X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/316670eb35587141e969394ae8537d66b9211e80..cc8bc92ae4a8e9f1a1ab61bf83d34ad8150b3405:/libkern/crypto/corecrypto_aes.c diff --git a/libkern/crypto/corecrypto_aes.c b/libkern/crypto/corecrypto_aes.c index 161715af1..3fa1ad333 100644 --- a/libkern/crypto/corecrypto_aes.c +++ b/libkern/crypto/corecrypto_aes.c @@ -57,11 +57,13 @@ aes_rval aes_encrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv return aes_good; } +#if defined (__i386__) || defined (__x86_64__) || defined (__arm64__) /* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */ aes_rval aes_encrypt(const unsigned char *in_blk, unsigned char *out_blk, aes_encrypt_ctx cx[1]) { return aes_encrypt_cbc(in_blk, NULL, 1, out_blk, cx); } +#endif aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1]) { @@ -88,11 +90,13 @@ aes_rval aes_decrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv return aes_good; } +#if defined (__i386__) || defined (__x86_64__) || defined (__arm64__) /* This does one block of ECB, using the CBC implementation - this allow to use the same context for both CBC and ECB */ aes_rval aes_decrypt(const unsigned char *in_blk, unsigned char *out_blk, aes_decrypt_ctx cx[1]) { return aes_decrypt_cbc(in_blk, NULL, 1, out_blk, cx); } +#endif aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]) { @@ -114,3 +118,194 @@ aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]) { return aes_decrypt_key(key, 32, cx); } + +aes_rval aes_encrypt_key_gcm(const unsigned char *key, int key_len, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_init(gcm, ctx, key_len, key); +} + +aes_rval aes_encrypt_key_with_iv_gcm(const unsigned char *key, int key_len, const unsigned char *in_iv, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return g_crypto_funcs->ccgcm_init_with_iv_fn(gcm, ctx, key_len, key, in_iv); +} + +aes_rval aes_encrypt_set_iv_gcm(const unsigned char *in_iv, unsigned int len, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_set_iv(gcm, ctx, len, in_iv); +} + +aes_rval aes_encrypt_reset_gcm(ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_reset(gcm, ctx); +} + +aes_rval aes_encrypt_inc_iv_gcm(unsigned char *out_iv, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return g_crypto_funcs->ccgcm_inc_iv_fn(gcm, ctx, out_iv); +} + +aes_rval aes_encrypt_aad_gcm(const unsigned char *aad, unsigned int aad_bytes, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_gmac(gcm, ctx, aad_bytes, aad); +} + +aes_rval aes_encrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes, + unsigned char *out_blk, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk); //Actually gcm encrypt. +} + +aes_rval aes_encrypt_finalize_gcm(unsigned char *tag, unsigned int tag_bytes, ccgcm_ctx *ctx) +{ + int rc; + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return aes_error; + } + + rc = ccgcm_finalize(gcm, ctx, tag_bytes, tag); + rc |= ccgcm_reset(gcm, ctx); + return rc; +} + +aes_rval aes_decrypt_key_gcm(const unsigned char *key, int key_len, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_init(gcm, ctx, key_len, key); +} + +aes_rval aes_decrypt_key_with_iv_gcm(const unsigned char *key, int key_len, const unsigned char *in_iv, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + return g_crypto_funcs->ccgcm_init_with_iv_fn(gcm, ctx, key_len, key, in_iv); +} + +aes_rval aes_decrypt_set_iv_gcm(const unsigned char *in_iv, unsigned int len, ccgcm_ctx *ctx) +{ + int rc; + + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + rc = ccgcm_reset(gcm, ctx); + rc |= ccgcm_set_iv(gcm, ctx, len, in_iv); + return rc; +} + +aes_rval aes_decrypt_reset_gcm(ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_reset(gcm, ctx); +} + +aes_rval aes_decrypt_inc_iv_gcm(unsigned char *out_iv, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + return g_crypto_funcs->ccgcm_inc_iv_fn(gcm, ctx, out_iv); +} + +aes_rval aes_decrypt_aad_gcm(const unsigned char *aad, unsigned int aad_bytes, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_gmac(gcm, ctx, aad_bytes, aad); +} + +aes_rval aes_decrypt_gcm(const unsigned char *in_blk, unsigned int num_bytes, + unsigned char *out_blk, ccgcm_ctx *ctx) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + return ccgcm_update(gcm, ctx, num_bytes, in_blk, out_blk); //Actually gcm decrypt. +} + +aes_rval aes_decrypt_finalize_gcm(unsigned char *tag, unsigned int tag_bytes, ccgcm_ctx *ctx) +{ + int rc; + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return aes_error; + } + + rc = ccgcm_finalize(gcm, ctx, tag_bytes, tag); + rc |= ccgcm_reset(gcm, ctx); + return rc; +} + +unsigned aes_encrypt_get_ctx_size_gcm(void) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_encrypt; + if (!gcm) { + return 0; + } + return (cc_ctx_sizeof(ccgcm_ctx, gcm->size)); +} + +unsigned aes_decrypt_get_ctx_size_gcm(void) +{ + const struct ccmode_gcm *gcm = g_crypto_funcs->ccaes_gcm_decrypt; + if (!gcm) { + return 0; + } + return (cc_ctx_sizeof(ccgcm_ctx, gcm->size)); +} +