2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/crypto.h>
12 #include <openssl/core_numbers.h>
13 #include <openssl/core_names.h>
14 #include <openssl/evp.h>
15 #include <openssl/params.h>
16 #include "internal/cryptlib.h"
17 #include "internal/provider_algs.h"
18 #include "ciphers_locl.h"
19 #include "internal/providercommonerr.h"
21 static OSSL_OP_cipher_encrypt_init_fn aes_einit;
22 static OSSL_OP_cipher_decrypt_init_fn aes_dinit;
23 static OSSL_OP_cipher_update_fn aes_block_update;
24 static OSSL_OP_cipher_final_fn aes_block_final;
25 static OSSL_OP_cipher_update_fn aes_stream_update;
26 static OSSL_OP_cipher_final_fn aes_stream_final;
27 static OSSL_OP_cipher_cipher_fn aes_cipher;
28 static OSSL_OP_cipher_freectx_fn aes_freectx;
29 static OSSL_OP_cipher_dupctx_fn aes_dupctx;
30 static OSSL_OP_cipher_key_length_fn key_length_256;
31 static OSSL_OP_cipher_key_length_fn key_length_192;
32 static OSSL_OP_cipher_key_length_fn key_length_128;
33 static OSSL_OP_cipher_iv_length_fn iv_length_16;
34 static OSSL_OP_cipher_iv_length_fn iv_length_0;
35 static OSSL_OP_cipher_block_size_fn block_size_16;
36 static OSSL_OP_cipher_block_size_fn block_size_1;
37 static OSSL_OP_cipher_ctx_get_params_fn aes_ctx_get_params;
38 static OSSL_OP_cipher_ctx_set_params_fn aes_ctx_set_params;
40 static int PROV_AES_KEY_generic_init(PROV_AES_KEY *ctx,
41 const unsigned char *iv,
45 if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) {
46 if (ivlen != AES_BLOCK_SIZE) {
47 PROVerr(PROV_F_PROV_AES_KEY_GENERIC_INIT, ERR_R_INTERNAL_ERROR);
50 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
57 static int aes_einit(void *vctx, const unsigned char *key, size_t keylen,
58 const unsigned char *iv, size_t ivlen)
60 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
62 if (!PROV_AES_KEY_generic_init(ctx, iv, ivlen, 1)) {
63 /* PROVerr already called */
67 if (keylen != ctx->keylen) {
68 PROVerr(PROV_F_AES_EINIT, PROV_R_INVALID_KEYLEN);
71 return ctx->ciph->init(ctx, key, ctx->keylen);
77 static int aes_dinit(void *vctx, const unsigned char *key, size_t keylen,
78 const unsigned char *iv, size_t ivlen)
80 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
82 if (!PROV_AES_KEY_generic_init(ctx, iv, ivlen, 0)) {
83 /* PROVerr already called */
87 if (keylen != ctx->keylen) {
88 PROVerr(PROV_F_AES_DINIT, PROV_R_INVALID_KEYLEN);
91 return ctx->ciph->init(ctx, key, ctx->keylen);
97 static int aes_block_update(void *vctx, unsigned char *out, size_t *outl,
98 size_t outsize, const unsigned char *in, size_t inl)
100 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
101 size_t nextblocks = fillblock(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE, &in,
106 * If we're decrypting and we end an update on a block boundary we hold
107 * the last block back in case this is the last update call and the last
110 if (ctx->bufsz == AES_BLOCK_SIZE
111 && (ctx->enc || inl > 0 || !ctx->pad)) {
112 if (outsize < AES_BLOCK_SIZE) {
113 PROVerr(PROV_F_AES_BLOCK_UPDATE, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
116 if (!ctx->ciph->cipher(ctx, out, ctx->buf, AES_BLOCK_SIZE)) {
117 PROVerr(PROV_F_AES_BLOCK_UPDATE, PROV_R_CIPHER_OPERATION_FAILED);
121 outlint = AES_BLOCK_SIZE;
122 out += AES_BLOCK_SIZE;
124 if (nextblocks > 0) {
125 if (!ctx->enc && ctx->pad && nextblocks == inl) {
126 if (!ossl_assert(inl >= AES_BLOCK_SIZE)) {
127 PROVerr(PROV_F_AES_BLOCK_UPDATE, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
130 nextblocks -= AES_BLOCK_SIZE;
132 outlint += nextblocks;
133 if (outsize < outlint) {
134 PROVerr(PROV_F_AES_BLOCK_UPDATE, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
137 if (!ctx->ciph->cipher(ctx, out, in, nextblocks)) {
138 PROVerr(PROV_F_AES_BLOCK_UPDATE, PROV_R_CIPHER_OPERATION_FAILED);
144 if (!trailingdata(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE, &in, &inl)) {
145 /* PROVerr already called */
153 static int aes_block_final(void *vctx, unsigned char *out, size_t *outl,
156 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
