1 /* 2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * This file uses the low level AES functions (which are deprecated for 12 * non-internal use) in order to implement provider AES ciphers. 13 */ 14 #include "internal/deprecated.h" 15 16 #include "cipher_aes_xts.h" 17 18 #define XTS_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key, \ 19 fn_block_enc, fn_block_dec, \ 20 fn_stream_enc, fn_stream_dec) { \ 21 size_t bytes = keylen / 2; \ 22 size_t bits = bytes * 8; \ 23 \ 24 if (ctx->enc) { \ 25 fn_set_enc_key(key, bits, &xctx->ks1.ks); \ 26 xctx->xts.block1 = (block128_f)fn_block_enc; \ 27 } else { \ 28 fn_set_dec_key(key, bits, &xctx->ks1.ks); \ 29 xctx->xts.block1 = (block128_f)fn_block_dec; \ 30 } \ 31 fn_set_enc_key(key + bytes, bits, &xctx->ks2.ks); \ 32 xctx->xts.block2 = (block128_f)fn_block_enc; \ 33 xctx->xts.key1 = &xctx->ks1; \ 34 xctx->xts.key2 = &xctx->ks2; \ 35 xctx->stream = ctx->enc ? fn_stream_enc : fn_stream_dec; \ 36 } 37 38 static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx, 39 const unsigned char *key, 40 size_t keylen) 41 { 42 PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx; 43 OSSL_xts_stream_fn stream_enc = NULL; 44 OSSL_xts_stream_fn stream_dec = NULL; 45 46 #ifdef AES_XTS_ASM 47 stream_enc = AES_xts_encrypt; 48 stream_dec = AES_xts_decrypt; 49 #endif /* AES_XTS_ASM */ 50 51 #ifdef HWAES_CAPABLE 52 if (HWAES_CAPABLE) { 53 # ifdef HWAES_xts_encrypt 54 stream_enc = HWAES_xts_encrypt; 55 # endif /* HWAES_xts_encrypt */ 56 # ifdef HWAES_xts_decrypt 57 stream_dec = HWAES_xts_decrypt; 58 # endif /* HWAES_xts_decrypt */ 59 XTS_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key, 60 HWAES_encrypt, HWAES_decrypt, 61 stream_enc, stream_dec); 62 return 1; 63 } else 64 #endif /* HWAES_CAPABLE */ 65 66 #ifdef BSAES_CAPABLE 67 if (BSAES_CAPABLE) { 68 stream_enc = ossl_bsaes_xts_encrypt; 69 stream_dec = ossl_bsaes_xts_decrypt; 70 } else 71 #endif /* BSAES_CAPABLE */ 72 #ifdef VPAES_CAPABLE 73 if (VPAES_CAPABLE) { 74 XTS_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_set_decrypt_key, 75 vpaes_encrypt, vpaes_decrypt, stream_enc, stream_dec); 76 return 1; 77 } else 78 #endif /* VPAES_CAPABLE */ 79 { 80 (void)0; 81 } 82 { 83 XTS_SET_KEY_FN(AES_set_encrypt_key, AES_set_decrypt_key, 84 AES_encrypt, AES_decrypt, stream_enc, stream_dec); 85 } 86 return 1; 87 } 88 89 static void cipher_hw_aes_xts_copyctx(PROV_CIPHER_CTX *dst, 90 const PROV_CIPHER_CTX *src) 91 { 92 PROV_AES_XTS_CTX *sctx = (PROV_AES_XTS_CTX *)src; 93 PROV_AES_XTS_CTX *dctx = (PROV_AES_XTS_CTX *)dst; 94 95 *dctx = *sctx; 96 dctx->xts.key1 = &dctx->ks1.ks; 97 dctx->xts.key2 = &dctx->ks2.ks; 98 } 99 100 #if defined(AESNI_CAPABLE) 101 102 static int cipher_hw_aesni_xts_initkey(PROV_CIPHER_CTX *ctx, 103 const unsigned char *key, size_t keylen) 104 { 105 PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx; 106 107 XTS_SET_KEY_FN(aesni_set_encrypt_key, aesni_set_decrypt_key, 108 aesni_encrypt, aesni_decrypt, 109 aesni_xts_encrypt, aesni_xts_decrypt); 110 return 1; 111 } 112 113 # define PROV_CIPHER_HW_declare_xts() \ 114 static const PROV_CIPHER_HW aesni_xts = { \ 115 cipher_hw_aesni_xts_initkey, \ 116 NULL, \ 117 cipher_hw_aes_xts_copyctx \ 118 }; 119 # define PROV_CIPHER_HW_select_xts() \ 120 if (AESNI_CAPABLE) \ 121 return &aesni_xts; 122 123 # elif defined(SPARC_AES_CAPABLE) 124 125 static int cipher_hw_aes_xts_t4_initkey(PROV_CIPHER_CTX *ctx, 126 const unsigned char *key, size_t keylen) 127 { 128 PROV_AES_XTS_CTX *xctx = (PROV_AES_XTS_CTX *)ctx; 129 OSSL_xts_stream_fn stream_enc = NULL; 130 OSSL_xts_stream_fn stream_dec = NULL; 131 132 /* Note: keylen is the size of 2 keys */ 133 switch (keylen) { 134 case 32: 135 stream_enc = aes128_t4_xts_encrypt; 136 stream_dec = aes128_t4_xts_decrypt; 137 break; 138 case 64: 139 stream_enc = aes256_t4_xts_encrypt; 140 stream_dec = aes256_t4_xts_decrypt; 141 break; 142 default: 143 return 0; 144 } 145 146 XTS_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_set_decrypt_key, 147 aes_t4_encrypt, aes_t4_decrypt, 148 stream_enc, stream_dec); 149 return 1; 150 } 151 152 # define PROV_CIPHER_HW_declare_xts() \ 153 static const PROV_CIPHER_HW aes_xts_t4 = { \ 154 cipher_hw_aes_xts_t4_initkey, \ 155 NULL, \ 156 cipher_hw_aes_xts_copyctx \ 157 }; 158 # define PROV_CIPHER_HW_select_xts() \ 159 if (SPARC_AES_CAPABLE) \ 160 return &aes_xts_t4; 161 # else 162 /* The generic case */ 163 # define PROV_CIPHER_HW_declare_xts() 164 # define PROV_CIPHER_HW_select_xts() 165 #endif 166 167 static const PROV_CIPHER_HW aes_generic_xts = { 168 cipher_hw_aes_xts_generic_initkey, 169 NULL, 170 cipher_hw_aes_xts_copyctx 171 }; 172 PROV_CIPHER_HW_declare_xts() 173 const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_xts(size_t keybits) 174 { 175 PROV_CIPHER_HW_select_xts() 176 return &aes_generic_xts; 177 } 178