providers/common/ciphers/cipher_aes_hw.c

   1 /*
   2  * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include "cipher_aes.h"
  11 #include "internal/providercommonerr.h"
  12
  13 static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat,
  14                                  const unsigned char *key, size_t keylen)
  15 {
  16     int ret;
  17     PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
  18     AES_KEY *ks = &adat->ks.ks;
  19
  20     dat->ks = ks;
  21
  22     if ((dat->mode == EVP_CIPH_ECB_MODE || dat->mode == EVP_CIPH_CBC_MODE)
  23         && !dat->enc) {
  24 #ifdef HWAES_CAPABLE
  25         if (HWAES_CAPABLE) {
  26             ret = HWAES_set_decrypt_key(key, keylen * 8, ks);
  27             dat->block = (block128_f)HWAES_decrypt;
  28             dat->stream.cbc = NULL;
  29 # ifdef HWAES_cbc_encrypt
  30             if (dat->mode == EVP_CIPH_CBC_MODE)
  31                 dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
  32 # endif
  33         } else
  34 #endif
  35 #ifdef BSAES_CAPABLE
  36         if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CBC_MODE) {
  37             ret = AES_set_decrypt_key(key, keylen * 8, ks);
  38             dat->block = (block128_f)AES_decrypt;
  39             dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt;
  40         } else
  41 #endif
  42 #ifdef VPAES_CAPABLE
  43         if (VPAES_CAPABLE) {
  44             ret = vpaes_set_decrypt_key(key, keylen * 8, ks);
  45             dat->block = (block128_f)vpaes_decrypt;
  46             dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  47                               ?(cbc128_f)vpaes_cbc_encrypt : NULL;
  48         } else
  49 #endif
  50         {
  51             ret = AES_set_decrypt_key(key, keylen * 8, ks);
  52             dat->block = (block128_f)AES_decrypt;
  53             dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  54                               ? (cbc128_f)AES_cbc_encrypt : NULL;
  55         }
  56     } else
  57 #ifdef HWAES_CAPABLE
  58     if (HWAES_CAPABLE) {
  59         ret = HWAES_set_encrypt_key(key, keylen * 8, ks);
  60         dat->block = (block128_f)HWAES_encrypt;
  61         dat->stream.cbc = NULL;
  62 # ifdef HWAES_cbc_encrypt
  63         if (dat->mode == EVP_CIPH_CBC_MODE)
  64             dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
  65         else
  66 # endif
  67 # ifdef HWAES_ctr32_encrypt_blocks
  68         if (dat->mode == EVP_CIPH_CTR_MODE)
  69             dat->stream.ctr = (ctr128_f)HWAES_ctr32_encrypt_blocks;
  70         else
  71 # endif
  72             (void)0;            /* terminate potentially open 'else' */
  73     } else
  74 #endif
  75 #ifdef BSAES_CAPABLE
  76     if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CTR_MODE) {
  77         ret = AES_set_encrypt_key(key, keylen * 8, ks);
  78         dat->block = (block128_f)AES_encrypt;
  79         dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
  80     } else
  81 #endif
  82 #ifdef VPAES_CAPABLE
  83     if (VPAES_CAPABLE) {
  84         ret = vpaes_set_encrypt_key(key, keylen * 8, ks);
  85         dat->block = (block128_f)vpaes_encrypt;
  86         dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  87                           ? (cbc128_f)vpaes_cbc_encrypt : NULL;
  88     } else
  89 #endif
  90     {
  91         ret = AES_set_encrypt_key(key, keylen * 8, ks);
  92         dat->block = (block128_f)AES_encrypt;
  93         dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  94                           ? (cbc128_f)AES_cbc_encrypt : NULL;
  95 #ifdef AES_CTR_ASM
  96         if (dat->mode == EVP_CIPH_CTR_MODE)
  97             dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
  98 #endif
  99     }
 100
 101     if (ret < 0) {
 102         ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED);
 103         return 0;
 104     }
 105
 106     return 1;
 107 }
 108
 109 #define PROV_CIPHER_HW_aes_mode(mode)                                          \
 110 static const PROV_CIPHER_HW aes_##mode = {                                     \
 111     cipher_hw_aes_initkey,                                                     \
 112     cipher_hw_generic_##mode                                                   \
 113 };                                                                             \
 114 PROV_CIPHER_HW_declare(mode)                                                   \
 115 const PROV_CIPHER_HW *PROV_CIPHER_HW_aes_##mode(size_t keybits)                \
 116 {                                                                              \
 117     PROV_CIPHER_HW_select(mode)                                                \
 118     return &aes_##mode;                                                        \
 119 }
 120
 121 #if defined(AESNI_CAPABLE)
 122 # include "cipher_aes_hw_aesni.inc"
 123 #elif defined(SPARC_AES_CAPABLE)
 124 # include "cipher_aes_hw_t4.inc"
 125 #elif defined(S390X_aes_128_CAPABLE)
 126 # include "cipher_aes_hw_s390x.inc"
 127 #else
 128 /* The generic case */
 129 # define PROV_CIPHER_HW_declare(mode)
 130 # define PROV_CIPHER_HW_select(mode)
 131 #endif
 132
 133 PROV_CIPHER_HW_aes_mode(cbc)
 134 PROV_CIPHER_HW_aes_mode(ecb)
 135 PROV_CIPHER_HW_aes_mode(ofb128)
 136 PROV_CIPHER_HW_aes_mode(cfb128)
 137 PROV_CIPHER_HW_aes_mode(cfb1)
 138 PROV_CIPHER_HW_aes_mode(cfb8)
 139 PROV_CIPHER_HW_aes_mode(ctr)