160 padblock(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE);
161 } else if (ctx->bufsz == 0) {
164 } else if (ctx->bufsz != AES_BLOCK_SIZE) {
165 PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
169 if (outsize < AES_BLOCK_SIZE) {
170 PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
173 if (!ctx->ciph->cipher(ctx, out, ctx->buf, AES_BLOCK_SIZE)) {
174 PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_CIPHER_OPERATION_FAILED);
178 *outl = AES_BLOCK_SIZE;
183 if (ctx->bufsz != AES_BLOCK_SIZE) {
184 if (ctx->bufsz == 0 && !ctx->pad) {
188 PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
192 if (!ctx->ciph->cipher(ctx, ctx->buf, ctx->buf, AES_BLOCK_SIZE)) {
193 PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_CIPHER_OPERATION_FAILED);
197 if (ctx->pad && !unpadblock(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE)) {
198 /* PROVerr already called */
202 if (outsize < ctx->bufsz) {
203 PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
206 memcpy(out, ctx->buf, ctx->bufsz);
212 static int aes_stream_update(void *vctx, unsigned char *out, size_t *outl,
213 size_t outsize, const unsigned char *in,
216 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
219 PROVerr(PROV_F_AES_STREAM_UPDATE, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
223 if (!ctx->ciph->cipher(ctx, out, in, inl)) {
224 PROVerr(PROV_F_AES_STREAM_UPDATE, PROV_R_CIPHER_OPERATION_FAILED);
231 static int aes_stream_final(void *vctx, unsigned char *out, size_t *outl,
238 static int aes_cipher(void *vctx, unsigned char *out, const unsigned char *in,
241 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
243 if (!ctx->ciph->cipher(ctx, out, in, inl)) {
244 PROVerr(PROV_F_AES_CIPHER, PROV_R_CIPHER_OPERATION_FAILED);
251 #define IMPLEMENT_new_params(lcmode, UCMODE) \
252 static OSSL_OP_cipher_get_params_fn aes_##lcmode##_get_params; \
253 static int aes_##lcmode##_get_params(const OSSL_PARAM params[]) \
255 const OSSL_PARAM *p; \
257 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); \
258 if (p != NULL && !OSSL_PARAM_set_int(p, EVP_CIPH_##UCMODE##_MODE)) \
264 #define IMPLEMENT_new_ctx(lcmode, UCMODE, len) \
265 static OSSL_OP_cipher_newctx_fn aes_##len##_##lcmode##_newctx; \
266 static void *aes_##len##_##lcmode##_newctx(void) \
268 PROV_AES_KEY *ctx = OPENSSL_zalloc(sizeof(*ctx)); \
271 ctx->keylen = (len / 8); \
272 ctx->ciph = PROV_AES_CIPHER_##lcmode(ctx->keylen); \
273 ctx->mode = EVP_CIPH_##UCMODE##_MODE; \
278 IMPLEMENT_new_params(ecb, ECB)
279 IMPLEMENT_new_ctx(ecb, ECB, 256)
280 IMPLEMENT_new_ctx(ecb, ECB, 192)
281 IMPLEMENT_new_ctx(ecb, ECB, 128)
284 IMPLEMENT_new_params(cbc, CBC)
285 IMPLEMENT_new_ctx(cbc, CBC, 256)
286 IMPLEMENT_new_ctx(cbc, CBC, 192)
287 IMPLEMENT_new_ctx(cbc, CBC, 128)
290 IMPLEMENT_new_params(ofb, OFB)
291 IMPLEMENT_new_ctx(ofb, OFB, 256)
292 IMPLEMENT_new_ctx(ofb, OFB, 192)
293 IMPLEMENT_new_ctx(ofb, OFB, 128)
296 IMPLEMENT_new_params(cfb, CFB)
297 IMPLEMENT_new_params(cfb1, CFB)
298 IMPLEMENT_new_params(cfb8, CFB)
299 IMPLEMENT_new_ctx(cfb, CFB, 256)
300 IMPLEMENT_new_ctx(cfb, CFB, 192)
301 IMPLEMENT_new_ctx(cfb, CFB, 128)
302 IMPLEMENT_new_ctx(cfb1, CFB, 256)
303 IMPLEMENT_new_ctx(cfb1, CFB, 192)
304 IMPLEMENT_new_ctx(cfb1, CFB, 128)
305 IMPLEMENT_new_ctx(cfb8, CFB, 256)
306 IMPLEMENT_new_ctx(cfb8, CFB, 192)
307 IMPLEMENT_new_ctx(cfb8, CFB, 128)
310 IMPLEMENT_new_params(ctr, CTR)
311 IMPLEMENT_new_ctx(ctr, CTR, 256)
312 IMPLEMENT_new_ctx(ctr, CTR, 192)
313 IMPLEMENT_new_ctx(ctr, CTR, 128)
315 static void aes_freectx(void *vctx)
317 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
319 OPENSSL_clear_free(ctx, sizeof(*ctx));
322 static void *aes_dupctx(void *ctx)
324 PROV_AES_KEY *in = (PROV_AES_KEY *)ctx;
325 PROV_AES_KEY *ret = OPENSSL_malloc(sizeof(*ret));
328 PROVerr(PROV_F_AES_DUPCTX, ERR_R_MALLOC_FAILURE);
336 static size_t key_length_256(void)
341 static size_t key_length_192(void)
346 static size_t key_length_128(void)
351 static size_t iv_length_16(void)
