
- size_t size; /* first argument to ccccm_ctx_decl(). */
- size_t nonce_size; /* first argument to ccccm_nonce_decl(). */
+ size_t size; /* first argument to ccccm_ctx_decl(). */
+ size_t nonce_size; /* first argument to ccccm_nonce_decl(). */
size_t block_size;
- int (*init)(const struct ccmode_ccm *ccm, ccccm_ctx *ctx,
- size_t key_len, const void *key);
- int (*set_iv)(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nonce_len, const void *nonce,
- size_t mac_size, size_t auth_len, size_t data_len);
- int (*cbcmac)(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in); // could just be ccm with NULL out
- int (*ccm)(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in, void *out);
- int (*finalize)(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac);
- int (*reset)(ccccm_ctx *key, ccccm_nonce *nonce_ctx);
+ int (*CC_SPTR(ccmode_ccm, init))(const struct ccmode_ccm *ccm, ccccm_ctx *ctx, size_t key_len, const void *key);
+ int (*CC_SPTR(ccmode_ccm, set_iv))(ccccm_ctx *ctx,
+ ccccm_nonce *nonce_ctx,
+ size_t nonce_len,
+ const void *nonce,
+ size_t mac_size,
+ size_t auth_len,
+ size_t data_len);
+ int (*CC_SPTR(ccmode_ccm, cbcmac))(ccccm_ctx *ctx,
+ ccccm_nonce *nonce_ctx,
+ size_t nbytes,
+ const void *in); // could just be ccm with NULL out
+ int (*CC_SPTR(ccmode_ccm, ccm))(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in, void *out);
+ int (*CC_SPTR(ccmode_ccm, finalize))(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac);
+ int (*CC_SPTR(ccmode_ccm, reset))(ccccm_ctx *key, ccccm_nonce *nonce_ctx);
const void *custom;
};
+/* We need to expose this (currently)to keep CommonCrypto happy. */
+struct _ccmode_ccm_nonce {
+ unsigned char A_i[16]; /* crypto block iv */
+ unsigned char B_i[16]; /* mac block iv */
+ unsigned char MAC[16]; /* crypted mac */
+ unsigned char buf[16]; /* crypt buffer */
+
+ uint32_t mode; /* mode: IV -> AD -> DATA */
+ uint32_t buflen; /* length of data in buf */
+ uint32_t b_i_len; /* length of cbcmac data in B_i */
+
+ size_t nonce_size;
+ size_t mac_size;
+};
/* OMAC mode. */
cc_aligned_struct(16) ccomac_ctx;
struct ccmode_omac {
- size_t size; /* first argument to ccomac_ctx_decl(). */
+ size_t size; /* first argument to ccomac_ctx_decl(). */
size_t block_size;
- void (*init)(const struct ccmode_omac *omac, ccomac_ctx *ctx,
- size_t tweak_len, size_t key_len, const void *key);
- int (*omac)(ccomac_ctx *ctx, size_t nblocks,
- const void *tweak, const void *in, void *out);
+ int (*CC_SPTR(ccmode_omac,
+ init))(const struct ccmode_omac *omac, ccomac_ctx *ctx, size_t tweak_len, size_t key_len, const void *key);
+ int (*CC_SPTR(ccmode_omac, omac))(ccomac_ctx *ctx, size_t nblocks, const void *tweak, const void *in, void *out);
const void *custom;
};