2 * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * This file uses the low level AES functions (which are deprecated for
12 * non-internal use) in order to implement provider AES ciphers.
14 #include "internal/deprecated.h"
16 #include "cipher_aes.h"
17 #include "prov/providercommonerr.h"
19 static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat,
20 const unsigned char *key, size_t keylen)
23 PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
24 AES_KEY *ks = &adat->ks.ks;
28 if ((dat->mode == EVP_CIPH_ECB_MODE || dat->mode == EVP_CIPH_CBC_MODE)
32 ret = HWAES_set_decrypt_key(key, keylen * 8, ks);
33 dat->block = (block128_f)HWAES_decrypt;
34 dat->stream.cbc = NULL;
35 # ifdef HWAES_cbc_encrypt
36 if (dat->mode == EVP_CIPH_CBC_MODE)
37 dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
39 # ifdef HWAES_ecb_encrypt
40 if (dat->mode == EVP_CIPH_ECB_MODE)
41 dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt;
46 if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CBC_MODE) {
47 ret = AES_set_decrypt_key(key, keylen * 8, ks);
48 dat->block = (block128_f)AES_decrypt;
49 dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt;
54 ret = vpaes_set_decrypt_key(key, keylen * 8, ks);
55 dat->block = (block128_f)vpaes_decrypt;
56 dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
57 ?(cbc128_f)vpaes_cbc_encrypt : NULL;
61 ret = AES_set_decrypt_key(key, keylen * 8, ks);
62 dat->block = (block128_f)AES_decrypt;
63 dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
64 ? (cbc128_f)AES_cbc_encrypt : NULL;
69 ret = HWAES_set_encrypt_key(key, keylen * 8, ks);
70 dat->block = (block128_f)HWAES_encrypt;
71 dat->stream.cbc = NULL;
72 # ifdef HWAES_cbc_encrypt
73 if (dat->mode == EVP_CIPH_CBC_MODE)
74 dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
77 # ifdef HWAES_ecb_encrypt
78 if (dat->mode == EVP_CIPH_ECB_MODE)
79 dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt;
82 # ifdef HWAES_ctr32_encrypt_blocks
83 if (dat->mode == EVP_CIPH_CTR_MODE)
84 dat->stream.ctr = (ctr128_f)HWAES_ctr32_encrypt_blocks;
87 (void)0; /* terminate potentially open 'else' */
91 if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CTR_MODE) {
92 ret = AES_set_encrypt_key(key, keylen * 8, ks);
93 dat->block = (block128_f)AES_encrypt;
94 dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
99 ret = vpaes_set_encrypt_key(key, keylen * 8, ks);
100 dat->block = (block128_f)vpaes_encrypt;
101 dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
102 ? (cbc128_f)vpaes_cbc_encrypt : NULL;
106 ret = AES_set_encrypt_key(key, keylen * 8, ks);
107 dat->block = (block128_f)AES_encrypt;
108 dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
109 ? (cbc128_f)AES_cbc_encrypt : NULL;
111 if (dat->mode == EVP_CIPH_CTR_MODE)
112 dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
117 ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED);
124 IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aes_copyctx, PROV_AES_CTX)
126 #define PROV_CIPHER_HW_aes_mode(mode) \
127 static const PROV_CIPHER_HW aes_##mode = { \
128 cipher_hw_aes_initkey, \
129 cipher_hw_generic_##mode, \
130 cipher_hw_aes_copyctx \
132 PROV_CIPHER_HW_declare(mode) \
133 const PROV_CIPHER_HW *PROV_CIPHER_HW_aes_##mode(size_t keybits) \
135 PROV_CIPHER_HW_select(mode) \
136 return &aes_##mode; \
139 #if defined(AESNI_CAPABLE)
140 # include "cipher_aes_hw_aesni.inc"
141 #elif defined(SPARC_AES_CAPABLE)
142 # include "cipher_aes_hw_t4.inc"
143 #elif defined(S390X_aes_128_CAPABLE)
144 # include "cipher_aes_hw_s390x.inc"
146 /* The generic case */
147 # define PROV_CIPHER_HW_declare(mode)
148 # define PROV_CIPHER_HW_select(mode)
151 PROV_CIPHER_HW_aes_mode(cbc)
152 PROV_CIPHER_HW_aes_mode(ecb)
153 PROV_CIPHER_HW_aes_mode(ofb128)
154 PROV_CIPHER_HW_aes_mode(cfb128)
155 PROV_CIPHER_HW_aes_mode(cfb1)
156 PROV_CIPHER_HW_aes_mode(cfb8)
157 PROV_CIPHER_HW_aes_mode(ctr)