356 static size_t iv_length_0(void)
361 static size_t block_size_16(void)
366 static size_t block_size_1(void)
371 static int aes_ctx_get_params(void *vctx, const OSSL_PARAM params[])
373 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
376 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
377 if (p != NULL && !OSSL_PARAM_set_int(p, ctx->pad)) {
378 PROVerr(PROV_F_AES_CTX_GET_PARAMS, PROV_R_FAILED_TO_SET_PARAMETER);
385 static int aes_ctx_set_params(void *vctx, const OSSL_PARAM params[])
387 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
390 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
394 if (!OSSL_PARAM_get_int(p, &pad)) {
395 PROVerr(PROV_F_AES_CTX_SET_PARAMS, PROV_R_FAILED_TO_GET_PARAMETER);
398 ctx->pad = pad ? 1 : 0;
403 #define IMPLEMENT_block_funcs(mode, keylen, ivlen) \
404 const OSSL_DISPATCH aes##keylen##mode##_functions[] = { \
405 { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))aes_##keylen##_##mode##_newctx }, \
406 { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_einit }, \
407 { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_dinit }, \
408 { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_block_update }, \
409 { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_block_final }, \
410 { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))aes_cipher }, \
411 { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_freectx }, \
412 { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_dupctx }, \
413 { OSSL_FUNC_CIPHER_KEY_LENGTH, (void (*)(void))key_length_##keylen }, \
414 { OSSL_FUNC_CIPHER_IV_LENGTH, (void (*)(void))iv_length_##ivlen }, \
415 { OSSL_FUNC_CIPHER_BLOCK_SIZE, (void (*)(void))block_size_16 }, \
416 { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))aes_##mode##_get_params }, \
417 { OSSL_FUNC_CIPHER_CTX_GET_PARAMS, (void (*)(void))aes_ctx_get_params }, \
418 { OSSL_FUNC_CIPHER_CTX_SET_PARAMS, (void (*)(void))aes_ctx_set_params }, \
422 #define IMPLEMENT_stream_funcs(mode, keylen, ivlen) \
423 const OSSL_DISPATCH aes##keylen##mode##_functions[] = { \
424 { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))aes_##keylen##_##mode##_newctx }, \
425 { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_einit }, \
426 { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_dinit }, \
427 { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_stream_update }, \
428 { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_stream_final }, \
429 { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))aes_cipher }, \
430 { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_freectx }, \
431 { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_dupctx }, \
432 { OSSL_FUNC_CIPHER_KEY_LENGTH, (void (*)(void))key_length_##keylen }, \
433 { OSSL_FUNC_CIPHER_IV_LENGTH, (void (*)(void))iv_length_##ivlen }, \
434 { OSSL_FUNC_CIPHER_BLOCK_SIZE, (void (*)(void))block_size_1 }, \
435 { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))aes_##mode##_get_params }, \
436 { OSSL_FUNC_CIPHER_CTX_GET_PARAMS, (void (*)(void))aes_ctx_get_params }, \
437 { OSSL_FUNC_CIPHER_CTX_SET_PARAMS, (void (*)(void))aes_ctx_set_params }, \
442 IMPLEMENT_block_funcs(ecb, 256, 0)
443 IMPLEMENT_block_funcs(ecb, 192, 0)
444 IMPLEMENT_block_funcs(ecb, 128, 0)
447 IMPLEMENT_block_funcs(cbc, 256, 16)
448 IMPLEMENT_block_funcs(cbc, 192, 16)
449 IMPLEMENT_block_funcs(cbc, 128, 16)
452 IMPLEMENT_stream_funcs(ofb, 256, 16)
453 IMPLEMENT_stream_funcs(ofb, 192, 16)
454 IMPLEMENT_stream_funcs(ofb, 128, 16)
457 IMPLEMENT_stream_funcs(cfb, 256, 16)
458 IMPLEMENT_stream_funcs(cfb, 192, 16)
459 IMPLEMENT_stream_funcs(cfb, 128, 16)
460 IMPLEMENT_stream_funcs(cfb1, 256, 16)
461 IMPLEMENT_stream_funcs(cfb1, 192, 16)
462 IMPLEMENT_stream_funcs(cfb1, 128, 16)
463 IMPLEMENT_stream_funcs(cfb8, 256, 16)
464 IMPLEMENT_stream_funcs(cfb8, 192, 16)
465 IMPLEMENT_stream_funcs(cfb8, 128, 16)
468 IMPLEMENT_stream_funcs(ctr, 256, 16)
469 IMPLEMENT_stream_funcs(ctr, 192, 16)
470 IMPLEMENT_stream_funcs(ctr, 128, 16)
projects / openssl.git / blob